Information Technology Security Administrator

Milan Calloway

301-***-**** *************@*****.***

SKILLS

•Incident Response Expert

•Penetration Testing

•Compliance Management

•Audit Execution

•Risk Assessment

•Archer & ServiceNow

EXPERIENCE

•Risk Management Expert

•Malware Analysis

•Threat Analysis

•Log Analysis Expert

•Risk Assessment

•Audit and Compliance

Cybersecurity Specialist

Cedars Sinai Medical Center

July 2024 - Present

● Utilized Splunk to conduct advanced searches and identify suspicious activities, ensuring proactive threat detection and response.

●Performed comprehensive malware scans and executed remediation procedures using Crowdstrike Falcon to eliminate malicious software and enhance system security.

●Managed and facilitated Remote Access Approvals for VPN, ensuring secure and efficient access for authorized users.

●Configured and maintained USB exceptions in Crowdstrike to balance security protocols with operational needs.

●Analyzed and mitigated phishing email threats using ProofPoint, safeguarding organizational communications and data integrity.

●Created and managed CyberArk Admin accounts for authorized personnel, ensuring secure access to critical systems.

●Conducted in-depth analysis of malware from suspicious attachments using various sandbox environments to assess potential risks.

●Researched Indicators of Compromise (IOCs) to identify and address vulnerabilities within the healthcare system, enhancing overall security posture.

Security Engineer

Sysarc, 2017 - 2024

•Integrated Microsoft Defender ATP with Perch Security, enhancing threat visibility and correlation capabilities, leading to a 30% reduction in mean time to respond (MTTR) to security incidents.

•Configure, deploy, and managed WAF solutions such as Cloudflare WAF to protect web applications from common threats like SQL injection, cross-site scripting (XSS), and DDoS attacks.

•Ensured that Cloudflare WAF and network segmentation configurations comply with industry standards and regulatory requirements such as PCI DSS, CMMC, and GDPR.

•Conducted thorough security risk assessments of third-party vendors and subcontractors in the government contractor supply chain, resulting in a 20% decrease in supply chain risks and a 15% improvement in vendor compliance.

•Developed and implemented automated response actions in Microsoft Defender ATP and Perch Security, such as isolation of compromised endpoints and containment of malware outbreaks, reducing manual intervention and response time by 50%.

•Utilized Perch Security's threat intelligence capabilities to enrich security event data with external threat feeds, enhancing the organization's ability to detect and respond to emerging cyber threats proactively.

•Conducted vulnerability assessments with OpenVAS and penetration tests, identifying and patching critical security vulnerabilities before they could be exploited by malicious actors.

•Designed and implemented network segmentation strategies to logically divide networks into smaller, more secure segments, reducing the attack surface and limiting lateral movement of threats.

•Conducted incident response exercises and tabletop simulations using data collected from Microsoft Defender ATP, Perch Security, and Netwrix Auditor, enhancing the organization's preparedness to handle cyber attacks and security breaches effectively.

•Provided training and mentorship to junior team members on the use of Microsoft Defender ATP, Perch Security, and Netwrix Auditor, empowering them to leverage these tools effectively in their roles and contribute to the organization's cybersecurity efforts.

•Led comprehensive security and compliance assessments in alignment with CMMC (Cybersecurity Maturity Model Certification) and NIST 800-53 frameworks to ensure organizations met stringent government contract requirements.

•Utilized Archer to track, manage, and report on compliance metrics, ensuring transparency and accountability throughout the assessment process.

•Managed and maintained a large-scale Hyper-V virtualized environment, overseeing storage allocation, performance optimization, and resource utilization to ensure seamless operations

•Provided technical support and troubleshooting for virtualized systems such as VMware, ensuring minimal downtime and optimal performance

EDUCATION

Western Governors University

Bachelor of Science - Information Technology

June 2024

CERTIFICATIONS

CompTIA CySA-003

Certified Ethical Hacker - 312-50

Security+ SYA-501

Contact this candidate