SUMMARY

Extremely energetic cyber security leader, with a lot of ambition and confidence. I adapt at learning and applying new concepts to improving organizations’ environment. I am seeking a Cyber Security position with a quality organization that can utilize my proven leadership skills in Security Architecture, Continuous Monitoring, and Information Assurance.

TECHNICAL SKILLS

• Linux Administration
• Microsoft Office, Visio and Project suites
• McAfee, Cisco, Redlock, Scout 2, Cylance, Coockoo, Suricata, Splunk, QRadar, Niara, Tanium, Check Point, Palo Alto, Archer, Phantom, Moloch etc.
• Risk Management, Vulnerability Management, IT Security Audit, Disaster Recovery, Incident Response, SIEM, AWS, Cloud, Threat Hunting, Security Operations
• In depth knowledge of Security Policies, Audit, and Compliance i.e. GLBA, GDPR, NIST, PCI - DSS, HIPPA, FERPA, and SOX

PROFESSIONAL EXPERIENCE

Confidential, Richardson, TX

Senior Security Specialist

Responsibilities:

• Ingest enterprise hybrid cloud logs into the Cloud-SIEM platform for event correlation

Confidential, TX

CloudSecOps

Responsibilities:

• Responsible for monitoring Security events from SIEM, Threat Intelligence, end user notifications, etc. to determine security risk and responding accordingly.
• Coordinates response, triage and escalation of security events affecting the company's information assets and activities with the Incident Response team.
• Responsible for development/improvement of process/procedures related to Cyber Security Operation Center.
• Participate in the review of new SIEM use cases and develop runbooks that provide guidelines for analyzing the specific threats related to the new use case.
• Reviewed DLP violation
• Scanned the network for latest IOC's presence and maintain web gateway block list.
• Worked with SOC engineers during weekend maintenance to ensure proper operation of security devices.
• Monitored reported phish by user and take proper action
• Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS), security events and logs;
• Develops various Playbooks for responding to security incidents.
• Prioritizing and differentiating between potential intrusion attempts and false alarms.
• Creating and tracking security investigations to resolution.
• Work with other team such as Security Engineering and Security Architecture to Identify logs that are needed for correlation in the SIEM platform
• Composing security alert notifications and other communications.
• Identify needs, assess risks and come up with a workplan to maintain a strong security posture

Confidential, Richardson, TX

Lead Infrastructure Security Analyst/Engineer

Responsibilities:

• Implemented new log sources into the Enterprise SIEM Tool
• Responsible for security incidents investigation and continuous monitoring of the enterprise
• Worked with other business areas to build and develop use-cases for continuous security monitoring
• Participated in budget planning as well as work allocation for analysts
• Optimized log retention operating budget were it was able to fund new initiatives and projects without need of budget increase. (syslog-ng)
• Responsible for Risk Responses and remediation of all SIEM’s internal audit findings.
• Provided level 3 support to over 300 SIEM tool users
• Worked with HR, Forensic, Legal, and Internal audit investigation on requests such as Internet Usage, GLBA, PCI compliance, etc.
• Designed a high availability environment for Cloudera clusters integration with the SIEM platform
• Maintained log storage and retention within a Linux environment
• Developed and administer processes and reviewed their application to ensure that SIEM’s controls, policies, and procedures are operating effectively
• Managed SIEM PCI Asset inventory and reviewed SIEM firewall rules
• Supports over 800k log sources within the SIEM platform
• A member of the company’s Virtual Hunt Team, put together to proactively detect threats, and anomalies on Statefarm network
• Lead a team of 7 including 5 FTEs and 2 contractors from IBM
• Worked with out of States team members as well as offshore
• Contributed to enterprise information Security Policies and Architecture Decision Documents as it relates to logging and monitoring

Confidential, McKinney, TX

Security Architect /Owner

Responsibilities:

• Develops and implements technical security policies, procedures and guidelines for multiple platforms and systems such as HIPPA and PCI.
• Designs computing environments, configures and administers Cisco ASA firewalls, routers and switches.
• Conducts penetration test and vulnerability assessment for homes and small businesses
• Trains non-technical staff on various software administrations
• Conducted security awareness trainings
• Performs Data Recovery from corrupted and damaged hard drives, SSDs and RAIDS
• Implements Network Security Monitoring solutions in large homes and businesses

Confidential, Irving, TX

Senior Cyber Analyst

Responsibilities:

• Investigated security incidents within Confidential and determined it root cause
• Conducted security incidents investigations involving potential unauthorized exposure or loss of data belonging to Confidential, Confidential customers, and Confidential employees.
• Evaluate remediation actions taken by various Confidential business units to correct security incidents incidents
• Coordinated with the Legal and Compliance departments to perform Risk Exposure Assessment (REA) on information security threats to Confidential and its customers.
• Followed pre-defined actions to handle BAU and high severity issues including escalating to other security support groups.
• Proxy logs analysis and Data Loss Prevention (DLP) Reporting
• Triaged network intrusion and stolen laptops incidents
• Reviewed and wrote executive reports of security incidents within and outside Confidential

Confidential, Dallas,TX

Technical Support Engineer

Responsibilities:

• Developed and maintained technical documentation and on-line help files
• Provided a high-level of expertise and technical support to the entire university on information security and network services
• Service Owner for Symantec Endpoint protection server
• Analyzed Windows event logs and mini dumps to detect root cause of events such as BSOD, Trojan horse installation and drivers’ failure
• Evaluated information of network threats using output from endpoint scans
• Configured and maintained security policies on Enterasys WAP
• Assured management of data protection by implementing Group Policy on students’ and patients’ PII
• Used WSUS to maintain latest security patches on the university endpoint clients to ensure availability of the systems
• Generated various reports as it pertains to endpoints security
• Custom built and deployed, Windows and Apple operating systems on computers and I Pads using SCCM, Apple Configurator, Symantec GhostCast Server and Open-Source Linux Distribution -Clonezilla
• Provided level 2 support call for remote staff in dial-up networking, and VPN related issues
• Troubleshot and resolved network problems than can cause delay is service delivery

Confidential

Security Engineer

Responsibilities:

• Collaborated with Network Engineers to assess near and long-term network security needs.
• Worked with the Network Engineers to create and maintain documentation as it relates to network security configuration and records.
• Monitored and analyzed network performance and provided statistics and reports.
• 24/7 On-call availability
• Site to Site migration
• Conducted Workshops on Data recovery and Backup for small and medium sized organizations.
• Configured and maintained Open-Source Network Security Monitoring servers small and medium sized organizations

Confidential

Associate Project Manager

Responsibilities:

• A member of 3-person team responsible for IS/IT strategy plan development for Confidential Investment Company Limited (AICL). A leading business development and investment holding company in Africa.
• Aligned various department with numerous IT departments, increasing inter-department communication,
• Assisted in System/ Requirements Analysis and design for client business process and assisted in the investigation of RCA
• Developed documents for several projects. Documents such as; skills inventory of staff, application inventory, hardware inventory, and status reports
• Assisted in providing management consultation to develop, facilitate, and support the implementation of Change, Incident, Problem, Risk, and Configuration Management plans in organizations using the ITIL and COBIT frameworks

Confidential

Computer Repair Technician

Responsibilities:

• Performed infrastructure maintenance and installations such as Power, Network, and physical
• Performed extensive hardware troubleshooting on enterprises’ server hardware
• Performed data recovery on failing and failed hard drives
• Other duties were general computer break fix assignments