SUMMARY:

• Experienced Cyber Security Professional with skills ranging from Windows Forensics, network infrastructure, and Incident Response as well as SOC team development.
• Understanding of Microsoft Windows and Linux operating systems and command line tools.
• Network monitoring experience (packet/protocol analysis).
• Knowledge of and ability to identify web attack vectors, host compromise, and malware injection techniques.
• Ability to work independently or with a team, prioritize tasks, effectively manage time to ensure customer SLA’s, and expectations are met.
• Excellent communication (oral and written), interpersonal, organizational, and presentation skills.
• Knowledge in current security threats, trends, and mitigations.
• Able to multi - task, prioritize, and resolve multiple inquiries at once.
• Experience conducting Data Leak Prevention operations.
• Ability to read and understand system data including, but not limited to: security event logs, system logs, proxy logs, network traffic logs, and firewall logs.
• Bilingual: native English and can communicate effectively in Spanish.

PROFESSIONAL EXPERIENCE:

Security Analyst

Confidential

Responsibilities:

• Monitor security threats and vulnerabilities, malicious attacks and was a liaison for Confidential Corporate security.
• Perform incident response, security analysis, event investigation and problem resolution on internal cybersecurity incidents.
• Utilize incident response tools and security device logs to review security event replays to ensure the security and integrity of all Confidential assets
• Initiate internal security incident notifications, case tracking management, recovery and remediation
• Develop and document process and procedure documentation.
• Provide incident handling or coordination of malicious or anomalous cybersecurity incidents.
• Maintain situational awareness and research potential threats and vulnerabilities to be proactive against possible attack vectors by blocking vetted IP or host names.
• Perform security analysis and remediation against all phishing emails hitting Confidential .
• Perform on-call duty to help in the resolution of security incidents
• Assist with the evaluation and implementation of new products and services
• Utilize Arcsite and Splunk SIEM tools to review security logs to analyze security event replays as well using FireEye to investigate malware risks and assess damage.

Sr. Analyst

Confidential

Responsibilities:

• Monitor real-time status of internal and customer security events and systems to determine operational status and performance
• Perform security analysis, event investigation and problem resolution on internal and customer security equipment and systems
• Utilize Arcsite and LogRythm SIEM tools to review security device logs to analyze security event replays, customer reports and real-time data monitors to ensure the security and integrity of customer data
• Initiate internal and customer security incident notifications, case tracking management, recovery and remediation
• Develop, define and generate customer security reports
• Provide Tier III security event analysis support providing to identify malware infections, data loss prevention, bruteforce attacks and general log interpretation interpretations mitigation and root cause analysis.
• Assist Engineering with installation, configuration and maintenance of security equipment for customer networks and services
• Train Security Operation personnel on security analysis tasks
• Perform on-call duty to help in the resolution of security incidents
• Assist with the evaluation and implementation of new products and services

Sr. Analyst

Confidential

Responsibilities:

• Manage implementation of McAfee ePO and VirusScan;
• Troubleshoot communication issues with Windows clients and servers.
• Provide reporting and metrics on trends and risk levels within the environment.
• Assist in the integration of McAfee products including SIEM into the enterprise.
• Operate and maintain endpoint encryption tools;
• Investigate security incidents and actively participate in all stages of incident response- Preparation, identification, containment, eradication and lessons learned.
• Assist in scheduling of vulnerability assessments;
• Assist in the operations of Data Loss Prevention tools.
• Contribute to the certification and accreditation of systems using industry leading vulnerability tools.
• Work with Network Operations staff on secure design and monitoring of Confidential assets using Security Incident Management Tools
• Assist in design and testing of new security technologies

Cyber Security Analyst

Confidential, Greenwood Village, CO

Responsibilities:

• Examine and correlate raw data from IDS/IPS sensors to gauge threat levels and mitigate risk.
• Analysis of firewall and proxy logs for evidence of suspicious activity leading to effective incident remediation.
• Development of Splunk dashboards allowing for further visibility into the current environment, allowing for a deeper understanding of as-is risk and risk mitigation techniques.
• Researching and investigating new and emerging threats in order to create actionable intelligence in the form of IOCs.
• Primary analysis roles include full incident response from discovery to remediation.
• Working knowledge of Splunk, ISS Site Protector, Netwitness, Palantir, Mandiant, FireEye, EnVision, Landesk, Archer, Remedy, and Webpulse, Proofpoint, Active Directory, Carbon Black and Imperva WAF
• Analyzed malware for indicators of compromise on Confidential assets using analysis tools Netwitness, Palantir, Mandiant, FireEye, ThreatStream and Isight.
• Supported Confidential ’s Phishing Inbox and analyzed E-mail for potential threats and vulnerabilities
• Maintained availability, integrity and confidentiality of client information by ensuring appropriate standards are following Confidential ’s security policies.

Intrusion Detection Analyst

Confidential, Greenwood Village, CO

Responsibilities:

• Maintained ISS Site Protector Security signatures across the Confidential Enterprise
• Implemented new ISS Protector Security signatures on multiple platforms throughout Confidential ’s Network
• Analyzed anomalies and threats of compromise examining ISS Site Protector Console acting as a First Responder before the Security Operations Center was developed.
• Investigation of HIDS and NIDS alerts and events to provide analysis of the threat landscape.