We provide IT Staff Augmentation Services!

Systems Security Analyst Resume

4.00/5 (Submit Your Rating)

Ashburn, VA

SUMMARY:

  • At GMU, I am trained to lead, solve problems and to contribute to mission - critical assignments in the Information Security.
  • I am capable of troubleshooting network performance, maintaining and enforcing security policies.

TECHNICAL SKILLS:

  • Familiar with Wireshark, ArcSight, SourceFire, Fireeye and other Security Tools
  • Knowledge of Virtual Machine and Virtual Application systems
  • Triage analysis using open source tools to prepare reports and implement mitigation
  • Basic understanding of vulnerability assessment tools such Tenable Nessus as vulnerability scanners and exploitation frameworks
  • Experience working in a Security Operations Center (SOC) or enterprise network environment
  • Understanding of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM and AV
  • Ability to read and interpret PCAP data
  • Experience with SIEM platforms (Arcsight, Splunk, Securiy Center) including creating channels and reports
  • Familiarity with web based attacks, attack vectors and exploitation and common mitigation controls and system hardening

PROFESSIONAL EXPERIENCE:

Confidential, Ashburn VA

Systems Security Analyst

Responsibilities:

  • Validate systems compliance with the security controls as defined in the SSP
  • Perform a Security Controls Assessment (SCA)
  • Review all SA&A related documentation for each information system listed in CSAM to ensure compliance, quality, completeness, and validity related documentation (Privacy Threshold Analysis, Privacy Impact Assessment, General Tab information …), to include: System Mission/Purpose System Characteristics Role Based Access Control matrix
  • Process Flow Diagram, Network Diagram, Technical Description review, Appendices information Point of Contact information Status Tab information and POA&M activities
  • Analyze the findings from the SCA and quantify results
  • Perform validation testing in CSAM Generate residual risk reports in CSAM
  • Forward residual risk report to Information Systems Security Program Manager (ISSPM)
  • Have solid experience in developing solutions that satisfy Federal, legal, and regulatory requirements (FISMA, GISRA, OMB and NIST guidance and regulations)
  • Have strong technical skills and understand: information systems, network protocols, firewalls, IDS systems, vulnerability scan reports, etc.
  • Work with end users to define identify business procedures and establish documentation needs for hardware and software.
  • Analyze IT project requirements to determine types of documents needed.
  • Collaborate with systems and development staff to collect and interpret technical information.
  • Research, evaluate, and recommend new documentation tools and methods in support of documentation improvement effort as needed.
Confidential, Washington DC

SOC Analyst, General Dynamics

Responsibilities:

  • Information Technology Infrastructure Library (ITIL) incident, problem, change, and availability management.
  • Monitor the Arcsight High Confidence Channel and identify alerts that are prospective security incidents. Create Tickets and provide further information as required for further investigations.
  • Monitor Phishing/SPAM mailboxes and identify E-mails that require further evaluation and escalate if necessary.
  • Monitor Sourcefire for IDS alerts of interest.
  • Utilized SIEM analysis tools such as ArcSight, McAfee ePO, SourceFire, FireEye, Fidelis, etc.
  • Process Block Requests.
  • Analyze malware on Out-of-Band (OOB) system to identify host and network-based characteristics useful in identifying infected systems and/or block future malicious activity.
  • Analyze e-mails identified as possible security issues. Analyze e-mail characteristics, make security recommendations to block or re-direct Coordinate with SOC Leads and/or managers.
  • Review Open Source Intelligence Sites, authorized government intelligence sources, and identify information that can be utilized to increase monitoring capability or increase Situational Awareness.
  • Based on monitoring and analysis activities, take necessary action such as Tickets creation, firewall/proxy blocklist recommendation, E-mail block/re-direct recommendation, monitoring content recommendation, or other similar actions.
  • Perform host-based analysis on workstations.
  • Investigates potential incidents/intrusions, follows up on post incident actions.
  • Ensuring integrity and confidentiality of sensitive data
Confidential, Arlington, VA

IT Systems Analyst

Responsibilities:

  • Active monitoring of servers and daily performance of computer systems.
  • Worked as part of a team to provide NOC support to the customer on a 24x7 schedule.
  • Analyze, investigate, and document any unusual network traffic between multiple sites with the use of SIEM tools and other software tools to pinpoint issues.
  • Proactively administer Electronic Access and Monitoring tools (management, development, implementation of enhancements as well as testing software upgrades of the tools).
  • Monitor the system for security related events and escalates notifications to Asset Owners to resolve alerts.
  • Conduct investigations to understand the root cause of the incident and recommend appropriate remediation plan
  • Utilized SIEM tools such as SolarWinds and firewall/proxy logs for intelligence gathering
  • Research, analyze and troubleshoot compliance and security issues.
  • Escalate any abnormal activity to security, upper management, DISA and Government contacts.
  • Protect network and device configurations, and defend against malicious activities.
  • Ability to recognize the common surveillance, exploit, and techniques used in the incident.
  • Experience with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture (Wireshark), Host-based security, Network security.
  • Incident Response and Handling.
  • Apply firmware and software updates to network and transport components
  • Support of incident reports by troubleshooting, repairing, and/or reconfiguring network and transport services
Confidential, Fort Belvoir, VA

IT Specialist

Responsibilities:

  • Recommend a course of action on each incident. Creates, manages, and records all actions taken and serve as initial POC for Events of Interest reported both internally and externally
  • Investigates potential incidents/intrusions, follows up on post incident actions
  • Consults with investigative/enforcement entities on declared incidents
  • Utilizes software and hardware tools and identifies and diagnoses complex problems
  • Experience working with logging systems and SIEM platforms (Splunk), IDS monitoring/analysis with tools such as Sourcefire and Snort
  • Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS)
Confidential, Sterling Virginia

IT Specialist

Responsibilities:

  • Provided technical support, including identifying problem incidents with their subsequent resolutions.
  • Assisted company personnel with desktop operation, including both hardware and software
  • Provided employee training and instructions regarding basic operation of software and hardware, technical support and quality standards.
  • Experience working with vulnerability assessment tools such Tenable Nessus as vulnerability scanners and exploitation frameworks
  • Anti-Virus (AV) software

We'd love your feedback!