Cybersecurity Specialist Security Analyst
Resume:
Cybersecurity Specialist with *+ years' hands-on experience in online security research, strategic planning, execution, and system maintenance. Proficient in training internal users on security protocols and preventive measures. Proven track record of securing digital assets and mitigating risks, dedicated to creating a secure digital environment. Committed to staying ahead of emerging threats and implementing cutting-edge solutions for enhanced cybersecurity.
Work history
2024-08 - Current
Cybersecurity Specialist
Everise
• Performed threat analysis in a 24/7 environment, mitigating and managing threats and risks to the company and achieving 99% data security using tools like Nmap, Nessus, and Wireshark.
• Supervised a team of 40 instructors to deliver company projects on time.
• Managed and created rules and policies for 8000 end-users in the data protection area, DLP, utilizing tools such as OpenVAS and Wireshark, facilitating the efficiency and ease of operations.
• Solely managed a comprehensive database of over 20,000 users, resulting in a significant increase in overall departmental performance.
• Identified over 350 new viruses and hidden malware in under three years, saving the entire company over 15,000 computers from destruction, using tools like Burp Suite and Metasploit.
• Designed, configured and deployed Amazon Web Services (AWS) for applications utilizing the AWS stack (Including EC2, Route53, S3, RDS, Cloud Formation, Cloud Watch, SQS, IAM).
• Performed random security inspections for a site containing 1000 employees to ensure the validity and safety of all technical operations, utilizing tools such as Nmap and Nessus.
2020-05 - 2024-08
Information Systems Security Analyst
Wipro
• Conducted security risk assessments for enterprise technologies, products, services, and operations based on applicable framework requirements from ISO/IEC 27001, ITIL, COBIT and NIST as well as PCI-DSS standards.
• Created, published, and maintained engaging training modules and materials, driving increased awareness and compliance for over 8000 employees.
• Implemented and managed phishing simulation programs, effectively mitigating security risks through targeted training and remediation.
• Supported and managed the security of Identity and Access Management (IAM) modules, on multiple systems and applications for over 7000 employees, with defined requirements to improve user and data access control.
• Developed User Acceptance Test (UAT) scripts, conducted UATs for inhouse developed applications and SaaS products to validate the system's security functionality and ensured business security objectives were met.
• Promoted cybersecurity best practices by providing security awareness training to stakeholders ensuring human-related security risks were reduced.
2018-03 - 2020-05
Security Analyst
Gohealth
• Monitored security alerts, network activity, and system logs using SIEM tools to detect and analyze potential cyber threats, unauthorized access attempts, and policy violations, ensuring timely mitigation and response.
• Conducted vulnerability assessments and penetration testing using tools such as Nessus and Qualys to identify security gaps across applications, networks, and endpoints, collaborating with IT teams to implement necessary remediations.
• Coordinated with IT operations teams to ensure timely and effective patching of all systems, reducing exposure to security threats.
• Conducted security assessments and vulnerability scans, identifying and mitigating risks to maintain a robust security posture.
Projects
Project 1: Hacking Adventures with Kali Linux
• Conducted hands-on penetration testing using Kali Linux to simulate real-world hacking scenarios.
• Explored and exploited vulnerabilities in various systems, enhancing practical cybersecurity skills.
• Applied ethical hacking techniques to identify and address security weaknesses effectively.
Project 2: Vulnerability Assessment with OpenVAS
• Executed comprehensive vulnerability assessments using OpenVAS to identify potential security risks.
• Analyzed scan results to prioritize and remediate vulnerabilities, ensuring a robust security posture.
• Developed a systematic approach to proactively manage and enhance the organization's cybersecurity resilience.
Project 3: Endpoint Analysis with Velociraptor
• Velociraptor for endpoint analysis, enabling deep forensic investigation on individual devices.
• Conducted detailed examinations of endpoints to identify and respond to security incidents promptly.
• Enhanced incident response capabilities by utilizing Velociraptor's powerful endpoint monitoring features.
Project 4: Real-Time Security Monitoring with Wazuh
• Deployed Wazuh for real-time security monitoring, providing continuous threat detection.
• Configured and fine-tuned Wazuh rules to align with the organization's security policies.
• Strengthened the incident detection and response capabilities with effective real-time monitoring.
Project 5: Network Traffic Analysis with Wireshark
• Conducted in-depth network traffic analysis using Wireshark to identify anomalies and potential threats.
• Interpreted packet captures to analyze communication patterns and detect malicious activities
• Improved network security by gaining insights into traffic behavior and implementing proactive measures.
Contact
Address
Concord, US 28027
Phone
*******************@*****.***
Skills
• Network Security
• Incident Response
• Vulnerability Assessment
• Penetration Testing
• Firewall Configuration
• Security Information and Event Management (SIEM)
• Risk Assessment and Mitigation
• Encryption Technologies
• Security Policy Development
• Disaster Recovery Planning
• Team Collaboration and Leadership
• Digital Forensics (FTK Imager, Exiftool, Scalpel, KAPE, Windows File Analyzer, Volatility, Autopsy)
• Governance, Risk and
• Compliance
• MySQL Database management
• Cloud Security (AWS, Azure)
• Networking and Security - AWS VPC, Azure Virtual Network, Security Groups, Network ACLs
• Tools: AWS, SIEM, SOAR, Splunk, XDR, Burp Suite, Metasploit, Nessus, Hashcat, Wireshark, VirusTotal, Nmap, Cryptography, Rsyslog, OpenVAS, SET (Social Engineering Toolkit), MSF Venom
• Cybersecurity Frameworks: OWASP Top 10, NIST, ISO/IEC27001, CIS Critical Security Controls, COBIT, HIPAA, PCI DSS, CIS Controls, MITRE ATT&CK Framework, Zero Trust Security Model, GRC, CS-VRM
Certifications
•
• CompTIA Security +
• CompTIA ITF +and Tech +
Education
Master of Science: Jurisprudence, Compliance in Financial Services
Seton Hall Law School - Newark, NJ
Master of Science: Legal Studies
Purdue University Global - West Lafayette
Bachelor of Science: Political Science
Winston-Salem State University
Diploma
New York Military Academy - West Lafayette
.
Contact this candidate