Security Administrator Threat

Location:

Pompton Lakes, NJ

Salary:

145-160k

Posted:

July 09, 2021

Contact this candidate

Resume:

Data Protection

As an Information Systems Security Administrator/Engineer /Lead I have 12 years experience in Incidence Resonponse, vulnerability and risk management quantitative, Compliance and Reporting, Access management, Identity Management, System architecture design, Data Loss Prevention, Cyber Alert monitoring. Proficiency in and

understanding of data privacy regulations (PCI, HPAA,PII etc.) and compliance

industry/federal standards and guidelines such as (NIST sp 800-30 (NIST 270**-***-**, CIS, ISO27002.

I have an extensive knowledge of data protection and privacy enabling technologies and IT security tools Proofpoint,Symantic DLP, OneTrust, Microsoft Compliance or Information Protection. I have expertise to conceptualize and develop Data Protection solutions to address customer's data and security needs.

As an IT security operations lead I trained security analysts in investigating incidents and the policy to respond,

I also created policies and procedures. Managed the data loss prevention department lowering false positives, determining severities training DLP analysts working closely with the director reporting and keeping documentation.

Acted as a subject matter expert for the team and attending weekly meetings and hosted weekly training meetings.

Lead and managed various projects involving migrations upgrades etc.

Areas of Experience

Valued Skills in Network Environments Employing various Arenas

Discipline

Description

Data Protection and Monitoring Tools

McAfee, Symantec, Crowdstrike, Digital Guardian, Pece,Peca, Olympic, Instinct, arcsight. Splunk

Network Protocols & Tools

Servers, Routers, Switches, Load balancers TCP/IP, HTTP/HTTPS,SMTP, SSH, DNS

Servers

Exchange Servers, Application Servers, Development Server

Cloud platforms

AWS, Microsoft Azure

Ticketing Systems

Remedy, Service Now, Landesk

Data analysis tools

Splunk, Peca, Pece,AppHQ,BICs, Instinct,Permit to Send,vendor list

Networking Environments

VPN, LAN, AWS, WLAN, Cloud

Operating Systems

Windows Server 2003-2008,2016, Linux, Windows 7,8,10,Win9X thru 10, Win2K/Win2K3 Pro/Win2008/2012 Server, Microsoft Office 97,2000,20008, thru 2010, VMware vSphere Clientk

Penn Testing and Code Review Tools

Kali,Linux, Nessus, HPE Fortify

Risk Assessments

Brain Storm

Vulnerability management

Qualys, Burp suite,

Scripting Languages

Python, Powershell

Professional Experience

Western World an (AIG company) October 2018- Present

Data Loss Prevention Engineer III

Performed continuous monitoring data in motion resolving various incidents

Analyzed vulnerability scan results, system audits, log events and troubleshoot software issues

Configured Tenable to operate and discover security, application and operating system related items

Processed and enhanced the security operations of applications and software

Utilized data protection methodologies to resolve unstructured data incidents

Established data standards and processes/workflows, providing recommendations for privacy and data governance programs, processes and controls and supporting data breach response planning and playbook development

Supported implementation of data privacy compliance processes, risk management and control implementation efforts, including data inventory and mapping tasks

Reported any updates of projects exceptions to policies, new authored policies procedures, and added processes to the CISO in a timely manner

Utilized Qualys to run vulnerablility scans on endpoints and worked with owners to remediate the vulnerability and ran a demand scan to validate the fix.

Developed targeted playbooks for L1 response

I initiated the threat management processes, to ensure that every aspects of an event is documented,remediated, and and reported to the Director in a timely manner

Implemented, established, developed and maintained an efficient vulnerability,access management, data loss prevention and incident response process

Initiated the use of information and Digital Rights Management (DRM)

Created various groups and applied policies

Performed deep data analysis using various tools

Reviewed asset management documentation for all, hardware, and software changes that may impact the firms standard information security posture; security technology policies, procedures, processes, and technologies

Provided quality assurance,appraisal and approval of security deliverables, to include revising and drafting test plans, security specification reviews and standards, and technical documentation

Worked with relevant stakeholders within the various Technology groups and business units to guarantee security awareness and issues were communicated effectively with documentation and verbal communication

Conducted the reviews of applications from a security and privacy perspective; review and contribute to the client's IT Standards used in the solution security review process and provide security recommendations and better practices regarding secure software development.

