Security Analyst
Resume:
METRO-ATLANTA, GA • *********@*****.*** • 470-***-****
DANNIE PICKARD
Systems & Information Security Analyst
Cybersecurity Strategy Security Operations Security Optimization
Innovative Solutions Visionary
PROFESSIONAL SUMMARY
Information Security Analyst with 14+ years of experience specializing in security operations, incident response, and compliance. Proven track record in implementing security controls, managing firewall systems, and conducting vulnerability assessments. Demonstrated expertise in troubleshooting complex security issues and maintaining compliance with various frameworks Strong focus on customer service and team collaboration with experience in providing detailed documentation and status updates to stakeholders.
COMPETENCIES & ACHIEVEMENTS
Security Best Practices Incident Response Policy & Procedures Creation
Endpoint Protection Fraud Analysis SIEM
Firewall Management Network Monitoring Project Management
TCP/IP CIS Benchmarks Network Security Tools & Practices
Network Security & Support LAN/WAN Problem Solving
Implemented AI-powered SIEM monitoring system, reducing false positives by 40%.
Led security incident response team with 95% successful threat mitigation rate.
Developed automated threat detection protocols, improving response time by 22%.
Created a comprehensive security training program, reducing phishing success rate by 60%.
Established real-time threat monitoring system, identifying and blocking 98% of potential breaches.
Streamlined incident reporting process through automated documentation tools.
Orchestrated vulnerability assessment program, reducing system vulnerabilities by 35%.
Implemented threat intelligence platform, enhancing proactive threat detection capabilities.
Designed security metrics dashboard for real-time visibility of security posture.
EMPLOYMENT HISTORY
SECURITY ANALYST 2022-2023
STELLAR HEALTH - REMOTE Atlanta, Ga
Reporting directly to the Chief Information Security Officer, spearheaded the development of comprehensive 2023 objectives for the security team, aimed at enhancing and advancing the organization's security program
Implemented controls against various CS Frameworks such as HIPAA, HITRUST, ISO-27001 NIST
Introduced the company’s new incident response management program to C-Level stakeholders.
Collaborated bi-weekly with cross-functional IT team to implement security enhancements and ensure compliance with industry standards and best practices starting with CIS benchmarks.
Monitored and analyzing security events and alerts to identify potential threats or vulnerabilities from various security controls including, host intrusion prevention systems, endpoint security, application, and system logs, to identify threats to network security.
Assisted IT team in security operations, including user access management (protection of PHI/PII), security incident investigations, and security awareness training.
Made quarterly onsite visits to corporate office for collaboration sessions, training seminars, and planned workshops.
Collaborated and coordinated with multiple teams and vendors to implement security measure.
Facilitated departmental meetings to review team roadmaps, ensuring they aligned with company’s OKRs.
Researched EDR & DLP solutions to replace antivirus software and evaluated top vendors through in-depth technical reviews, demonstrations, and trials to implement into security ecosystem, providing another layer of protection
Updated the company’s ISMS policy with the reflected new security controls implemented.
Key Achievements
Created company-wide incident response policy and plan; outlining varies types of incidents (Privacy, Compliance, Security, Physical) to effectively handle security breaches and minimize the impact of security incidents.
Developed company’s security travel policy and ensured it was enforced compliance adherence to the new policy.
Built security roadmap reducing corporate risk of 20% year by year.
Created vulnerability management workflow, and security event dashboards in Sumo Logic SIEM.
Created security incident response team playbook for various types of incidents including: Phishing, Unauthorized Access, Mass Download, and Malware
SECURITY ANALYST 2020- 2022
HACWATCH Atlanta, Ga
Identified and reported on key performance indicators related to information security department to stakeholders.
Conduct post-incident reviews and generate reports detailing incident findings, actions taken, and recommendations for improvements.
Configured and tuned security tools, to optimize threat detection and reduce false positives.
Maintained comprehensive documentation, reports on security incidents, investigations, and remediation actions.
Performed incident triage, analysis, and escalation based on defined processes and procedures.
Provided security awareness training and guidance to employees on identifying potential security incidents.
Managed cloud security solutions using Microsoft Azure and Defender, including monitoring, threat detection, and incident response to ensure the protection of organizational assets
Prioritized security tasks based on risk assessment and business impact to effectively allocate resources and address critical vulnerabilities.
