CAREER OBJECTIVE:

I have Extensive experience in Security Analysis and Penetration Testing. My goal is to secure a position as a Penetration Tester/ Cybersecurity Analyst with a successful, growing company that requires a highly motivated and committed individual with a passion for programming languages and a desire to innovate.

PROFESSIONAL SUMMARY:

• Knowledgeable of penetration testing, vulnerability assessment, threat hunting, and security program development
• Expert at implementing network security, SIEM tools, new concepts, identity management, new security technologies, securing cloud architecture, and new security controls as well as in developing innovative security controls and processes that meet business and executive requirements in order to protect information.
• Worked on McAfee VSE product for Stop worms, spyware, and viruses, get high - performance security, Lessen damage from outbreaks.
• Managing Security tools DLP, SIEM, Vulnerability scanner and Penetrations test.
• Conducts vulnerability scans and penetration tests to meet PCI requirements.
• Perform penetration testing for internal network and follow-up end to end with security vendor for the web application PT and make sure that vulnerabilities are addressed
• Extensive knowledge of information security principles and practices, understanding of security protocols, standards and defense in depth.
• Vulnerability assessment, penetration testing, Risk assessment, Threat management, Security advisories, compliance audits, IT security assessment.
• Written nmap scanner and multithreaded python program to brute-force an ftp server using password file.
• Conducted onsite penetration tests from an insider threat perspective.
• Expert in installing SPLUNK logging application for distributed environment.
• Performed host, network, and web application penetration tests.
• Developed approaches for industry-specific threat analyses, application-specific penetration tests and the generation of vulnerability reports.

TECHNICAL SKILLS:

SIEM: Splunk security manager, IBM QRadar, LogRhythm

MSS: Vulnerability Assessment, Content Filter, Antispam, IDS/IPS Management

Vulnerability Management Tools: Nessus, Nmap, Nexpose, Wireshark, Fortify

Security Software: Nessus, Ethereal, NMap, Metasploit, Snort, RSA Authentication

PenTest Tools: Metasploit, Burpsuit, NMAP, Wireshark and Kali

Networking: LAN, WAN, Wi: Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Firewalls/IPS/IDS

Routing: OSPF, EIGRP, BGP, RIP: 2, PBR, Route Filtering, Redistribution, Summarization, Static Routing

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS

Operating System: Windows, Linux, Unix

Other Skills: Configure SSL, Configure SSO, Azure, Sharepoint

WORK EXPERIENCE:

Confidential, Reston, VA

Senior Cyber Security Analyst

Responsibilities:

• Researched, managed, and implemented security protection technologies (i.e., firewalls, intrusion detection systems (IDS), data encryption, Biometrics, etc.,) to mitigate systems security vulnerabilities discovered as apart of the DoD Information Technology Security Certification & Accreditation Process (DITSCAP), DOD Directive 8510.1, and Common Criteria/Orange Book criteria evaluations.
• Drafted and tested Systems Security Authorization Agreements (SSAA), Certification Test & Evaluation Plans and Procedures (CT&E), and Security Test & Evaluation Plans and Procedures (ST&E) for strategic and tactical Army computer systems and networks.
• Conducted various security vulnerability assessments (e.g., Patch Analysis, Port Analysis, Malicious Code Analysis, and CERT Vulnerability Analysis,) and documented the results in Certification Reports, Residual Risk Assessment Reports, User Security Policy Manuals, and Standing Operating Procedures.
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Utilize McAfee ePO and Microsoft SCCM for endpoint management.
• Design DLP architecture.
• Made recommendations to Army Commanders on how to mitigate the remaining residual risks by implementing various information security technologies, such as Biometrics, IDSs, Firewalls, Tier'ed Network Infrastructures, and advanced auditing technologies, as well as exploitation of emerging IPv6 advanced authentication and data security capabilities.
• Generate security reports utilizing enterprise security systems such as McAfee ePO.
• Rapidly designed. deployed, and implemented cyber capabilities cloud solution featuring multi-tenancy using the HP Cloud System Matrix Suite
• Use Splunk Enterprise Security to configure correlation search, key indicators and risk scoring framework.
• Documentation regarding DLP administration, scanning, reporting, and remediation.
• Developed cyber capabilities cloud catalog using industry-standard tools including: HP ArcSight, AlienVault, HP Fortify, Metasploit Pro, Kali, Back Track, Nessus, Nagios, Snort, Santoku, Zero Wine and many more
• Experienced in working with Splunk authentication and permissions and having significant experience in supporting large scale Splunk deployments
• Joined Tek Cel Systems as an intern, worked on in-house projects
• Ensuring all lab Production machines are up to date with respect to windows patches and McAfee updates.
• Symantec DLP and RSA DLP architecture and implementation for enterprise level companies.
• Developed vulnerable test environment for training and testing of various cyber capabilities
• Designed and integrated custom wireless intrusion detection system using Open Source components
• Managed security incidents resulting from Splunk and third-party alerts, including investigation and remediation.
• Installing and Troubleshooting McAfee 8.8, ePO 4.5
• Developed and implemented custom disaster recovery drill, including simulation test
• Supported development team migration to Scrum from Waterfall methodology. Decreased deployment time of new capabilities by 30%.
• Configuration, troubleshooting, and management of Websense Data Security (DLP).
• Install/Configure/Deploy Penetration testing
• Managed security incidents resulting from Splunk and third-party alerts, including investigation and remediation.
• Kali Linux - Network reconnaissance, with password cracking tools (hydra, ncrack)
• Maltego - Web application reconnaissance and information gathering
• Implementation of DLP.
• Burp Suite - Vulnerability testing (SQL/XML/HTML injection, enable SSL/HSTS)
• The Harvester - Email scraping using Google and Shodan as SE
• ZAP - Web application vulnerability testing.