Initiated the use of Exact Data Match (EDM)

Provided recommendations to protect the business against industry known threa

Interacted with IT and vendor auditors, both internal and external, including coordination of interviews and walkthroughs and outlining key risks and controls. Understands risk impact and likelihood to business goals and objectives.

I could guarantee the accuracy and timely completion of audit tasks within established guidelines

Performed general control oversight and reviews to verify compliance with McAfee, Qualys and PCI.

Developed a working relationship and Coordinated with IT departments and financial, operations

I was instrumental in remediating issues found from the compliance reports.

Followed compliance procedures and Best Practices for internal operational risk Assessments and controls in accordance with the national standards, requirements, and policies.

Made recommendations after the review of systems to assess the adequacy of management controls, efficiency, and compliance with policies, regulations.

Constantly monitored performance of assets and performed risk assessments

Ran Queries and Reports Daily and emailed to management in regards to the progress of the remediation of issues found as a result of the compliance scan

Food and Drug Administration May 2017-October 2018

Data Protection Engineer

Provided recommendations information to protect the business against industry known threats by utilizing Tenable

Ensured all Cyber security threat response strategies are integrated with governance and compliance processes.

Performed execution of security root cause analysis and forensics as part of the enterprise’s Cyber Incident Response Plan.

Initiated monitoring/reporting and developing processes and procedures.

Analyzed incidents to solve issues and improved incident handling procedures

Configured Qualys to report and alert through external systems

Initiated the use of information and Digital Rights Management (DRM)

Analyzed vulnerability scan results, system audits, log events and troubleshoot software issues

Configured Qualys to operate and discover security, application and operating system related items

Supported multiple Information security projects as assigned

Performed Data Protection solution rollout or operations support

Performed automated and manual run-time assessments

Established governance and operating model for large scale organizations

Designed and implemented Cyber Threat hunting for organizations, including threats and enacting identification, containment, and eradication measures while supporting recovery efforts

Developed, reviewing, updating data protection policies for a large scale enterprise

Technical knowledge of Active Directory including user account and security groups creation and maintenance process

Implemented a Data Protection solution (e.g., DAG, DLP, Data Classification) and integrating it with other technology solutions such as Identity and Access Management and Security Information and Event Monitoring for in-depth security

Developed application security standards and policy documentation

Gathered Data Protection solution specific requirements and assist with framework development, policy development and design governance and operating model

Performed log Correlation Security monitoring by using tools such as Splunk

Acted as subject matter expert to provide insight, guidance and engaging in the discussion to adopt various methodologies, processes and policies.

Developed requirements, designed, built an operational documentation for Data Protection solution roll out and support

Identified, reduced, and reported on unstructured data risk

Conducted periodic integrity checks for Process Control equipment power supplies, control processors and analyze their performance to continuously drive improvements

Participated in site investigations, self-assessments, risk assessments, and audits providing information evidence of the local compliance to cyber security requirements.

Performed detailed source code of old and new application

Utilized Qualys to run vulnerablility scans on endpoints and worked with owners to remediate the vulnerability and ran a demand scan to validate the fix.

Researched, initiated the evaluation of tools, technologies, processes to enhance the security of application software produced

Received Tier 2/3 incident escalation from detection operations and assist with realtime, continuous (24x7) security event monitoring, response, and reporting

I was the automation subject matter expert in the development and implementation

Deployed new products, product upgrades, patches

Analyzed incidents to solve issues and improve incident handling

Performed risk assessments and/or threat modeling to articulate the levels and types of security controls appropriate application/product initiatives

Performed Search and Reporting with Splunk and License management