Security Analyst Penetration Testing
Resume:
EDUCATION
TECHICAL SKILLS
Penetration Testing: Burp Suite, OWASP Zap, SQLmap, Kali, Metasploit,
Network Security: N-map, ZenMap, Nessus, Netcat, wireshark
SIEM Tools: Splunk, Q radar
Policy and standards: NIST, PCI DSS, HIPPA, CIS, OWASP TOP 10
Networking: Checkpoint, Cisco, IDS/IPS, Snort, and Suricata.
Firewall Management: Cisco ASA, Palo Alto, Fortinet, Mod Security and F5 WAF
Languages: Java, python
EXPERIENCE
Comerica Bank (Jan 2023 to present)
Dallas, TX
Security Analyst
Conducted in-depth penetration tests on web applications using tools such as Burp Suite, and OWASP ZAP to identify security vulnerabilities including SQL injection, XSS, misconfiguration issues and authentication bypass.
Utilized Nmap, Zenmap, Nessus and OpenVas for network scanning and service enumeration, identifying potential security weaknesses and misconfigurations.
Utilized Kali Linux for a comprehensive suite of penetration testing tools and techniques.
Conducted subdomain enumeration and discovery using Subfinder and Subrute.
Employed OSINT techniques to gather information about target applications and networks.
Analyzed network traffic with Wireshark and investigated security incidents to provide actionable insights and recommendations for improvements.
Performed manual security testing for OWASP Top 10 vulnerabilities like SQL Injection attacks, XSS, SSRF, Session Management etc.
Used XSSHunter to identify and report cross-site scripting vulnerabilities.
Provided detailed reports on penetration testing findings, including risk assessments, evidence, and remediation strategies. Presented findings to both technical and non-technical stakeholders.
Effectively communicated security issues with the security engineers and non-technical personnel from different domains.
Re-evaluated issues to ensure closure of vulnerabilities addressed during analysis phase.
Conducted testing over applications to comply with PCI DSS standards.
Monitored common vulnerability exposure databases (CVE) and identifying vulnerabilities to prevent exposure to all known and potential threats.
Scanned and analyzed port scan results and manually verified the vulnerabilities related to the ports of the system.
Used Metasploit framework to find any vulnerabilities in network.
Created risk assessments based on CVSS scoring methodology and provided remediation guidance.
Identified, resolved, and illustrated complex security issues to the board members.
Performed vulnerability scanning using Nessus and identified root causes.
Managed SIEM solution to effective security monitor various systems. Optimized performance of log collection and correlation rules.
Reviewed SOC alerts and responded to security incidents.
Administered and maintained user access controls, processes, and procedures to prevent unauthorized access, modification, or misuse of resources.
Used advanced exploitation methods like Metasploit and Nmap on the network application and remediated complex issues.
Investigated network using Wireshark and ZaProxy advanced packet analyzers for unauthorized traffic. Analyzed PCAP at various levels, sniffing network traffic for security issues and troubleshooting.
Participated in creation of IT security policies, procedures, guidelines, baselines, and standards along with planning and designing of security architecture.
Maintained up-to-date baselines for secure configuration and operation of existing devices.
CureMD Healthcare (Mar 2021 to Dec 2022)
NewYork, NY
Security analyst
Implemented and configured threat detection tools such as Snort and Suricata to detect and analyze network anomalies and malicious activities. Developed and tuned detection rules to improve accuracy and reduce false positives.
Utilized SIEM tools such as Splunk, and QRadar to continuously monitor network traffic for suspicious activities. Analyzed and correlated security events to identify potential threats and vulnerabilities.
Assisted in developing and enforcing security policies and procedures to ensure compliance with regulatory standards (e.g., HIPAA, PCI-DSS). Conducted compliance audits and maintained necessary documentation.
Ensured compliance with healthcare regulations such as HIPAA, HITECH, and other relevant standards by conducting regular audits and assessments of network and web application security.
Collected and analyzed threat intelligence from internal and external sources to stay informed about emerging threats and vulnerabilities. Incorporated findings into security strategies and incident response plans.
Conducted vulnerability scans and assessments using OpenVAS and Nesuus. Provided recommendations for remediation and worked with IT teams to implement fixes.
