Information Security Software Engineer
Resume:
JOHNNY ZHENG
Cyber Security Professional
Email: ****************@*****.***
LinkedIn: http://www.linkedin.com/in/johnny-zheng
Education:
Buffalo State College Dec 2018
Bachelor of Science in Computer Information System
Udacity Nanodegree Nov 2020
Cyber Security Professional
Skill:
Language: Chinese (Mandarin), English
Programming Language: C++, JavaScript, HTML, MySQL
Technologies: Nmap, VirtualBox, 7zip, CIS control, Nessus, HashCat
Work Experience:
Revature: Technology Development Jan 2020 - Apr 2020
Assistance Software Engineer
Designed an interactive website using HTML and CSS together with JavaScript
Implemented data access objects(DAOs) to perform CRUD operations
Used JDBC to prepare request statements and connect to SQL database
Hosted the application on an Apache Tomcat server
Center for Diagnostic Imaging (CDI) Feb 2019 - Aug 2019
Data Analysis & Data Entry
Transforms raw data collected through our internal systems into actionable information.
Cooperating with other team leaders, work with collects, and analyzes metrics.
Manipulates data to provide meaningful insights; Identifies and explores cost drivers.
Projects:
Hospital Incident Response: Cyber Security Analyst Nov - 2020
Many hospitals noticed that a FIN4 Bit Cryptor had pop on the system, showing the original files have been deleted and will only be recovered by sending bitcoins to the provided address within the next 60 hours. Delete this application hospital will not get their file and documents back to the original location.
Responsibilities:
A detailed summary of the situation, asset, impacts, threat actor, threat motivation, and threat techniques.
Use Nessus to run a vulnerability scan against the log server level by critical, high, medium, low.
Use penetration test against the user's passwords by Brute Force Attack and reinforce weak passwords.
Create an Incident response plan checklist and recommendation to eradicate malicious software.
Environment / Technologies: Window 10, Hashcat, brute force attack, Nmap.
Douglas Financials Inc: Security Operation Specialist Oct - 2020
Douglas Financials Inc (DFI from here forward) has experienced booming growth and, as a result, is ready to add a Security Analyst position. Previously Information Security responsibilities fell on our System Administration team.
Responsibilities:
Authorization to each folder, Disable game(Xbox), Disable remote service.
Using Cisco syntax, create the text of a firewall rule allowing a new DFI partner WBC International.
Create IDS rules to alert an IP address receiving a high volume of ICMP traffic.
Use TFTP protocol to transfer a file, and on top of the Internet User Datagram Protocol (UDP).
Create a firewall alert response and provide a mitigation response.
Create directories with proper authentication permissions to access files and documents on the CentOS.
Environment / Technologies: Linux(CentOS), RDP, SSH(via PowerShell), Firewall rules, VPN encryption, IDS, DDos, TFTP, File Hash
SwitchTech: Cybersecurity GRC analyst Oct - 2020
SwiftTech prides itself on being first-to-market with innovative technology solutions that improve work efficiency for companies worldwide. Their latest product is a Software-as-a-Service (SaaS) solution that makes Project Tracking a breeze. Also, expect SaaS vendors to provide a SOCII report to establish a baseline for cybersecurity controls and validate their effectiveness. Recently hired an outside firm, Firehawk Security, to perform a readiness assessment in preparation for pursuing a SOCII attestation report.
Responsibilities:
Explains SwiftTech's overall cybersecurity risk posture as Risk Accepting, Risk Neutral, or Risk Averse.
Identify regulatory frameworks, standards, or guidance that use to measure the existing security controls.
Identified relevant security frameworks to compare the Firehawk Security Data Flow diagram
Use the control measures pointed out by Firehawk to start a basic risk assessment and
Develop a new information security policy to incorporate the control measures pointed out by Firehawk.
Environment / Technologies: Window 10, CISO, SOCII, VPC3, TLS, Network diagram, VPN
Contact this candidate