Cybersecurity Analyst Penetration Tester Vulnerability Management
Information Security Professional with 1 year of experience and ability to tailor the security posture to fit the organization’s individual needs and culture as well as to address the organization’s threat profile. Possess knowledge and experience in network security technologies, information assurance, IT security best practices, cyber defense, project management, and cybersecurity compliance derived from operations in current position. Career supported by Healthcare Information Security, certifications, subject matter exposure, and a continuous learning mindset.
Skill Set
Endpoint Security
Threat Detection
Security Controls
Technical Writing
SaaS Security platform implementation
Network Security
Vulnerability Management
Incident Response
IT Security Development Well-versed in the practical skills and mindset necessary to perform professional core security assessments against enterprise-level infrastructures.
Technology & Innovations Excellent knowledge of IT systems and infrastructure combined with profound skills in secure data management and analysis.
Management & Control Experienced in the use of systems as well as setting the organization’s security strategy and defining the systems or technologies required for its goals and objectives.
EDUCATION
Bachelor of Science Cybersecurity & Computer Networking University of Maryland
CERTIFICATIONS
CompTIA A+
Tenable Tenable.sc Specialist
DUO Security Certified Level 1 Duo Administrator, Device Specialist
TECHNICAL SKILLS
Applications/Tools: Tenable Security Center BurpSuite Visual Studio
Cisco FMC Cisco ThousandEyes Cisco SolarWinds
Microsoft’s Security Suite (O365, Endpoint, Cloud, Identity, Azure)
Operating Systems/Platforms: Ubuntu, Kali, Parrot Linux Microsoft Windows
Programming/Scripting Fundamentals: C Python PowerShell
PROFESSIONAL EXPERIENCE
Louisiana State Infosec Analyst I April 2023- present
Vetting vendors and agencies both within the Louisiana State Police and 3rd party-vendors using the FBI CJIS Security Policy and the La State Information Security Policy to ensure that agencies and vendors have their network up-to-standards to contract with the state.
Goals achieved thus far: cleared the backlist of in-scope agency audits by 93%. Streamlined communications between auditor and vendor for increased efficiency in processing audits and vendor requests.
Examples of daily tasks:
Provide guidance as needed to resolve non-standard InfoSec requests. Provide input into recommendations for information security policies, procedures, standards, and guidelines by keeping up to date with industry standards and trends.
Serve as a technical reference for team members.
Research new technologies and provides recommendations that will enhance information security for the agency.
Collaborates with vendors on information security needs. Provides input into contractor evaluations.
Ensures InfoSec maintenance tasks are completed in accordance with policy and procedures.
Acadian Ambulance LLC Feb 2022 to Feb 2023
IT Security Analyst
OVERARCHING GOAL
Become SME in vulnerability detection, analysis, management, and detection via the Tenable platform.
Projects geared towards goal achievement
Improved Implementation:
ofinding scan gaps throughout the network
ocreating assets, policies, and scans to close those gaps
odocumenting and monitoring open ports on external-facing assets
Software Installation Audits
oscripting audit files
ocreating assets, policies, and scans to audit for the presence of different software as part of baseline configurations for each endpoint
Ensuring adequate network scanning
oCross-team collaboration to ensure scans can run without causing undue network congestion
oManaging scans in a manner that facilitates full network coverage
PROFESSIONAL EXPERIENCE
Performs thorough security assessments and vulnerability scans on internal/external software/hardware, ensures security best practices like MFA implementation network wide.
Performs manual and automated vulnerability scans throughout the company network, generates Tenable dashboard detailing EOL software and vulnerabilities present for IPs and systems monitored or managed by other IT teams.
Develops and maintains a thorough subject matter expertise on relevant facets of the cybersecurity industry and assists team members in answering procedural and technical questions.
Planning and managing the implementation of MFA throughout the network in keeping with security best practices in the form of enabling SAML or SSO logins to company assets.
Audits current security policies and procedures, verifies changes necessary in the form of enforcing encrypted USB thumb drive usage, facilitating employee access to the company network through VDI software instead of using a VPN tunnel, and ensuring all devices connecting to the network have baseline security software installed via routine device audits.
Self-Development Projects
Practically learning about Application, Cloud, System, and Network Security via hands-on training through platforms like TryHackMe, HackTheBox, and TCM Security
Developing new blue teaming skills and security research
CompTIA Security+ certification (study in progress)
Practically learning and expanding skills in Python with a focus on secure coding methodologies and applications in Artificial Intelligence and Machine Learning
Shopping Master’s Degree Programs with the goal of enrolling before the end of 2023