Managed and configured firewalls Palo Alto, Cisco ASA to enforce security policies and control network traffic. Monitored firewall logs and rules to identify and respond to suspicious activities and potential security incidents.
Responded to security incidents by investigating alerts from IDS/IPS and firewalls. Analyzed security events, conducted root cause analysis, and developed remediation plans to address identified issues.
Used vulnerability scanning tools like Tenable’s Nessus to create and activate alerts for schedule scans.
Investigated firewall rules in Cisco ASA and checkpoint.
Integrated and configured EDR/XDR solutions to enhance threat detection and response capabilities.
Scanned and analyzed port scan results and manually verified vulnerabilities related to ports of the system.
Performed manual penetration testing of applications and APIs to identify OWASP Top 10 vulnerabilities.
Performed threat analysis on new requirements and features.
Managed Healthcare PCI (Payment Card Industry) Compliance Program and ensured card holder data security standards met PCI DSS (Payment Card Industry Data Security Standards) requirements.
Identified vulnerabilities like SQL Injection, XSS, broken access control and CSRF.
Provided comprehensive reports on vulnerabilities and action plans to mitigate identified vulnerabilities and other logical issues.
Performed semi-automated and manual Web Application and Network Penetration tests utilizing multiple tools such as Burp Suite, Net Sparker, Tenable Nessus, SQLMap, Custom Scripts, Metasploit, Nmap, and Netcat, within the Kali Linux toolset.
Performed functional tests with security solution tools like RSA 2-factor Authentication, Single Sign-on, and Data Loss-Prevention (DLP) etc.
Conducted re-assessment after mitigating vulnerabilities found in assessment phase.
Monitored and analyzed security logs and applications data logs from NIDS and Application Firewall using SPLUNK.
Provided security implementation for authorization, by controls like principle of lease privilege.
Jet Blue Airlines (Aug 2019 to Feb 2021)
New York, NY
Jr. SOC Analyst
Monitored network and system activities using the IDS SIEM tools Splunk, QRadar in real time to detect and respond to security incidents.
Analyzed security alerts and logs to identify potential threats, malicious events, activities, or codes and vulnerabilities, escalating critical incidents to senior analysts.
Performed security tests using vulnerability assessment tools such as Nessus, Nmap.
Supported incident response activities, including data collection, analysis, and reporting.
Investigated malicious phishing emails, domains and IPs using Open-Source tools and recommended proper blocking based on analysis.
Conducted research on new and evolving threats and vulnerabilities using security blogs.
Searched firewall, email, web, or DNS logs to identify and mitigate intrusion attempts.
Coordinated with IT and security teams to implement and test security measures and ensure effective incident response and recovery.
Maintained up-to-date knowledge of emerging threats and vulnerabilities, applying threat intelligence to enhance security posture.
Developed and owned documentation for security policies, procedures, incident response plans along with security incident reports and remediation efforts.
Performed routine checks and updates on security systems and tools to ensure optimal performance and effectiveness.
Ensured the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Participated in managing technologies, evaluating new technologies, continuous improvement of SLA, customer meetings, implementing new solutions as asked by customers.
Performed Vulnerability Assessments and took the required counter actions and measurements to ensure the security of the IT infrastructure systems.
Analyzed and documented network & information security requirements and define security policy for enterprise client and business critical servers.
Researched new and evolving threats and vulnerabilities with potential to impact the monitored environment.
Assisted in developing procedures for monitoring, detecting, reporting, and investigating information security breaches.
EDUCATION
Bachelor’s Degree
CERTIFICATIONS
Google Cyber security Certification
Fortinet Certified Fundamentals in Cyber security
CompTIA CySA+
Anju Lama
Irving, TX 75039
************@*****.***
Security Analyst
PROFILE
Dedicated cybersecurity professional with 5 years of experience in protecting critical systems and data. Skilled in penetration testing, vulnerability assessments, incident response, and threat modeling. Proficient in using industry-standard tools like SIEM, firewalls, IDS/IPS, and endpoint protection. Expert in compliance with frameworks like NIST and CIS. Strong track record in managing security incidents and enhancing security posture. Committed to continuous learning and staying ahead of emerging threats.
Contact this candidate