We provide IT Staff Augmentation Services!

Information/network Security Analyst Resume

St Harrisburg, PA

SUMMARY:

  • I’m a motivated self - learner, driven by the increasing need of cyber security professionals across the nation.
  • I’ve always been fascinated with how information systems and sensitive data are protected over the vast landscape that is the Confidential .
  • I found myself building PC’s at the age of 15 and developing an even greater interest in how Small/Medium/Large companies utilize information systems to conduct their specific operations.
  • I’m seeking a full time professional position with a company that takes pride in keeping their customer data and infrastructure safe from the ever growing amount of attack vectors, threats, and vulnerabilities.
  • I would be a great asset to any company seeking a professional and passionate individual specialized in cyber security.

ADMINISTRATIVE SKILLS:

  • Risk Analysis and Mitigation
  • Cloud Security Best Practices
  • Application Security Testing
  • OWASP Top 10 Application Security Assessment
  • SANS Top 10 Application Security Assessment
  • NIST 800-53 rev 4. Security Control Framework Assessments
  • COBIT Governance Framework Assessment
  • FISMA Metrics
  • FFIEC IT Examination Experience
  • PCI Compliance
  • HIPPA Compliance GLBA Compliance
  • ISO 27000 Framework Assessment
  • Network Security Testing
  • Conducting Security Audits
  • Creating/Maintaining Security Policies
  • Federal and Client Audits

TECHNICAL SKILLS:

  • I have professionally used the following tools list and have proficient knowledge in utilizing specific best practices for Preventing/Detecting/Responding to Cyber Security events.
  • Smart Bear Application SOAP and REST service testing
  • Avatier Identity Access Management Tool
  • Symantec Blue Coat Proxy configurations
  • Gigamon Network Tap
  • Aruba Wireless Device Setup
  • Aventail Sonic VPN setup
  • IBM Guardium Database security
  • IBM ICCeDiscovery Manager Email archive software
  • LogRhythm Security Incident/Event Management System
  • Power Shell Scripting
  • Centrify Role Based Access Control setup for Linux/Unix Machines
  • Cisco SourceFire IDS/IPS
  • Veracode Dynamic Scanning Tool (DST)
  • SANS DShield Honeypot
  • Trustwave Data Loss Prevention
  • CyberArk Administrator Account Management
  • Ninite Patch Management Tool
  • IBM APP Scan Standard
  • IBM APP Source Scan
  • Port swagger Burp Suite proxy recorder
  • Wireshark packet sniffer
  • Nessus vulnerability scanner
  • Checkpoint Firewall
  • Trend Micro & Carbon Black Endpoint Security
  • Proofpoint Email Security
  • Metasploit Armitage vulnerability scanner
  • Kali Linux Network penetration tool
  • John the Ripper Password Cracking tool
  • Splunk Logger
  • N-Map Network Analyzer
  • RSA Archer Governance Risk and Compliance
  • R-SAM Incident Tracking
  • Snort Network Intrusion Detection System
  • XML Spy Debugger
  • Acunetix
  • ZAP (Zed Attack Proxy)
  • Custom Python Scripts for Scanning open ports
  • DirBuster
  • SQLMap
  • SQLNinja
  • Watabo
  • Maltego theHarvester eSearchy
  • Skipfish
  • Nikto Application Scanner
  • Immunity Canvas
  • CA APM resource monitoring tool
  • CA Site Scope monitoring tool
  • SmartBear SoapUI
  • BMC Remedy ticketing system
  • Service Now ticketing system
  • RSA Archer GRC tool
  • Microsoft AQT Query tool
  • HP Quality Center for defect tracking
  • Microsoft Office 365
  • Eclipse IDE
  • IBM SPSS Statistical Analysis

EXPERIENCE:

Confidential, St. Harrisburg, PA

Information/Network Security Analyst

Responsibilities:

  • Manage and support the security technologies within the team’s jurisdiction (to include defensive and offensive security solutions on the perimeter and internal networks such as firewalls, intrusion prevention, data loss prevention, etc.).
  • Research, design, participate in or lead the implementation of low to moderate complexity security initiatives.
  • Identify, implement, and maintain the controls and procedures required to cost-effectively and uniformly protect the agency’s information system assets.
  • Monitor compliance and adherence to agency security policies and assist with violation investigations.
  • Perform ongoing oversight of the vulnerability and security patch management programs
  • Deploy and administer vendor and internally developed software and procedures to address security requirements.
  • Provide support and evidence collection for internal and external audits
  • Monitoring and processing of configuration change requests and service desk tickets.
  • Proactively identify threats and vulnerabilities, and collect, correlate, and analyze data to detect actual or potential unauthorized access to the agency’s network and systems
  • Assist in the evaluation of the type and severity of security events
  • Resolve issues by taking the appropriate corrective action or by following escalation procedures.
  • Conduct forensics investigations as required
  • Brief Management on the status of security initiatives and effectiveness of controls
  • Asist with maintain and testing the departments Business Continuity Plan.

