Security Analyst Cyber
Resume:
Dipesh Shah
******.*@**********.*** 917-***-**** Harrison, NJ
Professional Summary
• Cyber Security Analyst with 6+ years of experience, applying threat hunting, vulnerability analysis, and incident response to secure critical systems and data while leveraging risk assessment, vulnerability management, Assessment and Authorization (A&A) to establish a comprehensive security posture.
• Experience in network forensics, utilizing tools such as Wireshark, TCPdump, and Zeek, and with a strong understanding of threat intelligence frameworks like MITRE ATT&CK and the Cyber Kill Chain.
• Proficient in leveraging advanced security tools such as Metasploit, Intrusion Detection Systems (IDS), and Security Information and Event Management (SIEM) platforms to proactively identify, analyze, and mitigate potential threats. Collaborated with cross-functional teams to implement timely protective measures, enhancing security posture and reducing incident response time.
• Skilled in analysis of malware and reverse engineering, providing valuable insights into the behavior of malicious code and enabling faster containment of malware outbreaks. Education
Master of Science in Information Systems
Stevens Institute of Technology, NJ
Skills
Penetration Testing: Metasploit, Burp Suite, OWASP Zap Cloud and Security Tools: Nmap, Snort, Nessus, OpenVAS, Splunk, Azure, InfoVista, Niksun’s, NetVCR, CloudShark Security Technologies: SIEM, HIDS/HIPS, Vulnerability scanning, Network Analysis Network Forensics: Wireshark, TCPdump Zeek, Network Miner Defense Frameworks: MITRE Attack, Cyber kill Chain, Pyramid of pain, Diamond model Threat Intelligence: OSINT, YARA, CrowdStrike, Falcon Other Security Skills: Security Incident Handling, Vulnerability Management, Information Security Management, Ethical Hacking, Malware Analysis, Penetration Testing, Security Compliance, Data encryption, Security log monitoring and analysis, Cybersecurity Capstone, Incident reporting, Log Analysis, Forensic Analysis Operating Systems: Kali Linux, Windows, MacOS, Unix Experience
HL GADA LLC Jan 2025 - Current
Sr.Cyber Security Analyst New York
• Employed Metasploit's post-exploitation modules to conduct thorough system reconnaissance, including privilege escalation, data exfiltration, and lateral movement analysis, resulting in a 20% increase in the identification of compromised systems.
• Optimized Rapid7 scanning techniques, reducing vulnerability assessment time, and enabling faster identification and remediation of security risks.
• Conducted detailed packet analysis using CloudShark, identifying and mitigating network intrusion attempts by decoding and examining packet-level data in real time.
• Utilized Burp Suite's Spider and Scanner modules to crawl and analyze web applications, identifying and exploiting a wide range of authentication, and authorization, increasing the coverage of security assessments. Light & Star USA Inc Sep 2024 - Dec 2024
Cyber Security Analyst New York
• Optimized TCPdump and Zeek for proactive threat-hunting activities, analyzing network traffic for anomalies and suspicious activity patterns that indicate the presence of advanced threats, resulting in an 18% increase in the detection of advanced threats.
• Collaborated with security teams to implement and maintain security controls to prevent the exploitation of known vulnerabilities, reducing the risk of successful exploitation by 20%, aligned with the Cyber Kill Chain model.
• Implemented robust identity and access management (IAM) protocols and conducted regular audits, reducing permission abuse incidents by 25% and significantly strengthening user-level security.
• Managed and optimized various network nodes for performance and security, reducing incident response time by 30% using advanced monitoring tools and custom alerts.
• Spearheaded the implementation of a Splunk platform, centralizing log data from 20+ firewalls, intrusion detection systems, and web servers. This streamlined security operations, reducing mean time to detect
(MTTD) and mean time to respond (MTTR) for security incidents and increasing the detection rate of security threats by 30%.
Light & Star USA Inc Feb 2024 – May 2024
Cyber Security Analyst Intern New York
• Spearheaded the implementation of a Splunk platform to centralize log data from firewalls, intrusion detection systems (IDS), and web servers. This streamlined security operations and facilitated real-time threat correlation.
• Used Nessus 10.3 and OpenVAS to identify vulnerabilities across the IT infrastructure, including high-risk vulnerabilities like SQL injection and remote code execution (RCE).
• Analyzed network protocols and identified vulnerabilities, leveraging CloudShark to pinpoint anomalies in 85% of suspicious traffic patterns, preventing potential exploits and ensuring protocol compliance.
• Enhanced detection of DDoS attacks, reducing impact by 40% through the deployment of advanced Niksun tools and protocols.
Kpit Technologies Aug 2019 – Jul 2022
Jr. Cyber Security Analyst India
• Led the context of Information Security Management, developed and maintained comprehensive incident response standard operating procedures, resulting in a 10% improvement in the efficiency and effectiveness of incident response activities.
• Supported cyber defense operations by collaborating with leadership, including SOC operations, vulnerability management, security engineering platforms (Email Security, Cloud Security, DLP), and application security teams.
• Delivered security solutions for network and cloud environments, leveraging penetration testing (Nmap, Wireshark) and automated monitoring, while championing secure cloud architecture through collaboration with application teams.
• Configured and monitored AWS Config rules to ensure compliance with security best practices and industry standards, such as CIS Controls and NIST, reducing the risk of audit failures and data breaches by 25%.
• Worked closely with cross-functional teams to develop and deploy robust security measures, resulting in a substantial reduction in security breaches and enhanced system availability.
• Partnered with IT, DevOps, and compliance teams to integrate security best practices into the development lifecycle, reducing security vulnerabilities in code releases by 40%.
• Reduced manual intervention by 50% by developing automated scripts and workflows for routine security tasks, such as log analysis and threat intelligence correlation. Zensar Technologies Jan 2017 – Jul 2019
Network & Security Analyst India
• Conducted security assessments of web applications using tools like OWASP ZAP and Burp Suite, identifying and mitigating vulnerabilities such as XSS, SQL injection, and CSRF, enhancing platform security by 30%.
• Designed, configured, and troubleshooted Cisco routers, switches, and firewalls, improving network reliability and reducing network downtime by 25%.
• Directed over 200 vulnerability assessments across applications and networks, resulting in the remediation of 95% of critical vulnerabilities within SLA timelines, significantly lowering the attack surface.
• Utilized Wireshark to analyze network traffic, identifying and investigating 5 suspicious activities, mitigating 3 potential security incidents, preventing potential data breaches, and minimizing system downtime.
• Employed NAT solutions to support a wide range of use cases, including site-to-site VPNs, remote access, and load balancing, resulting in a 25% increase in network flexibility and scalability.
• Involved in Switching Technology Administration, including creating and managing VLANs, Port security, Trunking, Inter-VLAN routing, and LAN security.
• Performed troubleshooting analysis to identify system failures and correlate events, pinpointing the root cause of hardware and application issues leading to increased operation speed by 20%.
• Worked on static and dynamic routing protocols like RIP, EIGRP (Variance, unequal cost load balancing), and OSPF.
CERTIFICATE
CERTIFICATIONS Certified in Cybersecurity(CC) – ISC2 April 2025 - April 2028
Contact this candidate