Confidential, Ashburn, VA

Cyber Security Analyst

Responsibilities:

• Monitor/Analyze Internal/External logs
• Malware Analysis - run and examine malware on isolated networks using Qubes OS/Qemu
• Install/Configure IDS’s such as Snort/Squil
• Produce a Cyber Threat Mitigation Report on a monthly basis that is read by all IAMs that support BMDS
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Analyze intelligence products to evaluate, confirm, and mitigate cyber security threats relevant to the missile defense mission.
• Use Splunk Enterprise Security to configure correlation search, key indicators and risk scoring framework.
• Provide technical analyses and course of action in response to emerging and persistent cyber threats.
• Provide Information System Security Engineering (ISSE) services to large-scale systems integration of missile defense systems.
• Installing, patching and maintaining McAfee EPO 5.X and DLP, utilizing McAfee Orchestrator, and able to deploy DLP and reporting and working knowledge in ENS 10
• Monitoring the network for suspicious activity using various tools splunk.
• Configured, setup and installed agents on Trend Micro, Deep Security, ArcSight, Nessus and monitored events on Deep security and AWS consoles.
• Utilized Windows, Linux RedHat and Centos to troubleshoot the various networks from VM’s and RDC.
• Implemented multiple tools including Symantec DLP, and QRadar SIEM.
• Utilized Splunk to monitor and analyze Metadata throughout various networks
• Interacted with Amazon Web Services through integration of TrendMicro and Deep Security software
• Analyzing user's browsing activities through Splunk tool and Mandiant.
• Received two AWS accreditations through CGI
• Troubleshooting issues related to McAfee ePO servers (5.x), VSE 8.x and HIPS.
• Performed as a core-authorized member of the Nuclear Safe Guards Information, Critical Group and DST for the 10 CFR 73.54 CS Project.
• Support the Nuclear sites in network software engineer testing with HPLoad Runner and issue resolution related to cyber security programs.
• Managing all client systems from endpoint perspective using McAfee ePO tool which includes managing Agent, VSE, pushing client tasks, managing ODS & OAS scans
• Conceptualize and implement DLP Program and policies.
• Performed with Corporate Nuclear Security in procedures writings, in support of plant operations and Cyber Security technical decisions.
• Worked on McAfee VSE product for Stop worms, spyware, and viruses, get high-performance security, Lessen damage from outbreaks.
• Coordinates with IT and Nuclear site teams to implement and administer the NRC/ FERC/ NERC mandated cyber security programs.
• Perform Cyber assessments as required by the NRC/ FERC/ NERC mandated cyber security programs (with NEI/ NIST/ FIPS).

Confidential, San Francisco, CA

Penetration Tester

Responsibilities:

• Performed risk assessments to ensure corporate compliance
• Developed and prepared audit program and agenda's
• Install and manage Symantec DLP for testing in the environment for security compliance.
• Conducted security event monitoring for corporate wide in-scope applications
• Performed application security and penetration testing using Rational Appscan
• Expert in installing SPLUNK logging application for distributed environment.
• Managed the quarterly employment verification process
• Antivirus McAfee Virus Scan Enterprise, Symantec, Endpoint Protection Suite
• Creation, development, and/or restructuring of DLP programs from conception to fully perational state.
• Conducted onsite penetration tests from an insider threat perspective.
• Penetrated DoD network defense mechanisms externally utilizing various methods and techniques (withheld for operational security).
• Designing architecture, implementation and Troubleshooting Cyber Security solutions like Mcafee, HP ARC SIGHT SIEM, IBM Q Radar and Splunk Solution
• Network and host DLP monitoring and logging.
• Analyzed malware behavior, network infection patterns and security incidents in defense of U.S.
• Analyzed approximately 10 classified network security intelligence reports on a daily basis.
• Produced advisory reports regarding 0-day exploits, CVE vulnerabilities, current network
• Researched and analyzed known hacker methodology, system exploits and vulnerabilities to support Red Team Assessment activities.
• Monitor and investigate SOC incidents and alerts with McAfee EPO
• Experience with architecting Symantec DLP Platforms.
• Created written reports, detailing assessment findings and recommendations.
• Provided oral briefings to leadership and technical staff, as necessary.
• Provided occasional, assistance with the development and maintenance of internal Red Team methodology, to include training program.
• Experience analyzing Symantec DLP events and reports.
• Responsibility for policy configuration for all the McAfee components and the same is deployed to the clients.
• Performed risk assessments to ensure corporate compliance
• Developed agenda for quarterly audit program
• Experienced in working with Splunk authentication and permissions and having significant experience in supporting large scale Splunk deployments.
• Conducted security event monitoring for corporate wide in-scope application
• Responsibility for policy configuration for all the McAfee components and the same is deployed to the clients.
• Performed application security and penetration testing using Rational Appscan Managed the quarterly employment verification process