Continuously monitored, analyzed, and identified security alerts information from all approved security devices, collection techniques and designated system logs.
Security evangelist providing knowledge and recommending best practices to non-technical users.
Evaluated new technologies and processes that enhance security capabilities.
Key Achievements
Implemented a new EDR threat detection system, reducing false positives by 60% and improving incident response time by 45%.
40% Improvement in threat detection capabilities and a 25% reduction in operational costs, solidifying position as a key strategic leader within the organization.
Orchestrated the successful integration of company's security operations; harmonizing policies, procedures, and technologies across a team of analyst
SECURITY ANALYST 2019 – 2020
ONETRUST Atlanta, Ga
Review internal security systems (SIEM, endpoint, firewall & IPS/ IDS) to identify potential incidents or events.
Maintain monthly vulnerability scans and provide vulnerability information to relevant stakeholders as requested.
Monitored NIDS, Firewall, and log correlation tools for potential threats and monitored patching solutions.
Assist in collecting and maintaining evidence for compliance initiatives including ISO 27001, SOC2, NIST & CSA
Security evangelist, providing knowledge and recommending best practices to non-technical users
Evaluates new technologies and processes that enhance security capabilities.
Review and identify improvements to current knowledge base articles (KBAs), standard operating procedures (SOPs) and operational processes for the benefit of the organization.
Follow defined escalation paths to ensure proper issue resolution.
Investigated and advised internal teams concerning risks and active vulnerabilities identified.
Escalated high priority technical issues to the security engineer.
Preformed tenable vulnerability scans and create actionable tickets for various departments within the organization to correct vulnerability found in OneTrust environment or application
Initiate escalation procedures to counteract potential threats/vulnerabilities.
Analyze, escalated and respond to security events, observables and incidents detected by security products.
Conducted 24/7 security monitoring of network and application infrastructure
Evaluated new technologies and processes that enhance security capabilities.
Key Achievements
Established cross-functional ticketing workflow system for vulnerability remediation, achieving 98% on-time resolution rate across departments.
Created and maintained automated vulnerability scanning reports via Tenable.io, identifying 150+ critical issues and reducing remediation time from 45 to 15 days
Developed comprehensive process to triage security related events to improve audit compliance and streamlined reporting processes.
SYSTEM SECURITY ANALYST III 2016 – 2019
FISERV DISASTER RECOVERY Johns Creek, Ga
Provide reports to management regarding the effectiveness of networks and data security, also made recommendations for adoption of new policies, procedures and technologies.
Support incident management processes and security monitoring alerts in preventing internal / external hackers from compromising Fiserv’s data and assets.
Support new & existing security solutions, partner with the security engineering team for the implementation & integration of any new enhancements made to existing security solutions in support of improving overall enterprise security.
Assisted in the configuration and management of firewalls to protect the organization's network from unauthorized access and external threats.
Ensure security tools & solutions hardware/software/devices are operating effectively.
Manage Checkpoint VSX, Crossbeam, Palo Alto, and Intel XML Firewalls.
Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise networks.
Perform ticket queue monitoring, resolution, and prioritization, maintain diagrams and documentation and support firewall rule set reviews, auditing and maintenance activities.
Responsible for overnight implementation, troubleshooting VPN & operational turnovers.
Perform GUI and CLI-based policy pushes in a virtualized firewall environment comprising approx. 230 firewalls.
Coordinate mitigation tasks against DDos attacks with AT&T Threat Management Team.
Perform certificate renewals on F5 proxy.
Temp Agency@ Fiserv – Promoted to FTE
Perform GUI and CLI-based policy pushes in a virtualized firewall environment.
Coordinate mitigation tasks against DDos attacks with AT&T Threat Management Team.
Ensure security tools & solutions hardware/software/devices are operating effectively.
Manage Checkpoint VSX, Crossbeam, Palo Alto, and Intel XML Firewalls.
Ensure the confidentiality, integrity and availability of the data residing on or transmission through the networks.
Perform ticket queue monitoring, resolution, and prioritization, maintain diagrams and documentation and support firewall rule set reviews, auditing and maintenance activities.
Used command-line tools (ping, ipconfig, ifconfig, netstat, tracert, arp) to troubleshoot and analyze system connectivity issues and to identify the security posture of a network.
Contact this candidate