SUMMARY
SKILLS
IBUKUN
BALOGUN
advpzx@r.postjobfree.com
Aberdeen, New Jersey 07747
Goal-oriented IT professional with significant success in planning, analyzing and implementing of security plans and initiatives. Excel in developing comprehensive, secure network designs and systems. Highly-motivated employee with desire to take on new challenges. Strong worth ethic, adaptability and exceptional interpersonal skills. Adept at working effectively unsupervised and quickly mastering new skills.
,SO 27001 Contingency
plan, Privacy Threshold Analysis Security
Assessment Plan, Report Incident
Response Plan (IRP), Social Engineering
prevention, Supervision & Leadership,
Websense Data Loss Prevention, Protecting
Networks, Threat and
Vulnerability Management, Software and
Systems Security, Compliance and
Assessment, Security Operations and
Monitoring,Team Management, MITRE
ATT&CK. Access Management,
Application Security, Behavioral Analytics,
Cybersecurity Analysis, Network Security,
Risk Management
• TECHNICAL SKILLS :
NETWORKING: Static/Dynamic Routing
(RIP, EIGRP, OSPF, BGP), STP, LAN, WAN,
VLANS, WLANS, VTP, CDP, ACLs, HTTP, DNS,
DHCP
•
• PROTOCOLS Ethernet, TCP/IP, SSH
ACAS (Assured Compliance Assessment
Solution)
•
• NetApp
• Akamai
• Splunk
HARDWARE: Cisco Secure ACS, Firewalls-
Sidewinder, Juniper, Fortinet / Fortigate,
•
Routers- 3 COM hubs, routers and switches
L3 switches- Fore/Marconi ATM ASX […]
switches and 8000 series power hubs
Security devices- General Dynamics
Taclane KG-175 Classic and FASTLANE
encryption equipment, E100, Mini, and
Micro's
•
TELECOM: CSU/DSU, Canoga Perkins fiber
modems, Timeplex and N.E.T IDNX
Promina multiplexes, Mitel telephony
equipment, secure telephone equipment
including STU3S, STES, ILEX secure
facsimiles, TANBERG, Accord and Adtran
Video teleconference (VTC) MCUS
•
SOFTWARE/OS: MS Office Suite-
(Visio/Project), McAfee, Remedy,
Windows, UNIX, Linux
•
• DATABASES: Oracle, SQL Server
PROGRAMMING: Programing and
scripting in HTML, .NET, C, Perl and JAVA.
•
INFO-SECURITY/TOOLS: Nessus, IPSonar,
CiscoWorks- NMS, Arcsight ESM, ArcSight
Logger, Retina, Vulnerability Management
System (VMS),Splunk 5.0 and QRADE
•
Risk Mitigation,Organizational Skills,Reliable
& Trustworthy,People Skills,Critical
Thinking,Supervision &
Leadership,Customer Service,Training &
Development
•
EXPERIENCE SR CYBER SECURITY ANALYST 04/2021 to Current Lockheed Martin - Bethesda, Maryland
Lockheed Martin (NYSE: LMT) is an American global aerospace, defense, security and advanced technologies company with worldwide interests
•
It was formed by the merger of Lockheed Corporation with Martin Marietta in March 1995
•
• Responsibilities:
Perform cyber intelligence analysis activities related to Computer Network Defense
(CND), as part of the Intelligence Community Security Coordination Center (IC SCC) 24x7 Cyber Watch
•
• Coordinates and collaborates with Intelligence Community (IC) elements, the Nation Cyber security Centers (NCC's), Department of Defense (DoD), and other Federal/Civilian entities to maintain Common Situational Awareness (CSA) of network incidents and events for the IC
•
Collaborates closely with the; The Director of National Intelligence (DNI) staff, and the IC Chief Information Officer (CIO), in order to ensure successful mission accomplishment
•
Provides briefs to senior leadership daily on emerging threats, high profile incidents, and upcoming events
•
Conducts cyber intelligence analysis utilizing opensource and classified research on emerging/trending threats and vulnerabilities
•
Collaborates with the IC elements as necessary during incident detection and response stages
•
• Creates and disseminates intelligence reports to the IC Maintains and analyzes for trends, patterns, or actionable information, incidents and events captured Incident Case Management System
•
Leverages existing business processes and documents new repeatable business processes and procedures
•
Establishes a baseline understanding of IC network assets and capabilities through community outreach and persistent communication with IC elements
•
• Assesses enterprise/community risk to network assets and performance Conducts research with external information on events, incidents, outages, threats, and technical vulnerabilities
•
• Coordinates individual organizational actions to reduce overall shared risk to the IC Disseminates, researches and responds to Requests for Information (RFIs) with an understanding of the correct IC elements involved
•
Assess incidents to identify types of attacks, estimated impact, and collects evidence as required.