Confidential, St. Harrisburg, PA

Risk Policy & Controls Analyst

Responsibilities:

  • Provide governance by monitoring and reviewing the administration and content of security policies and procedures, federal documentation to include the System Security Plan, Incident Response Plan, and other standard security documentation following best practices and security frameworks to include NIST, COBIT, ISO, and SANS.
  • Provide input for Information Security Policies that adheres to state and federal regulations.
  • Research, process, and report on agency security incidents. Drive governance of agency incident response management by working with business unit, legal and compliance resources to provide timely notification and escalation.
  • Perform root cause analysis for security incidents in support of remediation and prevention efforts.
  • Coordinate internal, client, and regulatory IT and Security audits. Meet with representatives and subject matter experts to facilitate reviews.
  • Organize materials and provide quality assurance inspections of documentation (evidence and responses) to ensure compliance with current IT and security activities.
  • Maintain knowledge of system processes necessary to coordinate responses and interviews with subject matter experts.
  • Maintain knowledge of security program to enable providing overviews of policies, controls, BCP/DR, incident response, risk, and overall security practices and processes.
  • Perform risk management assessments and develop risk management methodologies utilizing PHEAA’s IT GRC tools and risk management platforms.
  • Assist with completion of regulatory and compliance assessments including SSAE 18, FFIEC Cybersecurity Toolkit, NIST Cybersecurity Framework, and related benchmarks.
  • Maintain and review the Enterprise Security Office security risk registry. Maintain risk remediation-tracking documents and manage remediation timelines.
  • Provide governance of risk management by ensuring organizational frequencies of risk assessment and reporting.
  • Coordinate completion of required risk self-assessments and support risk management efforts in support of the agency’s contractual obligations and federal authority to operate (ATO).

Confidential, St. Harrisburg, PA

Non-Functional Test Analyst

Responsibilities:

  • Enhanced Application Security Testing Process.
  • Discover Various Vulnerabilities, Internal/External Applications.
  • Provided high level resolution information to developers.
  • Lead professional meetings with project teams to discuss high level Risks.
  • Provided recommendations on tools for enhancing the testing process.
  • Logged and track application defects to ensure resolution.
  • Worked with project coordinators to meet objective schedule.
  • Communicated compliance issues with project teams.
  • Worked on multiple application projects at one time.
  • Lead group on Application Security testing projects.

Confidential, Mechanicsburg, PA

Service Desk Analyst

Responsibilities:

  • Provided prompt and courteous service to internal customers via the Information Technology helpdesk.
  • Thoroughly and accurately documented all service calls within the prescribed call tracking mechanisms.
  • Reviewed helpdesk statistics to proactively identify service concerns and took action to reduce call frequency and volume.
  • Provided training to other Helpdesk Technical Architects
  • Aided in the establishment and documentation of service and operating level agreements.
  • Ensured that documented service and operating level agreements are met.
  • Attended change control meetings as required.
  • Was responsible for the timely coordination and dissemination of all service desk communications.
  • Provided technical support via remote access.

Confidential, Mechanicsburg, PA

Asset Protection Associate

Responsibilities:

  • Monitor the store for potential security risks and alarm function
  • Protect against fraudulent activity by creating AP Alerts and reporting and documenting incidents properly when necessary
  • Teach and coach store employees about the principles, standards and policies related to safety and crisis events and monitor their fulfillment
  • Work with the Asset Protection Lead and others to resolve any hazards or compliance issues and investigate any employee or customer accidents
  • Interact with customers and store employees to maintain a safe and profitable environment

Confidential, Harrisburg, PA

Dock Worker

Responsibilities:

  • I worked here part time while attending College as a full time student for tuition re-imbursement program
  • Stack wooden pallets at the opening of the trailer for forklift driver
  • Use teamwork to prepare trailers for drivers
  • Organize company equipment in outside storage facilities
  • Checking for proper identification via club management software
  • Issuing equipment
  • Contacting appropriate personnel for troubleshooting issues
  • Serving as office support to staff assistant and supervise student personnel

Hire Now