SUMMARY:

Cyber Security analyst with the ability of ensuring technical security planning, testing verification and risk analysis. Capable of providing technical resolutions and guidance while monitoring risk management and compliance in order to strengthen the information systems security and controls.

KEY COMPETENCIES:

Management:

• Implement standardize training/operations procedures for access control to installations.
• Determine and justify security requirements.
• Ensure that security operations center for Thursday - Sunday shift operates properly.

Monitoring:

• Investigate potential or actual security violations or incidents in an effort to identify issues in areas that require new security measures or policy changes.
• Configure and manage the SIEM infrastructure.
• Conduct network vulnerability assessments using tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.

Strategy Development:

• Research new developments in IT security in order to recommend, develop and implement new security policies, standards, and procedures across enterprise.
• Define, establish and manage security risk metrics and track effectiveness.
• Balance risk mitigation with business needs.

Disaster Recovery:

• Plan and coordinate the testing of recovery support and business resumption procedures while ensuring the recovery and restoration of key IT resources and data.
• Establish disaster recovery testing methodology.

TECHNICAL SKILLS:

• McAfee SIEM
• Symantec Endpoint Protection Manager
• ABSOLUTE( secure endpoints)
• FireEye HX
• TCP/IP protocols
• IPS
• Qualys ( Vulnerability/ compliance scans) virtualization tools
• Splunk
• Linux (khali)
• Virtualization tools and Blue Coat;
• VMware work station
• PHP, HTML, SQL
• Microsoft Outlook

EXPERIENCE:

Confidential, Washington, DC

Responsibilities:

• Security operations center ( Confidential ) for Thursday-Sunday shift in order to ensure that group operates properly.
• Use SIEM technologies and other native tools to perform the monitoring of security events on a 24x7 basis.
• Use the Intel McAfee SIEM to monitor the network and perform analysis, while integrating the results and information needed to proactively protect the Confidential enterprise. This includes developing customized signatures, enterprise content filtering, or firewall Confidential change recommendations.
• Provide security events analysis and support to include identifying potential threat, anomalies, and infections, documenting findings, providing recommendations within the Confidential ’s incident management system, performing triage of incoming security events, performing preliminary and secondary analysis of those events, and validating the events
• Perform technical analyses, such as analysis of malicious code, network traffic, web log data, cyber intelligence, hard drives, and other storage and forensics media, to control exploitative activity.
• Manage inbound requests via the Confidential ticketing system, as well as via telephone calls, and provide security notifications via three methods: logging incident tickets, sending emails, and placing telephone calls.

Analyst

Confidential, Rockville, Maryland

Responsibilities:

• 24x7 operations team
• Perform daily review of system, application logs, and custom monitoring tools
• Knowledge in different port numbers for security measures.
• Proactively monitor and resolve application, system and network incidents.
• Perform tasks using various standard tools, internal ticketing systems and monitoring consoles.
• Manage trouble-ticketing system ensuring accurate and up-to-date information
• Monitor for and investigate suspicious or malicious activity and alerts
• Review Change Management requests for security relevance and impact
• View and analyze each URL & correctly categorize each URL with the correct classification.
• Manage inbound requests, as well as via telephone calls, and provide security notifications via three methods: logging incident tickets, sending emails, and placing telephone calls
• Create tickets on fraud detection for clients in Anti-Fraud ticket management and processing in RT ticketing system.
• Monitor the shutdown board, identify tickets with outstanding uptimes, and escalate up to management for review.
• Perform frequent external and internal clients & vendor communications.
• Monitor Confidential systems functionality, availability and emergency procedures.
• Monitor the Confidential systems and notify the Confidential Management of any outages or issues with the systems that affects productivity.
• Use strong TCP/IP networking skills to perform network analysis to isolate and diagnose.
• (Traceroute, Domain Dossier Email Dossier, NSL lookups- gives us host information, )
• Respond to inbound requests via phone and other electronic means for technical assistance
• Document actions in cases to effectively communicate information internally and to client.
• Resolve problems independently and understand escalation procedure. Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues.
• Report common and repeat problems (trend analysis) to management and propose process and technical improvements.
• Provide resolution plans for system and network issues.
• Perform technical analyses, such as analysis of network traffic, web log data

IT Specialist Technician

Confidential, Rockville, Maryland

Responsibilities:

• Assisted in leading teams of Implementation Team Members ( Confidential ) to deploy, analyze, and configure Dell computers (avg. 200+) for use throughout Montgomery County Public schools and various other educational facilities.
• Trained employees within the schools on the new systems
• Configured technology to client specifications pre-delivery in a controlled environment
• Troubleshoot and improve existing systems and processes with an eye to automate routine tasks