Cybersecurity Analyst Penetration Tester Vulnerability Management

Information Security Professional with 1 year of experience and ability to tailor the security posture to fit the organization’s individual needs and culture as well as to address the organization’s threat profile. Possess knowledge and experience in network security technologies, information assurance, IT security best practices, cyber defense, project management, and cybersecurity compliance derived from operations in current position. Career supported by Healthcare Information Security, certifications, subject matter exposure, and a continuous learning mindset.

Skill Set

Endpoint Security

Threat Detection

Security Controls

Technical Writing

SaaS Security platform implementation

Network Security

Vulnerability Management

Incident Response

IT Security Development Well-versed in the practical skills and mindset necessary to perform professional core security assessments against enterprise-level infrastructures.

Technology & Innovations Excellent knowledge of IT systems and infrastructure combined with profound skills in secure data management and analysis.

Management & Control Experienced in the use of systems as well as setting the organization’s security strategy and defining the systems or technologies required for its goals and objectives.

EDUCATION

Bachelor of Science Cybersecurity & Computer Networking University of Maryland

CERTIFICATIONS

CompTIA A+

Tenable Tenable.sc Specialist

DUO Security Certified Level 1 Duo Administrator, Device Specialist

TECHNICAL SKILLS

Applications/Tools: Tenable Security Center BurpSuite Visual Studio

Cisco FMC Cisco ThousandEyes Cisco SolarWinds

Microsoft’s Security Suite (O365, Endpoint, Cloud, Identity, Azure)

Operating Systems/Platforms: Ubuntu, Kali, Parrot Linux Microsoft Windows

Programming/Scripting Fundamentals: C Python PowerShell

PROFESSIONAL EXPERIENCE

Louisiana State Infosec Analyst I April 2023- present

Vetting vendors and agencies both within the Louisiana State Police and 3rd party-vendors using the FBI CJIS Security Policy and the La State Information Security Policy to ensure that agencies and vendors have their network up-to-standards to contract with the state.

Goals achieved thus far: cleared the backlist of in-scope agency audits by 93%. Streamlined communications between auditor and vendor for increased efficiency in processing audits and vendor requests.

Examples of daily tasks:

Provide guidance as needed to resolve non-standard InfoSec requests. Provide input into recommendations for information security policies, procedures, standards, and guidelines by keeping up to date with industry standards and trends.

Serve as a technical reference for team members.

Research new technologies and provides recommendations that will enhance information security for the agency.

Collaborates with vendors on information security needs. Provides input into contractor evaluations.

Ensures InfoSec maintenance tasks are completed in accordance with policy and procedures.

Acadian Ambulance LLC Feb 2022 to Feb 2023

IT Security Analyst

OVERARCHING GOAL

Become SME in vulnerability detection, analysis, management, and detection via the Tenable platform.

Projects geared towards goal achievement

Improved Implementation:

ofinding scan gaps throughout the network

ocreating assets, policies, and scans to close those gaps

odocumenting and monitoring open ports on external-facing assets

Software Installation Audits

oscripting audit files

ocreating assets, policies, and scans to audit for the presence of different software as part of baseline configurations for each endpoint

Ensuring adequate network scanning

oCross-team collaboration to ensure scans can run without causing undue network congestion

oManaging scans in a manner that facilitates full network coverage

PROFESSIONAL EXPERIENCE

Performs thorough security assessments and vulnerability scans on internal/external software/hardware, ensures security best practices like MFA implementation network wide.

Performs manual and automated vulnerability scans throughout the company network, generates Tenable dashboard detailing EOL software and vulnerabilities present for IPs and systems monitored or managed by other IT teams.

Develops and maintains a thorough subject matter expertise on relevant facets of the cybersecurity industry and assists team members in answering procedural and technical questions.

Planning and managing the implementation of MFA throughout the network in keeping with security best practices in the form of enabling SAML or SSO logins to company assets.

Audits current security policies and procedures, verifies changes necessary in the form of enforcing encrypted USB thumb drive usage, facilitating employee access to the company network through VDI software instead of using a VPN tunnel, and ensuring all devices connecting to the network have baseline security software installed via routine device audits.

Self-Development Projects

Practically learning about Application, Cloud, System, and Network Security via hands-on training through platforms like TryHackMe, HackTheBox, and TCM Security

Developing new blue teaming skills and security research

CompTIA Security+ certification (study in progress)

Practically learning and expanding skills in Python with a focus on secure coding methodologies and applications in Artificial Intelligence and Machine Learning

Shopping Master’s Degree Programs with the goal of enrolling before the end of 2023

Contact this candidate