Security Analyst Customer Service
Resume:
Babatunde (Davies) Obanla
Email: *********.******@*****.*** Phone: 443-***-****
Objective
Seeking an Information Security/Cybersecurity Analyst or Security Operations Center position or Information Assurance position in a growth-oriented organization.
Professional Profile
IT Cybersecurity Analyst with over 7 years of experience performing research, analysis, and troubleshooting to identify, resolve, and explain complex cybersecurity and physical security issues
Knowledge of network and security applications and devices, and overall understanding of Cybersecurity programs
Cybersecurity, incident management, and IT compliance support across the enterprise infrastructure
Assessed risks and threats of theft, explosions, fire, emergency evacuations, and unauthorized access capabilities, site, facility, restricted areas, materials, and information
Cybersecurity capabilities and risk management in line with the Systems Engineering Life Cycle and consistent with technical requirements to ensure network and IT systems are protected against cyber-attacks and malicious intrusion.
Security policies interpretation and implementation requirements to ensure confidentiality, integrity, availability of information, systems, and network.
Performed research, analysis, and troubleshooting to identify, resolve, and explain complex security issues to members of the company.
Security Assessment and Authorization (SA&A) professional with in-depth knowledge in Risk Management Framework (RMF), Systems Development Life Cycle (SDLC), security life cycle and vulnerability management using FISMA, and applicable NIST standards.
Working knowledge of different Operating Systems such as Linux, and Windows
Possessed a unique combination of technical abilities, communication skills, and ability to multitask that allow me to collaborate with end-users or business.
Great attention to detail, and ability to work effectively as a team member with excellent communication, strong analytical and collaborative skills.
Proven capability of adapting to new and fast-changing technologies
Creates and document reports, rules, trends, and dashboards.
Analyzes ArcSight and related tools and resolved IT security failures.
Performs Splunk tuning and filtering of alerts and monitoring components to ensure only relevant security data are gathered.
Possessed a unique combination of technical abilities, communication skills and ability to multitask that allow me to collaborate with end-users or business
Key Skills Summary
Technologies
MS Office (Word, Excel, Outlook, PowerPoint, Access); Wireshark, ArcSight, Splunk, SharePoint, Nessus, Burp Suite, NMAP, Remedy, ServiceNow, VMware, CSAM, STIGs, and Security Content Automation Protocol (SCAP)
Operating Systems and Databases
MS Windows, UNIX, MS SQL Server, and MS Access
Specialties Skills
Testing & Troubleshooting, Networking & Configuration, System Administration, Security Analyst, Application Support, Project Management, Problem Solving, Strong Analytical & Collaboration, Technical Support & Customer Service
Education and Background
Bachelor of Science: in Agricultural Technology May 2000
Federal University of Technology, Akure, Nigeria.
Membership & Certifications
CompTIA Security+ March 2020
CAP – In Progress
CISSP – In Progress
Employment History
IT Cybersecurity Analyst 03/2016 - Present
B&Y Inc, MD
Responsibilities:
Provides high-level analysis of security data to identify significant activity.
Performs vulnerability scanning with Nessus to detect potential risks on single or multiple assets across the enterprise network.
Resolve problems independently and understand the escalation procedure.
Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues Information security standards, guidelines and procedure.
Report frequent and repeat problems (trend analysis) to management and propose process and technical improvements.
Provide resolution plans for system and network devices, application and security tools related issues.
Support and assist users requiring access to protected resources within the enterprise network.
Supports the systems administrator team in the implementation of concepts of least privilege and need to know.
Perform system maintenance and maintain current documentation.
Frequently leverage the application of technical standards, principles, theories, concepts and techniques to resolve security issue proactively.
Leverage Nessus to identify systems compliance risk levels, identify non-compliance issues, security vulnerabilities, and manage remediation activities.
Supports the designing, developing, and producing network solutions.
Communicates security gaps with remediation recommendations to management.
Develops, coordinates, implements, and maintains standards and procedures to protect the security and integrity of information systems and data.
Daily review of logs and alerts from IDS/IPS devices, DLP system, and Splunk.
Provides support and security overview on cloud-based solutions implementation, including private, community, hybrid, and public cloud deployment models.
Develops, reviews, and evaluated System Security plan based NIST special publications SP 800-53r4.
