Post Job Free
Sign in

Security Analyst Active Directory

Location:
Parkville, MD
Posted:
November 03, 2021

Contact this candidate

Resume:

Richard Okocha

443-***-****

********@*****.***

Education

BACHELOR OF SCIENCE: Computer Network and Cybersecurity 2021 University of Maryland Global Campus, Adelphi, MD

ASSOCIATE OF APPLIED SCIENCE: Cybersecurity 2020

The Community College of Baltimore County, Essex, MD Certification

Technical Skills

• Burpsuite, Wireshark, TCP dump.

• Nmap, tenable Nessus

• McAfee ESM, MS Windows, Linux, MS SQL Server.

• Remedy, ServiceNow.

• OpenVAS (vulnerability Scanner).

• Angry IP Scanner, Sourcefire (IDS), Snort, Palo Alto (firewall).

• MS Windows, MS Access, AP, BGP.

• Identity and Access Management

Experience

ELIZABETH COONEY NETWORK

Baltimore, MD

Cybersecurity Analyst March 2018 – July 2021

• Maintained firewalls and encrypted data to secure confidential information.

• Utilize Burpsuite to test web application security and performance.

• Remediated about 65% of vulnerabilities by encouraging the Patch management team and Threat Intel team to collaborate more effectively for the organization to efficiently remediate vulnerabilities.

• Identify and manage Vulnerabilities with Nessus. Vulnerabilities were prioritized and rank by risk scores. 15% of the vulnerabilities were critical and mitigated with security controls.

• Use Nessus to perform host discovery scans to increase network visibility. Network visibility was increased by 35%, including assets in the DMZ.

• Create reports and dashboards with Nessus to improve team collaboration and increase vulnerability awareness. Dashboards and reports improved team collaboration including vulnerability management and patch management. Outstanding vulnerabilities decreased by 25%.

• Use Microsoft’s policy Analyzer to assess domain name Group Policies.

• Plan and execute information security activities such as vulnerability management, application development security, networking, and risk management.

• Perform cybersecurity roles and initiate RMF process for assigned systems.

• Configure and Manage objects and resources with Active Directory.

• Configure Suricata to detect and alert on potential DDOS attacks to increase server availability.

• Use LogRhythm to identify suspicious email, specifically phishing emails.

• Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues.

• Evaluates the likelihood that vulnerabilities would be exploited and assess the impact associated with this threat and vulnerabilities.

QUALITY BUSINESS SOLUTIONS INC

Baltimore, MD.

Information Security Analyst February 2015 – April 2018

• Use Security Tools such as Angry Bird, and Nessus to identify and assess 85% of unauthorized network port usage. Unauthorized network ports were ticketed using custom ticketing solutions, mitigated and/or triaged as requested by stakeholders.

• Utilize Nmap to increase visibility to identify authorized and unauthorized services such as DNS services.

• Implemented and checked information system security plans to ensure NIST control requirements are met.

• Performed Risk assessment to identify system vulnerabilities and create risk assessment reports.

• Create and bind certificates to 100% of our public facing applications to improve security and remain compliant.

• Utilize National Institute of Standards and Technology (NIST) Cybersecurity Framework, Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), center for internet Security (CIS) benchmarks and other Federal Information security benchmarks and best practices.

• Use Autopsy to identify suspicious email, specifically phishing emails. Phishing email attacks decreased by 45%.

• Install, configure, and manage networking devices such as PFSENSE to improve security awareness and response by 65%

• Generated security documentation, including security assessment reports, system security plans, contingency plan, and disaster recovery plans.

• Identify and manage Vulnerabilities with OpenVAS. Vulnerabilities were prioritized and rank by risk scores. 15% of the vulnerabilities were critical and mitigated with security controls.

• Search firewall, email, web, or DNS logs to identify and mitigate intrusion attempts. False positives decreased by 15% enabling the team to effectively remediate true vulnerabilities and intrusion attempts.

• Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis.



Contact this candidate