It Security Analyst /consultant Resume
4.00/5 (Submit Your Rating)
Marysville, OhiO
SUMMARY:
I have been working at Confidential as a IT Security Analyst. Previously I worked as a IT Security Specialist for the Confidential and 17 years at Confidential in different positions. My last position was IT Security Analyst/System Engineer.I learned that technology is always changing which presents new unique challenges every day to protect the Confidentiality, Integrity and Availability of data. I enjoy and look forward to new working opportunities and building new relationships.
EMPLOYMENT HISTORY:
Confidential, Marysville, Ohio
IT Security Analyst /Consultant
Responsibilities:
- Working on a project to rebuild Vulnerability Management, Policy Compliance and Web Scanning for all of Confidential North America. Installed Qualys cloud agents on servers and endpoints, created and implemented Qualys VM and WAS scans. Work together with other teams to assess risk and develop strategies to improve the enterprise security posture from vulnerabilities found in scans.
- Collaborating with Confidential Motors in Japan to perform mitigation, response, and/or recovery actions and coordinate with interfacing teams as necessary to remediate all critical and high vulnerabilities found on Confidential North American Websites.
- Perform initial research and context gathering and conducting detailed analysis around critical, warning, and informational security incidents in Symantec Managed Security Services and Palo Alto. Establish the appropriate mitigation, response, and/or recovery actions that should be taken based on established playbooks or analyst knowledge.
- Determine severity level and escalate as necessary using Service Now tickets to document evidence collected and actions taken during the incident response process and vulnerabilities scans within the case management system.
Confidential, Columbus, Ohio
IT Security Specialist 2/Consultant
Responsibilities:
- Was the Qualys Unit Manager, investigated critical vulnerabilities within the VM scans.
- Ran static and dynamic Web application security AppScan scans for all the new web applications before and after recommendations before implemented into production. Generate reports and consulted with the development teams on remediating found security vulnerabilities in scans.
- Restructured Cisco IronPort access policies with different exemption that allowed access or denied to different web sites according to job titles. Upgraded system monthly when the latest WSA and ESA AsyncOS became available.
- Monitor and investigated Cyber Security incidents as they were being reported, using EPO McAfee, Qradar, Splunk, Ironport, Imperva and Qualys.
- Created Splunk IT Security dashboard, Data Models and pivot tables for easier search function. Set up alerts for Security Operation Group to help monitor network, firewalls, applications and users.
- Confirmed daily SCCM permission and auditing patch management software upgrade deployments were being deployed for all operating systems to fix security issues.
- Determine severity level and escalate as necessary using Service Now tickets to document evidence collected and actions taken during the incident response process and vulnerabilities scans within the case management system.
Confidential, Columbus, Ohio
IT Security Analyst
Responsibilities:
- Ran Qualys VM and PC scans, helped to decrease threat risks on our company’s official score cards from “medium” to “low” status, developed and implemented security controls, standards, and guidelines for policy compliance. Along with implementing standardized intrusion prevention, vulnerability management, for over 46,000 host assets reducing the risk from $12M down to $4M.
- Worked closely with Risk and Audit departments, delivering Risk assessment intelligence - driven reports. Assisted in helping Risk in creating ISO 270001 controls. Ran reports to make sure that the different business departments were setting up employees with Segregation of duty internal controls.
- Provided technical guidance to the security operations center and or the lines of businesses during investigating a cyber-attack. Using Splunk log management security data platform, set up alerts which helped SOC team rapidly identify, prioritize, and respond to various security events, compliance violations, policy braches, cyber security attacks, and insider threats.
- Restructured the Symantec Control Compliance Suite as the System Engineer and Administrator, to scan both Windows and UNIX servers, did all the updates, troubleshooting and validations for the system.
- Evaluated and implemented through QA Testing a new application that would be used for auditing, analyzing and reporting across the enterprise. This application was put into production to replace another application that saved the bank a little over $200,000.
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
