Information Security Manager
Resume:
Intisar Khan
*******@***.*** 571-***-**** U.S Citizen Public Trust
Objective
Information Technology (IT) graduate with a concentration in Information Security. An IT education from George Mason University’s Volgenau School of Engineering taught me the technical and business skills needed to confidently tackle the public and private sectors of IT. Areas of expertise include; cloud security, administrative work, networking, telecommunications web design, database management, project management, UI/UX development, and crafting security policies.
Education
B.S. INFORMATION TECHNOLOGY WITH INFORMATION SECURITY CONCENTRATION (2018)
-GEORGE MASON UNIVERSITY- FAIRFAX, VA
Certifications
Security +
AWS Certified Solutions Architect – Associate (SAA)
Security Experience
Configured AWS architecture with WAF(Web Application Firewall) and Cloudwatch to protect against SQL injection, cross-site scripting and white listed valid IP addresses
OWASP:
oSQL injections, Cross Site Scripting and XML injections on multiple software programs
oUsed IAM(Identity Access Management) by delegating user roles, multi-factor policy, group policy, created bucket policies (JSON objects)
Ex: Implemented Microsoft Active Directory with AD connector to assign roles to users
oSecrets Manager,Protected software programs by encrypting data at rest and in-transit
Secured VPC with security groups, routing tables and NACL
Followed and implemented standards such as HIPAA, CMMI, RMF (Risk Management Framework) and IS0 9000
Created a BYOD policy for individuals who bring their computer or smart-phone to work.
Created a Risk Management Framework for Technuf’s current security posture. Focusing on network security.
oCategorize: Cisco switches, wifi routers and Ethernet ports (FIPS 199/SP 800-60)
oSelect: AC-18, PE-6,AC-17 (SP 800-53) Physical and Environmental Protection, Awareness and Training, Configuration Management, Identification and Authentication (FIPS 200)
oImplement: Created a checklist for wireless security. Ex: using secure vpn, ensuring secure physical access and proper wireless encryption. (SP 800-70)
oAssess: Created an Excel Sheet with description,total cost, monthly payment, security compliances and NIST SP 800-53 controls (SP 800-53a)
oAuthorize: Created effective documentation to communicate Tier 1(Org),2(Mission/Business Process) and 3(Information systems) to create comprehensive risk management. Made a Cybersecurity Framework to respond to possible attacks to Technuf’s wifi network. (SP-800-37)
oMonitor: Created documentation how to check on security controls. Ex: How to monitor physical security, if vpn software is up to date and if correct wifi encryption is used(SP 800-137)
Pen-testing: WiFi network for password and information using Kali Linux
oReconnaissance: google.com, facebook.com, social engineering
oScanning: nmap, Airgeddon
oGaining Access: Airgeddon, driftnet
oMaintaining Access: Saving password and pictures for later use.
oCover Tracks: Spoofing kali linux’s ip address, nosiy
Security Knowledge
Information Security Fundamentals – Wireless Security, Network Attacks, Physical Security
Information Security Principles – BYOD Policies, Incident Response Plan, Risk Assessment
Data Application Security – ICS/SCADA and SQL Injections
Sec Accreditation of Information Systems -RMF, FedRAMP and Certification & Accreditation Process
Computer Crime/Forensic/Auditing – Password Cracking, logging and auditing, hardware forensics, Crime Scene Activity and software forensics
Network Security – Symmetric and Asymmetric cryptography, MAC, hash, digital certificates, public key infrastructure and access control
Network Security and Cryptography – IPSec, SSL/TLS and Kerberos
Information Defense Technologies – Asymmetric warfare, psyop, CISTAR and Geo-spatial Technologies
Technology Profile
Java/Python/JavaScript
PHP/SQL/MySQL/Bash/SQLlite/JSON
HTML/CSS/Django
Matlab/Wireshark/
Kali Linux
oNMAP, Metasploit, Airgeddon, settoolkit, driftnet
Microsoft Office Suite
Amazon Web Services
oLambda, VPC, EC2,Secrets Manager,CLI and S3
VMware/Virtual Box/Linux (Terminal)
Tableau/Data Visualization
Adobe Photoshop/Dreamweaver/Flash
Risk Management Framework/Incident Response/Risk Assessment
Familiarity with industry standards such as: FIPS 199/200, NIST SP 800-53,60,66, 137, ISO 27000/27001
SCADA/Geo-Spatial Technologies/CISTAR
Testrail, Jira, Agile and Watefall
Employment
IRONNET CYBERSECURITY CYBER THREAT INTELLIGENCE ANALYST DECEMBER 2019- PRESENT TYSONS CORNER, VIRGINIA
Create AWS lambda scripts to automate creation of Threat Intelligence Rules for clients and internal blacklists for Ironnet’s firewall
Improve upon bash scripts to deploy weekly Threat Intelligence Rules in JSON format to Site Reliability Engineers
Use Feedly to post relevant cybersecurity articles to IronNet customers and team members
Work on Ironnet’s database to refine, gather information and troubleshoot any issues pertaining to Threat Intelligence Rules
Attend SSC,CCC and Vulnerability patch meetings to keep OS systems, applications and internal network secured
Creating a python RSS Feed Reader project which uses the Django framework to aggregate RSS information for users to parse news quickly
IDAHO NATIONAL LABORATORY SOFTWARE QUALITY CONTROL SPECIALIST MAY 2019-NOVEMBER 2019 IDAHO, IDAHO FALLS
Tested, created and revised test cases for multiple Idaho National Laboratory government projects.
Performed integration, system, regression, smoke, security testing and user acceptance testing throughout multiple software projects.
Used tools such as Testrail and Jira to effectively manage bugs
Worked in an Agile and Waterfall environment constantly communicating with developers and leads on bugs and development updates.
Used Jmeter to do load and performance testing
TECHNUF QA TESTER TO SECURITY CLOUD SPECIALIST JUNE 2018- APRIL 2019 ROCKVILLE MARYLAND
Worked with Jira to post, review and determine status of bugs to help meet testing deadlines.
Found bugs in the Health Connect program and created professional documentation for others to recreate the bugs efficiently and developers to fix the bug easily.
Looked over input forms for logic errors, exception handling, UI formats and bug.
Integrated Technuf’s inventory system with QR tags that I created for each item which has helpful metadata for employees to use.
Physically configured Technuf’s Internet network by setting up CAT 6 wiring system around the office, connecting routers, switches and creating Ethernet cables allowing faster Internet connection for employees.
Created documentation for company’s network such as port, wiring and network mappings allowing employees to understand how Technuf’s Internet works and make future improvements.
Hands on experience with AWS by setting up a VPC with private and public subnets. Hosted a tableau server inside an EC2 server by placing it in a private subnet which was connected to a NAT gateway.
Created AWS architecture documentation that provided insight on how to improve current information architecture by decreasing latency, creating a secure network, establishing high availability and providing fault tolerance solution.
Created a BYOD Policy, Risk Management Framework for Technuf’s security posture and showed an example of a pen test of Technuf’s security posture to the CEO and President
Courses
Discrete Structures, IT Problem Solving, Database Fundamentals, Multimedia and Web Design, Modern Telecommunications, Data Communications and Network Principles, Systems Analysis and Design, Accounting in a Global Economy, Object Techniques for IT Problem Solving, IT Project Management, Human Computer Interaction
Undergraduate Projects
Link to course projects http://netneutralityinamerica.blogspot.com/2017/05/it-projects.html
Projects include; JAVA, python, HTML, CSS, VISIO and Photoshop.
Github: https://github.com/DarkMan585
Contact this candidate