Provides detailed status updates on existing cybersecurity incidents daily to include follow up with client/customer to ensure satisfactory resolution.
Develops and tailor reporting from network security tools
Develops risk assessment reports, identifying threats and vulnerabilities applicable to the system.
Evaluates the likelihood that vulnerabilities would be exploited and assess the impact associated with this threat and vulnerabilities.
Experience upgrading server operating systems, tech refresh, imaging, patch management
Investigate and research issues, determine the impact, and provide remediation and document root cause analysis (RCA) when required and Performs mitigation required to protect critical resources.
Apply required security patches within NIST and enterprise guidelines
Conducts kick-off meetings to categorize the system according to NIST requirements of Low, Moderate, or High System FIPS 199 and SP 800-60
Conducts security control Assessment to assess the adequacy of management, operational, privacy, and technical security controls implemented.
Prepares systems certification and Accreditation package, making sure that management, operational, and technical security controls adhere to a formal and well-established security requirement authorized by NIST 800- 53r4.
Develops Security Assessment Report (SAR) detailing the results of the assessment along with the Plan of Action and Milestones (POA&M)
Conducted follow up meetings to assist information system owners to close/remediate POA&M items.
Develops and generate a technical and non-technical report on security findings, issues, and mitigations activities.
Develops System Security Plans (SSP) to provide an overview of system security requirements and describe the controls in place or planned by information system owners to meet those requirements
Conveys verbal briefings to management on pending cyber incidents as necessary and make recommendations to senior management on results of analysis and work closely with other Information Technology groups to refine and enhance security controls
Monitors security patch levels of the servers, workstations and network environments, and anti-virus systems
Investigates and research security issues, determine impact, and provide remediation and document RCA when required and Performs mitigation required to protect critical resources.
Supports infrastructure hardening and Security Administration & Installation on multiple systems
Performs monitoring and capacity planning in anticipation of system resource usage and needs
Apply required security patches within NIST and enterprise guidelines
IT Support Specialist / Security Operations Center Analyst 03/2010 – 01/2015
Metro Services Inc., MD
Responsibilities:
Analyze and respond to security events and incidents from SIEM, Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Network Access Control (NAC) and other client data sources
Investigate security events forwarded from Level I Analysts and clients for security risk.
Conduct tuning engagements with security engineers to develop/adjust SIEM rules and analyst response procedures
Escalate incidents and act as a Security Incident Response Team Lead when necessary.
Enforce incident response SLAs Use strong TCP/IP networking skills to perform network analysis to isolate and diagnose.
Respond to inbound requests via phone and other electronic means for technical assistance
Document actions in cases to effectively communicate information internally and to the client.
Observes and analyses traffic to learn valuable lessons from known malicious actors and to determine countermeasures against such threats.
Report common and repeat problems (trend analysis) to management and propose process and technical improvements.
Provide resolution plans for system and network issues. Perform system maintenance and maintain current documentation.
Assessed risks and threats of theft, explosions, fire, emergency evacuations, and unauthorized access capabilities to the site, facility, restricted areas, materials, and information
End-to-end Project Management, including customization of application based on the customer's requirement.
Participated in various phases of Software Development Life Cycle (SDLC); requirement gathering, modeling, analysis, architecture design & development
Ensured delivery deadlines are met on development, testing, implementation phases of the system, and customer relationship consulting.
Identified new and emerging technology capabilities to evaluate technology enhancements.
Coordinated ongoing improvements to security management policies and procedures.
Defined and updated security standards and checklists
Partnered with IT and business departments to identify gaps in policies, procedures, and processes
Provided on-site as well as remote hardware and software support
Maintained personnel database and verified access approvals
Evaluated operational processes and suggested improvement
Identified and analyze business violations of security policy and standards.
Administered and maintain user access controls, processes, and procedures to prevent unauthorized access, modification, or misuse of resources.
Analyzed information security systems and applications and also recommend and develop security measures to protect information against unauthorized modification or loss.
Prepared risk analysis reports and provides recommendations to the client.
Coordinated with stakeholders and system owners to ensure compliance with security processes and controls.
Conducted follow up meetings to assist information system owners in remediating outstanding security findings
Developed risk assessment reports by identifying threats and vulnerabilities applicable to the system.
Evaluated the likelihood that vulnerabilities can be exploited, assess the impact and associated threats
CLEARANCE
Secret -Active.
Contact this candidate