It Security Analyst Resume
4.00/5 (Submit Your Rating)
TECHNICAL SKILLS
- Microsoft Servers and Office (Word/Excel/PowerPoint/Explorer)
- Confidential z/OS Mainframe REXX, SAS, JCL, TSO, ISPF/DM, VSAM, Syncsort, FTP and CD, SAR, Confidential Utilities, CA - 7, CA-TopSecret (RACF), SAR, JCLCHECK, IOF, Easytrieve
- Various COTS Products on Multiple Platforms
- Server log monitoring/retrieval via LogLogic, SecureWorks
- BMC - Remedy
- Internet Web Browsers; Unix interfaces; PC Maintenance
- COBOL, DB2, SQL read only
PROFESSIONAL EXPERIENCE
IT Security Analyst
Confidential
Responsibilities:
- Created interactive TSO/ISPF security monitoring application tool to automate batch job reporting and violation tracking (used date/type keyed PDS member names for database records) using REXX and SAS Base. The tool queried CA-Top Secret activity, violations data and recovery data to create violation tracking records and emails. This tool reduced time required to perform daily monitoring tasks from a full day down to 30 minutes. It also read and summarized Syslogs for quick review, sent users and account owners status of their TSO/batch ACIDs, created weekly & monthly SAS graphs for trending, backed up daily data in GDGs for historical reporting, and also ran monthly Baseline Security Configuration reports (included DB2-SQL extracts). I wrote 60,000 lines of REXX, JCL/utilities, ISPF panels and SAS Base code to complete this project.
- Responsible for handling internal and external security audits to ensure corporate SOX compliance. No audit failures during my tenure.
- Performed security investigations and incident response tasks by querying UNIX or Windows servers logs using LogLogic.
- Performed administrator tasks for SecureWorks log monitoring created mainframe security reports to monitor and track FTP and CD transmissions.
- Assisted CICS end users with their transaction (OTRAN/PPT) access issues.
- Prepared MS-PowerPoint overview presentations for upper management, Risk Management and auditors that explained mainframe monitoring procedures and identified inputs and outputs.
- Created tools to interact with mainframe COTS products (SAR) and Confidential utilities to simplify data collection for audits
- Monitored account changes to validate user roles and privileges using Active Directory.
- Trained junior staff to run daily operations.
IT Security Analyst
Confidential
Responsibilities:
- Responsible for user access account creation, access privilege assignments and account maintenance across platforms (UNIX, mainframe/CA-Top Secret, Windows/Active Directory); security access administration.
- Security incident response.
- Created interactive processes to expedite with 100% accuracy external user account creation on the mainframe & Unix.
Application Tester / Quality Assurance
Confidential
Responsibilities:
- Responsible for validating new application software and execution of test cases.
- Redesigned/rewrote mainframe automated batch scheduler to execute without user intervention. The updates reduced the elapsed processing time from 3 days to 4 hours. New tool created and edited test bed data to allow for cyclical application processes.
- Participated in review meetings with analysts and developers to address findings.
- Created tools to assist with creation of test bed data, eliminating the potential for errors created by human intervention.
- Performed RACF field administrator tasks Confidential Department level.
Application Developer / Production Support
Confidential
Responsibilities:
- Responsible for application production support 24x7 on call and tier 2 application support including COBOL, JCL PROC updates, and data integrity validation
- Created and updated automated in-house tools supporting application software configuration and release library management. Utilized combination of clist/REXX, TSO ISPF, JCL, and Confidential utilities to track and promote software across all stages of lifecycle support. I also added an option to execute JCLCheck utility to create composite report for release component.
- Created interactive tools to simplify use of COTS software.
- Interrogated SAS-MICS system data to instigate application program performance and tuning efforts, eliminating batch processing bottlenecks and teaching COBOL coding efficiencies across departments.
- Performed RACF field administrator responsible for user ID’s, profiles and access controls Confidential the Division level.
- Wrote ad hoc REXX code to rewrite and re-compile 60,000 COBOL programs to change INCLUDE statements to COPY statements when this shop converted from LIBRARIAN software to PDS files.