We provide IT Staff Augmentation Services!

Security Operations Tier 3 Analyst/senior Security Tools Engineer Resume

SUMMARY:

  • Highly Motivated IT Professional and Cyber Security Specialist.
  • Experience in Financial Services industry, Federal, and Local Government.
  • Recently completed my Masters of Science Degree in Cyber Security.
  • Flexible, diplomatic and patient. Consistently maintains a positive attitude and strong work ethic.

PROFESSIONAL EXPERIENCE

Confidential

Security Operations Tier 3 Analyst/Senior Security Tools Engineer

Responsibilities:

  • Administrator of Tripwire IP360 and Tenable Continuous View for network vulnerability assessments. The role includes scanning all networked devices for patch levels, working with engineering to remediate vulnerabilities and report to the CISO for CMS sending out daily, weekly and monthly reports. The position also requires creating and maintaining dashboards for various teams to show pertinent scan data.
  • Administer of Cisco Firepower appliance. The role includes updating the console and appliances, creating users accounts, signature - based policies, maintaining appliance file systems for space via secure shell and running training sessions with the SOC on how to use Snort ID’s to review security events. I have also worked with the vendor to purchase a new management console with four appliances and over saw the project to move from span port running in IDS mode to inline running in IPS mode. With the old appliances, I oversaw installing and testing Advanced Malware Protection.
  • Administer of Websense web proxy. For this tool, I maintained the policies of the proxy, restarted services on the management consoles server and maintained the four appliances that were the web content gateways.
  • Administer of Bluecoat web proxy. I oversaw replacing our WebSense tools for Symantec’s Bluecoat solution. The role required me to install and administer the management console, reporter, and two appliances. I maintain the policies of the gateway and run maintenance via secure shell.
  • Backup administer for TrendMicro Deep Security. Duties include pushing out clients and testing features in the environment such as FIM. Before implementation, it took Deep Security training and became a Deep Security Certified Professional through TrendMicro.

Lead SOC Analyst.

  • Used FireEye to scan the network for malicious software and access signatures, WebSense to track web traffic history and Firepower IDS for network attacks such as Shellshock, Heartbleed, and SQL injection attempts.
  • Monitored the network with SolarWinds and SteelCentral for network outages. All outages are reported to our ISP through OSL notifications .
  • Performed technical interviews for new NOC/SOC employees for the Ventech Solutions and reported to CMS on security issues for weekly security calls.
  • Created Splunk queries to search for exploit attempts the company was not currently considering. Used dashboards to run searches automatically.
  • Used Remedy and then Service Now as a ticketing system. Receiving tickets from management for investigation of possible Personally Identifiable Information violations.
  • Created proposal to in corporate a Data Loss Prevention to prevent PHI/PII violations.
  • Periodically worked off site at Raging Wire data center to maintain servers including installing and configuring security appliances.
  • Created and implemented workflow and QA process used by SOC.

Confidential

Internal Network Security

Responsibilities:

  • The position was that of a Golden Key Holder, with highest security clearance of all associates within the company .
  • Used HP's ArcSight to verify work done by network administrators, checking over SSH sessions using EPV system.
  • Implemented DLP (Data Loss Prevention) program, set up filters and monitored communications throughout the company as well as egress communications looking for theft of data.
  • Created use cases for various alerts such as privileged group monitoring which the SIEM checked AD/Citrix/VDI for users joining admin groups. Also, monitored Keon Platform Security where a user would successful log-in after a succession of failed attempts to a Unix system.
  • Implemented use of Splunk queries into automated Privileged Session Monitoring use case. Process reduced the number of analysts working on use case from ten a day to three saving the company $400,000 yearly.
  • Led training clinics with new users for the various use cases run by the SOC.

Confidential

Network Administrator/Help Desk

Responsibilities:

  • Position was that of an intern for college credits
  • Installed Confidential 's new ESXi servers and SAN. Transferred old ESXi server and SAN to a data disaster recovery location. Replicated data with VMotion.
  • Implemented SonicWall virtual spam filter for the county's email to replace the physical filter.
  • Worked on other various projects such as joining the Treasury Department to the county domain, deploying the new Traffic/Criminal software available in all sheriff vehicles and updating county XP machines to Windows 7 while preserving user data.

Confidential

Network Administrator

Responsibilities:

  • Network administrator of the city of Oneida and shared technician for Morrisville and Camden School districts.
  • Duties included but not limited to maintaining server availability, campus connectivity, hardware/software maintenance and employing strong people skills.
  • Assisted System Operators in Active Directory administration and maintained proper record keeping through the ticketing system.
  • Projects included campus-wide network imaging of End-Of-Life systems and campus rewiring to increase reliability and safety.
  • Pursued certifications Netware and Windows XP offered through the Regional Information Center.

Hire Now