Security Engineer
Resume:
Name: Vitalis E. Kwene/Email: vitalis.kwene@gmail/Address: 6522 Edgerton drive Lanham MD 20706/Cell # 1-301-***-****
Experience Summary:
Experienced in Information Technology and Cybersecurity, I bring a wealth of skills and qualifications. I have about 3 years experience, where I support clients’ security operations, cyber threat intelligence, vulnerability and risk activities by monitoring, analyzing, researching and providing business-goal deliverables. I deliver strategic, tactical and operational findings and recommendations on critical cyber security projects. I’m experienced in security Operation Center (SOC), Risk Assessment, System Development Life Cycle (SDLC), Cyber Threat Intelligence (CTI), Cyber Threat Research, Network Operation center (NOC) and System Administration Support. During my daily tasks, I apply security processes and standards like SDLC, Cyber Kill Chain, Tactics Techniques and Procedures (TTPs), FedRAMP, FISMA, ISO and NIST.
Education: Associate Degree in Information Technology at Prince George’s Community College
Certification: CompTIA Security+ and CompTIA Network+
Clearance: Public Trust
Work Experience:
Cyber Security Analyst
Government of District Columbia Department of Correction, DOC 07/2019- present
•Track threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs).
•Capture intelligence on threat actor TTPs/IOCs and coordinate it with Open Source Intelligence (OSINT).
•Monitor security solutions using Splunk; SIEMs, firewall appliances, intrusion prevention systems, data loss prevention systems, analysis tools, log aggregation tools.
•Improve work-flow processes through SOP and work templates.
•Conduct proactive monitoring, investigation, and mitigation of security incidents
•Analyze security event data from the network (IDS, SIEM).
•Perform static malware analysis on isolated virtual servers
•Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
•Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
•Research new and evolving threats and vulnerabilities with potential to impact the monitored environment
•Conduct log analysis using Splunk
•Identify suspicious/malicious activities or codes.
•Monitoring and analysis of security events to determine intrusion and malicious events.
•Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts.
•Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis.
Network Security System Engineer
Alxtel INC 06/201802/2019
•Addressed, implemented and repaired routing, IP switching, firewalls and remote protocols on LAN, WAN and VLAN and WLAN.
•Supported Network Technologies- Ethernet, TCP/IP, VoIP, Wi-Fi, Mobile, FTP, SNMP, VPN, DHCP, NAT, DNS, SSL, SSH and TLS.
•Opened and managed WebEx conference calls during system, web or service outages.
•Monitored internet traffic and configured load balancers for effective network distribution.
•Worked and troubleshoot numerous incident tickets to resolve customers’ issues.
•Supported multiple technical service platforms in the mainframe, client-servers and proxy servers.
•Maintained and updated enterprise backup tapes and files.
•Documented and provided report to management before, during and after any incident. Provided tier 2 technical assistance and support to onsite and remote associates.
•Supported applications like NetIQ, Azure, Oasis, Unity, MYIT, ATLAS, VMware, Outlook, Azure, Cisco, McAfee, Bitlocker, AirWatch, and Good Mobile Messaging.
•Updated and controlled software patches and antivirus signatures on systems.
•Managed SharePoint, Outlook, Airwatch, Skype for business, and MS office Suite.
•Troubleshoot network printers, server, desktop and network systems.
•Performed diagnostic software programs to resolve problems faced by remote associate.
•Supported IAM tickets through Active Directory, Mainframe, Azure and MOAT systems.
•CSAM, CISCO Firewalls, Incidence response, malware analysis, IDS, IPS, Nessus, Wireshark, AWS,
Contact this candidate