SUMMARY:

Security Analyst, experienced in Penetration Testing/Red Team, Incident Response, Information Security, Network Security, Vulnerability Assessments, and Systems Engineering.Continually learning and completed several Industry

CORE COMPETENCIES:

• Penetration Testing / Red Teaming
• Kali Linux, Metasploit, Burp Suite, SQLi, XSS, dirbuster, sqlmap, meterpreter, msfvenom, exploit, Privilege Escalation
• Vulnerability Scanning: Nessus, Nexpose, OpenVAS, nmap, Metasploit, Burp Suite, HP WebInspect
• Security Architecture
• Traffic Analysis: WireShark, tcpdump
• OSINT: dig, nslookup, netcraft, dnsenum, domaintools, whois, mxtoolbox, google, etc
• IPS: Palo Alto, FireEye NX, Snort
• SIEM: Splunk
• Firewalls: Palo Alto, Cisco ASA
• HBSS: Cylance, Symantec (SEP), SentinelOne
• Email Security: FireEye EX
• Security Impact Analysis
• Information Security
• Incident Response
• Linux, Windows, and OS X Operating Systems
• Some scripting experience (Bash, Python, PowerShell)
• Cloud Integrations
• Data Networks
• Encryption, PKI
• Data Center

PROFESSIONAL EXPERIENCE:

Confidential, Chantilly, VA

Senior Cyber Security Analyst

Responsibilities:

• Conduct Red Team exercises for certain Applications/Objectives
• Key Accomplishments:
• Uncovered issues with Palo Alto Firewall DMZ setup allowing attacks to enter web servers
• Worked with team to implement Inbound Inspection and IPS vulnerability protection.
• Uncovered issue with Information Disclosure on a Public webserver that allowed enumeration of all employees’ account information and names.
• Demonstrated vulnerability of PowerShell script execution in the environment
• Set up regular Shodan monitoring and discovered devices that shouldn’t have been exposed to the Internet.
• Demonstrated USB password attacks using Bash Bunny to start process for USB restrictions.
• Created DNS Threat Hunting searches in Splunk
• Set up Palo Alto attack Dashboard Panels in Splunk
• Set up regular geo - targeted monitoring
• Obtained access to Nessus reports and SolarWinds for SOC and trained engineers.
• Perform regular audits of Firewall rules
• Participate in Security Designs for new projects
• Review, update, and develop documentation
• Review firewall changes

Tools: nmap, Shodan, Kali, Metasploit, Burp suite, Nessus Security Center, Palo Alto IPS/Firewall, FireEye EX and NX, Splunk Enterprise Security, Cylance, Symantec Endpoint Protection (SEP)

Confidential

Senior Cyber Security Analyst

Responsibilities:

• Set up SafeBreach automated Penetration Tests and reviewed results with System/Network owners to improve Security Architecture and Processes
• Provided Security Incident Response and Analysis
• Researched complex Security incidents across the Enterprise and Cloud
• Set up monitoring alerts and dashboards in Splunk
• Regularly reviewed Threat Intelligence (DHS, InfoBlox Active Trust)
• Conducted Security Impact Analysis for Change Requests
• Set up tools to perform continuous monitoring
• Reviewed firewall changes to ensure adherence to Policies
• Tools used: SafeBreach PenTest, Nessus Security Center, Sentinel One Endpoint Protection, Splunk, Palo Alto NGFW/IPS, EnCase, PhishMe, SolarWinds, Windows ATP, SCCM, VirusTotal

Confidential, Vienna, VA

Senior Information Security Analyst

Responsibilities:

• Performed Vulnerability Assessments for Confidential infrastructure, cloud, and software projects
• Studied system design documentation to find Security Vulnerabilities
• Used Vulnerability assessment tools (Nexpose, nmap) to find Vulnerabilities and perform continuous monitoring
• Demonstrated exploits to developers
• Worked with project teams on fixes and to verify remediation
• Used Dynamic (HP WebInspect) and Static Source Code (HP Fortify) scanning tools and analyzed output to find vulnerabilities
• Performed Security Impact Analysis for firewall changes and server builds
• Performed Device Penetration testing
• Developed Firewall Policies standard
• Assisted with SOC escalations

Confidential, Vienna, VA

Network Security Engineer

Responsibilities:

• Performed Network Assessment and remediation for key Network and Security Deficiencies:
• Implemented SSL Decryption on Palos
• Migrated ASA Security Policies to Palo Alto firewalls
• Implemented QoS on Core and Access switches
• Upgraded software for Palo Alto Firewalls
• Demonstrated proof-of-concept attacks against ASAs in lab
• Ensured that NIST 800-53 controls and DoD STIGs were implemented
• Reviewed security logs in Splunk
• Provided Incident escalation support for SOC
• Helped design and implement 2-Factor Authentication for Office365
• Assisted with implementation of PIV card logins
• Provided Tier 3 Support for OPIC Network and Security Infrastructure

Confidential, Oakton, VA

Lead Information Assurance Engineer

Responsibilities:

• Participated in Security Certification and Accreditation process for major systems
• Helped develop System Security Plan ( Confidential )
• Patched software vulnerabilities and performed mitigations
• Developed Survey and Import templates and processes
• Trained Confidential (Network Operations Center) and SOC (Security Operations Center) on Technologies and Site Designs

Confidential, Oakton, VA

Senior Principal Engineer

Responsibilities:

• Performed DoD Certification & Accreditation (C&A) of systems
• Patched software vulnerabilities and performed mitigations.

Confidential, Chantilly, VA

Lead Pre and Post-Sales Engineer

Responsibilities:

• Led Team of Engineers
• Responded to RFPs
• Participated in Sales Presentations and Demos
• Developed Bills of Materials (BoMs)
• Provided training to customers
• Designed/Implemented Cisco Solutions and Managed Projects