Information Security Professional

KINYASI MONYI

EMAIL: *********@****.***, PHONE: 585-***-****

Passionate individual who can assist in protecting an organization's IT infrastructure utilizing technical proficiency from formal and on-the-job experience. Looking for an opportunity to expand my technical experience and/or work in the cyber security industry where I can apply my skills in network security, penetration testing, IT security analysis and audit, and digital forensics Skill Highlights

• IT Security Audit

• Penetration Testing

• Malware Analysis

• Vulnerability Assessment

• Security Incident Response

• Digital Forensics

• Network/Computer Security

• C++, Perl, Bash, MySQL, Groovy, Familiar with Java & Python

• System Admin

• Knowledge with DevOps, ServiceNow, & SharePoint

• Tools: Burp Suite, Nikto2, ZAP, ForeScout, AirDefense, ArcSight, Riverbed, BlueCoat, FireEye, CheckPoint, Trustwave,Wireshark, Zenmap, FireWalk, Cain &

Abel, AppScan, Splunk, Kali Linux, Metasploit, Snort, IDA Pro, EnCase, FTK. SharePoint, ServiceNow,

FlexDeploy, Jira, Hashicorp Vault, Kubernetes, Jenkins, MsBuild, Jenkins, SonarQube, CheckMarx.

• Fluent in English, American Sign Language, and

Swahili (Native Speaker)

Experience

IT Consultant 05/2017 to Current

Prudential Financial Newark, NJ

• As part of DevOps team,

o Implemented FlexDeploy integration with Hashicorp Vault and Jira endpoints in DEV, and QA, and Production. o Created credentials stores in FlexDeploy for users to retrieve secrets from Hashicorp vault instead of manually typing when attempting to connect to their accounts. o Created FlexDeploy security groups and mapped them to corresponding external LDAP groups. o Created Groovy scripts for project and workflow in FlexDeploy for file migration, execution, and database connection between FlexDeploy and HashiCorp Vault/Jira/Kubernetes. o Utilized Kubernetes container to deploy and upgrade FlexDeploy latest version in DEV and QA instances.

• As part of Prudential’s migration from an aging Lotus Notes Platform, o Developed and implemented a SharePoint application for Individual Life Insurance (ILI) department to be used for creating, managing, and recording work and change requests. o Created and implemented a SharePoint application for managing information for Prudential's corporate wide Check Writing Application (PRIDE).

o Created and developed a ServiceNow database application for the Business Information Security Office

(BISO) to be used for processing security exceptions. o Assisted the BISO with the migration of all existing Enterprise Security Exception Requests from Lotus Notes to ServiceNow.

• Central point of contact for all issues related to SharePoint and ServiceNow applications. Information Security Analyst/Intern 06/2015 to 08/2015 Prudential Financial Roseland, NJ

• Developed IDS monitoring Bash script that aids in generating network traffics across sub networks monitored by FireEye IDS. The scripts assist in ensuring that IDS environment is up and running properly.

• Designed a BlueCoat auto-submit Python script that auto submits potentially malicious URLs to Bluecoat site review webapi (http://sitereview.bluecoat.com/sitereview) for a review and categorization.

• Developed a Python script that automates the determination of the source IPs of the device that sent a query of potentially malicious domains based upon the alerts from FireEye IDS.

• Designed a PIR dynamic dashboard using Microsoft Excel 2007 for the ISO to assist them with updating all Project Initiation Requests that are either in progress, pending, completed, or declined. Security Engineer Intern/Co-op 06/2014 to 08/2014

Paychex Inc. Webster, NY

• Reviewed daily reports of network traffic, WiFi usage and proxy traffic for malicious activity.

• Worked with security engineering team to identify and mitigate any discovered infected devices and security issues.

• Identified system vulnerabilities using a number of commercial and open source tools.

• Monitored and responded to incident tickets regarding internet proxies, firewalls, and wireless security.

• Reviewed network behavior analysis systems to monitor changing trends on internal and external networks.

• Reviewed alerts and security incidents from Security Event Manager (SIM/SEM) for suspicious activity.

• Authored two full-fledged investigative reports pertaining to internet logs and bandwidth usage during the 2014 FIFA World Cup games.

Education

Bachelor of Science: Computing Security 2016

Rochester Institute of Technology

Master of Science: Computing Security In Progress

New England College – School of Graduate and Professional Studies

Contact this candidate