Sr. Cyber Security Specialist Resume Sr. Cyber Security Specialist - Hire IT People

SUMMARY:

13+ years in the Cyber Security field.
IDS analyst, Security analyst, Incident Response Analyst, IT Specialist, Security Administrator, Threat Intelligence Analyst

SKILL:

IDS/IPs: Mcafee ESM, Checkpoint, Mcafee NSM, Imperva WAF

SIEM: Mcafee ePO Ocrchestrator, Symantec Sepm, Splunk, Netcool/Omnibus

Vulnerability and Penetration Testing: Nessus, Qualys, nmap

Forensic/Malware: Netwitness/RSA Security Analytics, Mandiant, Encase, Wireshark, FireEye

Security Standards/Guidelines: FISMA, HIPAA, NIST

Threat/User Management: Triton/Websense, Blue Coat Reporter, Active Directory

Asset Management: Confidential BigFix

Ticketing System: Service Now, Remedy, HPSM, RT

Collaboration: SharePoint

JOB HISTORY:

Confidential

Sr. Cyber Security Specialist

Responsibilities:

Monitor various security tools to identify potential incidents, network intrusions, and malware events, etc. to ensure confidentiality, integrity, and availability of VA architecture and information systems.
Review and analyze log files to report any unusual or suspect activity.
Utilize incident response use - case workflows to follow established and repe Confidential ble processes for triage and escalation.
Generate trouble tickets and perform initial validation and triage to determine whether incidents are security events, using open source intelligence (OSINT).
Follow established incident response procedures to ensure proper escalation, analysis and resolution of security incidents.
Report incidents to Confidential and provide detailed information.
Analyze and correlate incident event d Confidential to develop preliminary root cause and corresponding remediation strategy.
Provide technical support for new detection capabilities, recommendations to improve upon existing tools to protect the VA network.

Confidential

Senior Security Analyst

Responsibilities:

Monitor various network defense devices for possible intrusion attempts.
Review intelligence reports from various agencies and reliable external sources to find IOCs.
Upload malicious hash values to the security platform (IPS, FireEye).
Quarantine the machines with suspicious behavior and initiate triage.
Analyze risks detected by AV solution and initiate AV scans upon the machines.
Address phishing/spear phishing attempts.
Run vulnerability/compliance scans and provide reports to the patch management team.
Evaluate user’s software requests for possible vulnerabilities in the requested software.
Engage proxy/firewall team to implement blocks upon suspicious IPs/Domains.
Compile shift report for the upper management.

Confidential

Enterprise Security Administrator

Responsibilities:

Review IDS logs to detect anomalies and malicious behavior.
Assess vulnerable assets and take appropriate steps to mitigate the risk, according to the agency guidelines.
Log security events in internal ticketing system for team and management review.
Review intelligence reports from entities.
Recommend firewall, web proxy blocks.
Train new hires to understand the tools and environment.
Upgrade IDS rules utilizing secure terminal.
Assisted in the creation of the SOP’s.

Confidential

Security Analyst

Responsibilities:

Assist users with spam related issues.
Submit malware samples to the AV Team and subsequently notify AV vendor.
Monitor the network devices to maintain the uptime for the devices such as D Confidential base Servers, Exchange Servers, Firewall Appliances, Routers, and Switches.
Recommend Firewall rule sets to avoid possible network abuse and breach.
Depending on user requirement and instructions from the management, make possible changes to the web proxy settings.
Identify and analyze reported websites and categorize the websites accordingly.
Review Threat intelligence reports and create a list of the IOCs for the federal management review and possible changes to the agency’s security posture.

Confidential

Sr. SOC Analyst

Responsibilities:

Review security alerts from customer’s abuse inbox, webserver logs, and process various feeds from multiple partners
Detect and perform administrative/technical shutdown of the fraudulent activities, including Phishing/Spear Phishing, Malware, Brand Infringement, Vishing, Smishing, Botnets, Fast Flux phish attacks.
Client base included well known entities and various other financial organizations around the globe.
Worked against Brand Infringement and counterfeit websites. Client base included new balance, True Religion Jeans etc.
Course of actions included reaching out to the ISPs, domain owners, server admins, webmasters Computer emergency response teams and Law enforcement agencies to terminate fraudulent activities within their perimeter.
Send notifications to browser partners Microsoft, Firefox and others to fraud cast fraudulent URLs.
Communicate with customers to provide informational updates and deliver exceptional service quality.
Prepare daily reports for the management and customers.