Cybersecurity Analyst
Resume:
Shinitra Jones
Cybersecurity Analyst/Vulnerability Management
Phone: 404-***-**** Email: *********@*****.***
Professional Profile
Cybersecurity professional with 4 years of experience in network and security administration, vulnerability management, threat hunting, incident response, and compliance. Skilled in implementing security controls, performing audits and risk assessments, and reducing organizational risk across networks, endpoints, and applications. Proficient in NIST, COBIT, ITIL, ISO/IEC frameworks, and security tools including SIEM, cloud monitoring, endpoint protection, and vulnerability management solutions. Demonstrated success in enhancing threat detection, streamlining incident response, and improving organizational security posture.
Core Competencies & Technical Skills
Vulnerability Management: CVSS/CVE remediation, KEV tracking, Qualys, Nessus, Metasploit, DISA STIG compliance
Security Monitoring & Incident Response: SIEM (Splunk, Sumo Logic, AlienVault), MITRE ATT&CK mapping, alert triage, incident analysis
Cloud & Network Security: AWS (GuardDuty, CloudTrail, Config), VPC/EC2 logging, firewalls, IDS/IPS, VPNs
Endpoint, Email & Data Security: CrowdStrike, Trend Micro, Microsoft 365 Security, Box Shield, MFA, encryption, DLP
Web & Application Security: Burp Suite, Mozilla Observatory, WAFs, secure coding practices
Scripting & Automation: Python, PowerShell, Bash
Governance, Risk & Compliance (GRC): NIST RMF & 800-series, COBIT, SOX, HIPAA, PCI DSS, ISO/IEC
Tools & Reporting: Jira, MS Office, risk reporting, audit documentation, POA&M tracking
Cyber Security Frameworks:
NIST Cybersecurity Framework (CSF) & 800-series
COBIT
SOX (Sarbanes-Oxley)
HIPAA
PCI-DSS
ISO/IEC 27001 & 27002
Professional Experience
Sharp Decisions, New York, New York Dec 2020 – Present
Cybersecurity Analyst / Vulnerability Management
Identified, assessed, and remediated vulnerabilities across IT systems, networks, applications, and cloud environments using CVSS metrics and Qualys coordinated remediation through Ivanti tickets, achieving approximately 95% critical patch completion within 30 days.
Built and maintained Splunk and Sumo Logic dashboards to monitor authentication, cloud, endpoint, and network security events, improving real-time visibility and supporting threat detection across 100+ log sources.
Responded to AWS GuardDuty alerts and leveraged CloudWatch, CloudTrail and network logs to identify suspicious activity, support incident investigations, and coordinate remediation efforts with ITOps teams, reducing cloud incident triage time.
Supported vulnerability remediation efforts across AWS services including ECS, ECR, and EKS environments, improving ticket resolution efficiency and strengthening cloud security posture.
Conducted threat hunting, and web security assessments using Mozilla Observatory to identify indicators of compromise (IoCs), tactics, techniques, and procedures (TTPs), and potential security weaknesses.
Analyzed security events across CrowdStrike, Box Shield, Microsoft 365 Defender, and email security platforms to identify malicious activity, phishing attempts, credential misuse, remote access activity, and anomalous user behavior.
Investigated user-reported phishing campaigns using KnowBe4 PhishER, Microsoft 365 Defender, Joe Sandbox, and threat intelligence sources to analyze malicious URLs, attachments, malware behavior, and command-and-control (C2) activity.
Monitored and responded to endpoint security alerts including ransomware activity and suspicious behaviors using Trend Micro and CrowdStrike to support threat containment and mitigation efforts.
Participated in Purple Team engagements by identifying vulnerabilities, attack vectors, privilege-escalation paths, and indicators of compromise while mapping activities to the MITRE ATT&CK framework.
Utilized AI-assisted tools (ChatGPT, GitHub Copilot, and API integrations) to support log analysis, script development, and incident investigation workflows, improving efficiency in security operations tasks.
Participated in incident response planning and simulated security exercises to improve response coordination and escalation procedures.
Supported security operations, compliance, and resilience initiatives including MFA enforcement, disaster recovery testing, and audit evidence collection aligned with NIST, PCI-DSS, SOC 2, and ISO 27001 frameworks.
Developed and maintained SIEM detections in Splunk and Sumo Logic for Windows security events, including audit log clearing (Event ID 1102), audit policy modifications (Event ID 4719), brute-force authentication attempts, and CrowdStrike EDR telemetry, to detect log tampering, suspicious activity, and potential anti-forensic behavior, improving incident response visibility and detection coverage.
Supported incident response activities including alert triage, investigation, containment, and remediation of security events across AWS, CrowdStrike, Microsoft 365, and SIEM platforms, reducing response time and improving threat resolution efficiency.
Education
Master of Science – Computer Science, University of Phoenix, Norcross, GA 2015
Bachelor of Science – Computer Science, University of Phoenix, Norcross, GA 2013
Associate Degree – Business, University of Phoenix, Norcross, GA 2009
Certifications
CompTIA Security+ (Certified, 2026)
AWS Certified Cloud Practitioner (In Progress or Certified, 2026)
Blue Team Level 1 (BTL1) – In Progress
Certificate – Networking Specialist, Gwinnett Technical College, Lawrenceville, GA 2020
Certificate–System Administration & Cisco Network Administration, Pacific Institute of Technology, Morrow, GA 2015
Splunk Certified User 6.X
Contact this candidate