Henry Ankrah
*********@*****.***
Education
Associate of applied Science: Information Systems 2020 Mercer community college, west Windsor.
New Jersey Institute of Technology 2022
BS: Computer Network and Cybersecurity
Certification
Technical Skills
● McAfee, Linux, Windows, Sourcefire, Snort, Palo Alto (firewall), Wireshark, OpenVAS, Nessus, Angry IP, Nmap, Burp suite, MS SQL Server, MS Office (Word, Excel, Outlook, PowerPoint, Remedy, ServiceNow, Burp suite, Technical Support, Networking & Configuration, System Administration, Cloud formation. AWS (WAF), STIGs, Identity and Access Management (IAM). Experience
CCL Label – Hightstown, NJ March 2018 – December 2021 Cyber Security Analyst
Maintained firewalls and encrypted data to secure confidential information.
Utilize Burpsuite to test web application security and performance.
Daily review of logs and alerts from IDS/IP device, DLP systems and Splunk.
Remediated about 65% of vulnerabilities by encouraging the Patch management team and Threat Intel team to collaborate more effectively for the organization to efficiently remediate vulnerabilities.
Identify and manage Vulnerabilities with Nessus. Vulnerabilities were prioritized and rank by risk scores. 15% of the vulnerabilities were critical and mitigated with security controls.
Analyze and respond to security events and incidents from SIEM, Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Network Access Control (NAC), and other client data sources.
Enforce incident response SLAs and use strong TCP/IP networking skills to perform network analysis to isolate and diagnose.
Investigate security events forwarded from Level I Analysts and clients for security risk.
Use Nessus to perform host discovery scans to increase network visibility. Network visibility was increased by 35%, including assets in the DMZ.
Create reports and dashboards with Nessus to improve team collaboration and increase vulnerability awareness. Dashboards and reports improved team collaboration including vulnerability management and patch management. Outstanding vulnerabilities decreased by 25%.
Use Microsoft’s policy Analyzer to assess domain name Group Policies.
Plan and execute information security activities such as vulnerability management, application development security, networking, and risk management.
Perform cybersecurity roles and initiate RMF process for assigned systems.
Configure and Manage objects and resources with Active Directory.
Configure Suricata to detect and alert on potential DDOS attacks to increase server availability.
Use LogRhythm to identify suspicious email, specifically phishing emails.
Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues.
Evaluates the likelihood that vulnerabilities would be exploited and assess the impact associated with this threat and vulnerabilities.
FedEx – Trenton NJ May 2015 – February 2018
Cloud Engineer
Provide daily monitoring, management, troubleshooting, and issue resolution to systems and services hosted on cloud resources.
Analyzing and monitor performance bottlenecks and key metrics to optimize software and system performance.
Built S3 buckets and managed policies for S3 buckets and used S3 bucket and Glacier for storage and backup on AWS.
Perform troubleshooting and monitoring of the Linux server on AWS.
Amazon IAM service enabled to grant permissions and resources to users.
Experience implementing and managing cloud security tooling such as AWS security Hub.
Configure alarms in CloudWatch service for monitoring the server's performance, CPU Utilization, disk usage, etc., to take recommended actions for better optimization.
Configure AWS Multi-Factor Authentication in IAM to implement 2 step authentication of user's access using Google Authenticator and AWS Virtual MFA.
Configure security groups, network ACLs, Internet Gateways, and Elastic IPs to ensure a safe area for the AWS public cloud.
Design and develop Amazon EC2, Amazon S3, Amazon RDS, Amazon Elastic Load Balancing, Amazon SWF, Amazon SQS, and other AWS infrastructure services.
Created AWS Multi-Factor Authentication (MFA), for instance, RDP/SSH login.
Design, manage and maintain tools to automate operational processes. Home Depot -Cranbury NJ February 2012 – April 2015 Information Security Analyst
Use Security Tools such as Angry Bird, and Nessus to identify and assess 85% of unauthorized network port usage. Unauthorized network ports were ticketed using custom ticketing solutions, mitigated and/or triaged as requested by stakeholders.
Utilize Nmap to increase visibility by 35% to identify authorized and unauthorized services such as DNS services.
Utilize Wireshark to validate and confirm credentials over local area network are encrypted. 95% of credentials were being encrypted via trusted protocols. To mitigate the remaining 5% multifactor authentication was advised.
Create and bind certificates to 100% of our public facing applications to improve security and remain compliant.
Performs vulnerability scanning with Nessus to detect potential risks on single or multiple assets across the enterprise network.
Leverage Nessus to identify systems compliance risk levels, identify non-compliance issues, security vulnerabilities, and manage remediation activities.
Utilize National Institute of Standards and Technology (NIST) Cybersecurity Framework, Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), center for internet Security (CIS) benchmarks and other Federal Information security benchmarks and best practices.
Use Autopsy to identify suspicious email, specifically phishing emails. Phishing email attacks decreased by 45%.
Generated security documentation, including security assessment reports, system security plans, contingency plan, and disaster recovery plans.
Identify and manage Vulnerabilities with OpenVAS. Vulnerabilities were prioritized and rank by risk scores. 15% of the vulnerabilities were critical and mitigated with security controls.
Search firewall, email, web, or DNS logs to identify and mitigate intrusion attempts. False positives decreased by 15% enabling the team to effectively remediate true vulnerabilities and intrusion attempts.
Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis.
Counseled client on active directory, networking, and malware analysis, resulting to a 10% decrease in active cyber threats.
Configure IDS/IPS rules using Snort which reduced false positives from 30% to 25%.