Career Objectives:
Persuasive, attentive, detailed oriented, Cyber Security Analyst with experience in vulnerability management, threat detection, incident response, cloud infrastructure, and compliance. Ability to grow, learn, and manage an IT environment with the ultimate goal of protecting the confidentiality, integrity and availability of information system. Effectively and efficiently working with team members, utilizing technical skills, and non-technical approach while being a subject matter expert (SME).
Qualification Summary:
Tenable Nessus, Qualys, and Nexpose
Incident Response using Carbon Black, CrowdStrike
Data Loss Prevention (DLP) using Digital Guardian, Force point, Symantec, office 365 DLP
Penetration and threat hunting tools like NMAP
IDS/IPS monitoring and analysis
Cloud security such as SaaS, PaaS, IaaS
Security and Awareness Training
Email Security
Work Experience:
Security Analyst, Cypher24, LLC, Austin TX 02/2021 to Present
Experience with implementation and management of vulnerabilities by using Qualys, Nessus and Nexpose.
Operation of security information and event management tool such as Splunk.
Reviewing all incoming alerts and adequately documenting and creating tickets to tackle potential threat within the organization.
Reviewing vulnerabilities data from different sources.
Investigating suspicious activities by containing and preventing theft.
Presenting the status of the vulnerabilities to team members.
Monitoring attacks, threats and unauthorize activity and respond to those quickly and diligently.
Carrying out investigations into security alerts and learn from all incidents and occurrences.
Effectively reviewing and writing control implementation statements through assessments.
Work with security team to gather the necessary documents needed to create ATO packages.
Collaborates with information system owners to creates review and operates POAMs, privacy impact system security.
Improving and upgrading cloud networks and cloud base systems in Amazon Web Services (AWS) and Azure.
Maintaining organization cloud computing environments and infrastructure.
Ability to creates and enhance security methods that will improve the security of cloud base environment.
Identifying and executing new technologies and best practices into the company cloud environment.
IDS/IPS monitoring and analysis and investigation into alert as they are seen to include antivirus and phishing alert.
Reviewing and triage experience with endpoint detection and response tool.
Using antivirus and anti-malware endpoint security and data loss prevention tools to prevent data exfiltration from network.
Monitoring dashboards and intrusion detection and prevention system (IDS/IPS).
Triaging incidents, tickets updates and reporting of cyber events.
Using SOC monitoring devices devices {SIEM, IDS/IPS) to review and analyze pre defined events indicative of incident.
Performing network vulnerability scanning and driving remediation effort.
Supporting cyber defense functions to protects clients from cyber security incidents that have potential to cause negative impact.
Perform scheduled and on demand scanning activities of both corporates and cloud environments utilizing Qualys and Nessus.
Assist in working with the business to effectively communicate the risks of identified vulnerabilities and make recommendations regarding the selection of cost- effective security controls to mitigate identified risks.
Understanding and helping prevent common exploitation techniques and mitigations.
Providing consultation for system owners for impact analysis before remediation.
Presenting risks and propose countermeasures to senior technology executives.
Ability to provide consultation for system owners for impact analysis before remediation.
Knowledgeable and helping prevent common exploitation techniques.
Assist the team lead to generate weekly report.
Ability to check network and devices configurations for compliance with industry benchmarks.
Identify threats and vulnerabilities in systems and software.
Cyber Security Analyst: Meritus Health, Hagerstown, MD, 01/2017 – 02/2021
Performed network scanning by using tools like Nexpose, Nessus, and Qualys.
Used Qualys, Nessus, and Nexpose to implement and support vulnerability management platforms.
Ability to perform application scan to ensure adequate protection of external facing applications which poses more threat to my environment.
Prioritized vulnerability base on the CVSS score, the degree of exposure, and asset criticality.
Implemented the use of threat hunting in order to review vulnerabilities data from different sources and to ensure better knowledge of such vulnerabilities.
Performed initial analysis and investigation into alerts.
Finding weaknesses by assessing security system in order to enhance or improve the system.
Identified threats and vulnerabilities in system and software.
Threat protection and monitoring to strengthen the organization IT infrastructure.
Performed different incident response activities such as tabletop exercises, incident identification, network containment, eradication, recovery, and lessons learned.
Worked effectively with team members to respond to security breaches.
Implemented NIST 800-53 Rev 5 to process to protect information system and manage applications development.
Ensured compliance of NIST based on the organization needs by producing supported evidence.
Performing various incident response activities including tabletop exercises, incident identification, network containment, eradication, recovery and lesson learned.
Developing and implementing high-techs solutions to defend against hacking, malware and ransomware, insider threats and all types of cybercrime.
Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization data, systems and network.
Providing thereat and vulnerability analysis using tools like Nmap to scan for open port.
Responding to all system and/or network potential security breaches.
Reviewing and triage experience with endpoint detection and response tool.
Strong knowledge of current security threats, technique, and landscape, and a dedicated and self-driven desire to research and learn more about the information security landscape.
Working with various risk and information security teams in presenting vulnerabilities management managements status and updates to technology subject matter experts and management.
Provide-in dept analysis of vulnerabilities and impact to key stakeholders.
Assist in improving and automating existing vulnerability management lifecycle including, but not limited to scanning, asset discovery, prioritization, remediation and validation scans.
Applying new techniques and trends that are in line with overall information security objectives and risk tolerance.
Maintaining an up-to-date understanding of emerging cyber threats that could jeopardize the confidentiality, integrity, and availability of information system.
Assisting in partnering with tools and technology teams to troubleshoot, develop, select, implement and automate appropriate security solutions to keep system data protected from internal and external threats.
Assisting in providing support and resolution for scanning and vulnerability remediation reporting issues.
Helping system owners to make Risk-Based Decision and providing vulnerability exceptions as needed.
Participating in vulnerability assessment process improvement.
Actively participating in the change management process.
Ability to effectively help identify insider threat and advance persistent threat detection.
Effectively provide support for log management and security information and event management (SIEM) solutions.
Education: Masters in Cyber Security Western Governor University in progress
Certifications:
CompTIA Security Plus
Certified Ethical Hacker (CEH) in progress.
References: Available upon request.