Intisar Khan

adk3tq@r.postjobfree.com 571-***-**** U.S Citizen Public Trust

Objective

Information Technology (IT) graduate with a concentration in Information Security. An IT education from George Mason University’s Volgenau School of Engineering taught me the technical and business skills needed to confidently tackle the public and private sectors of IT. Areas of expertise include; cloud security, administrative work, networking, telecommunications web design, database management, project management, UI/UX development, and crafting security policies.

Education

B.S. INFORMATION TECHNOLOGY WITH INFORMATION SECURITY CONCENTRATION (2018)

-GEORGE MASON UNIVERSITY- FAIRFAX, VA

Certifications

Security +

AWS Certified Solutions Architect – Associate (SAA)

Security Experience

Configured AWS architecture with WAF(Web Application Firewall) and Cloudwatch to protect against SQL injection, cross-site scripting and white listed valid IP addresses

OWASP:

oSQL injections, Cross Site Scripting and XML injections on multiple software programs

oUsed IAM(Identity Access Management) by delegating user roles, multi-factor policy, group policy, created bucket policies (JSON objects)

Ex: Implemented Microsoft Active Directory with AD connector to assign roles to users

oSecrets Manager,Protected software programs by encrypting data at rest and in-transit

Secured VPC with security groups, routing tables and NACL

Followed and implemented standards such as HIPAA, CMMI, RMF (Risk Management Framework) and IS0 9000

Created a BYOD policy for individuals who bring their computer or smart-phone to work.

Created a Risk Management Framework for Technuf’s current security posture. Focusing on network security.

oCategorize: Cisco switches, wifi routers and Ethernet ports (FIPS 199/SP 800-60)

oSelect: AC-18, PE-6,AC-17 (SP 800-53) Physical and Environmental Protection, Awareness and Training, Configuration Management, Identification and Authentication (FIPS 200)

oImplement: Created a checklist for wireless security. Ex: using secure vpn, ensuring secure physical access and proper wireless encryption. (SP 800-70)

oAssess: Created an Excel Sheet with description,total cost, monthly payment, security compliances and NIST SP 800-53 controls (SP 800-53a)

oAuthorize: Created effective documentation to communicate Tier 1(Org),2(Mission/Business Process) and 3(Information systems) to create comprehensive risk management. Made a Cybersecurity Framework to respond to possible attacks to Technuf’s wifi network. (SP-800-37)

oMonitor: Created documentation how to check on security controls. Ex: How to monitor physical security, if vpn software is up to date and if correct wifi encryption is used(SP 800-137)

Pen-testing: WiFi network for password and information using Kali Linux

oReconnaissance: google.com, facebook.com, social engineering

oScanning: nmap, Airgeddon

oGaining Access: Airgeddon, driftnet

oMaintaining Access: Saving password and pictures for later use.

oCover Tracks: Spoofing kali linux’s ip address, nosiy

Security Knowledge

Information Security Fundamentals – Wireless Security, Network Attacks, Physical Security

Information Security Principles – BYOD Policies, Incident Response Plan, Risk Assessment

Data Application Security – ICS/SCADA and SQL Injections

Sec Accreditation of Information Systems -RMF, FedRAMP and Certification & Accreditation Process

Computer Crime/Forensic/Auditing – Password Cracking, logging and auditing, hardware forensics, Crime Scene Activity and software forensics

Network Security – Symmetric and Asymmetric cryptography, MAC, hash, digital certificates, public key infrastructure and access control

Network Security and Cryptography – IPSec, SSL/TLS and Kerberos

Information Defense Technologies – Asymmetric warfare, psyop, CISTAR and Geo-spatial Technologies

Technology Profile

Java/Python/JavaScript

PHP/SQL/MySQL/Bash/SQLlite/JSON

HTML/CSS/Django

Matlab/Wireshark/

Kali Linux

oNMAP, Metasploit, Airgeddon, settoolkit, driftnet

Microsoft Office Suite

Amazon Web Services

oLambda, VPC, EC2,Secrets Manager,CLI and S3

VMware/Virtual Box/Linux (Terminal)

Tableau/Data Visualization

Adobe Photoshop/Dreamweaver/Flash

Risk Management Framework/Incident Response/Risk Assessment

Familiarity with industry standards such as: FIPS 199/200, NIST SP 800-53,60,66, 137, ISO 27000/27001

SCADA/Geo-Spatial Technologies/CISTAR

Testrail, Jira, Agile and Watefall

Employment

IRONNET CYBERSECURITY CYBER THREAT INTELLIGENCE ANALYST DECEMBER 2019- PRESENT TYSONS CORNER, VIRGINIA

Create AWS lambda scripts to automate creation of Threat Intelligence Rules for clients and internal blacklists for Ironnet’s firewall

Improve upon bash scripts to deploy weekly Threat Intelligence Rules in JSON format to Site Reliability Engineers

Use Feedly to post relevant cybersecurity articles to IronNet customers and team members

Work on Ironnet’s database to refine, gather information and troubleshoot any issues pertaining to Threat Intelligence Rules

Attend SSC,CCC and Vulnerability patch meetings to keep OS systems, applications and internal network secured

Creating a python RSS Feed Reader project which uses the Django framework to aggregate RSS information for users to parse news quickly

IDAHO NATIONAL LABORATORY SOFTWARE QUALITY CONTROL SPECIALIST MAY 2019-NOVEMBER 2019 IDAHO, IDAHO FALLS

Tested, created and revised test cases for multiple Idaho National Laboratory government projects.

Performed integration, system, regression, smoke, security testing and user acceptance testing throughout multiple software projects.

Used tools such as Testrail and Jira to effectively manage bugs

Worked in an Agile and Waterfall environment constantly communicating with developers and leads on bugs and development updates.

Used Jmeter to do load and performance testing

TECHNUF QA TESTER TO SECURITY CLOUD SPECIALIST JUNE 2018- APRIL 2019 ROCKVILLE MARYLAND

Worked with Jira to post, review and determine status of bugs to help meet testing deadlines.

Found bugs in the Health Connect program and created professional documentation for others to recreate the bugs efficiently and developers to fix the bug easily.

Looked over input forms for logic errors, exception handling, UI formats and bug.

Integrated Technuf’s inventory system with QR tags that I created for each item which has helpful metadata for employees to use.

Physically configured Technuf’s Internet network by setting up CAT 6 wiring system around the office, connecting routers, switches and creating Ethernet cables allowing faster Internet connection for employees.

Created documentation for company’s network such as port, wiring and network mappings allowing employees to understand how Technuf’s Internet works and make future improvements.

Hands on experience with AWS by setting up a VPC with private and public subnets. Hosted a tableau server inside an EC2 server by placing it in a private subnet which was connected to a NAT gateway.

Created AWS architecture documentation that provided insight on how to improve current information architecture by decreasing latency, creating a secure network, establishing high availability and providing fault tolerance solution.

Created a BYOD Policy, Risk Management Framework for Technuf’s security posture and showed an example of a pen test of Technuf’s security posture to the CEO and President

Courses

Discrete Structures, IT Problem Solving, Database Fundamentals, Multimedia and Web Design, Modern Telecommunications, Data Communications and Network Principles, Systems Analysis and Design, Accounting in a Global Economy, Object Techniques for IT Problem Solving, IT Project Management, Human Computer Interaction

Undergraduate Projects

Link to course projects http://netneutralityinamerica.blogspot.com/2017/05/it-projects.html

Projects include; JAVA, python, HTML, CSS, VISIO and Photoshop.

Github: https://github.com/DarkMan585

Contact this candidate