•
CYBER SECURITY ANALYST 07/2018 to 03/2021
ZeroFOX - Baltimore, MD
Performed day-to-day analysis of network logs for anomalies, threats, and vulnerabilities related to the National Airspace System (NAS); a critical infrastructure
•
Performed incident response for any incidents related to the NAS; managed all aspects of the security incident response process including but not limited to communication, analysis, Containment, mitigation and root cause analysis
•
Worked closely with the National Operations Control Center (NOCC) in identifying Cyber related incidents affecting the NAS
•
Integrated Splunk with ArcSight to provide ability to look for patterns and relationships across terabytes of data on the FAA/DOT network
•
The data that is collected by Splunk gives us the capabilities to renitent data for long term and the ability to drill into events and dynamically impose structure to provide metrics and reports
•
• Using Splunk to perform incident investigation and analysis, with raw data
• Engineers, configures and delays Enterprise SIEM/SEM solutions Develops advanced reports to meet the requirements of key stakeholders Develop response in order to resolved events and coordinate with stakeholders to develop security event remediation
•
Coordinate with the FAA Intelligence Organizations to obtain relevant external threat Intelligence from various sources via secure means as required by information
•
EDUCATION AND
TRAINING
PROJECTS
CERTIFICATIONS
classification
Processes acquired Intelligence into actionable information that has relevance to NAS operations and define any required mitigation actions
•
Support cyber security Tabletop Exercises (TTX) on-site and remotely and participate in After Action Reviews (AAR)
•
• Aided in the development of a 24/7-cyber operations team for the NAS
• Created and updated incident response policies, standards, and procedures Coordinate and address security issues/rights with routers, switches remote user, VMware clients and firewalls
•
Collaborate with application owners to define and establish logging standards to address various governance requirements
•
Lead logging enrollments from multi-tier applications into the enterprise logging platforms
•
Develop specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow Monitor numerous sources of collected security data including system security event logs, system Internet Protocol (IP) data flows, Intrusion Detection System (IDS) alerts and payload, and system performance monitoring services
•
Participated in the decision-making process for new tools and development of new processes
•
Knowledge of National Institute of Standards and Technology (NIST) special publications 1370.113 & 1370.112 Federal Information Processing standards Publication 199 (FIPS).
•
Estam Formation University - Cotonou, Benin
Bachelor of Science
Computer And Information Sciences, 07/2018
Covenant University - Ogun State,Nigeria
Bachelor of Science
Chemical Engineering, 07/2013
Monitor the security of critical systems (e.g., e-mail servers, database servers, web servers, etc) and changes to highly sensitive computer security controls to ensure appropriate system administrative actions, investigate and report on noted irregularities. Conduct network vulnerability assessments using tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures. Ensure organizational compliance with CFCU information security programs. Manage the SIEM infrastructure. Conduct routine social engineering tests and clean-desk audits. Investigate potential or actual security violations or incidents in an effort to identify issues and areas that require new security measures or policy changes. Research new developments in IT security in order to recommend, develop and implement new security policies, standards, procedures and operating doctrines across a major global enterprise. Define, establish and manage security risk metrics and track effectiveness. Coordinate with third parties to perform vulnerability tests and create security authorization agreements and standards. The ability to balance risk mitigation with business needs. Collaborate with business units to determine continuity requirements. Conduct business impact analysis for vital functions; document recovery priorities of the key processes, applications and data. Establish disaster recovery testing methodology. Plan and coordinate the testing of recovery support and business resumption procedures while ensuring the recovery and restoration of key IT resources and data and the resumption of critical systems within the desired timeframe.
•
• CompTIA Security+
• CompTIA Cybersecurity Analyst (CYSA+)
• CompTIA Security Analytics Professional (CSAP)
• AWS Cloud Practitioner
• Fortinet Network Security Associate (NSE1)