Iam Administrator & Auditor Resume
Denver, CO
SUMMARY:
- A self - motivated professional who has a resilient passion for cybersecurity, covet to learn and be challenged with a prospective company.
- Proven professional who brings strong time management, resourcefulness, and the ability to provide timely and valuable solutions including remote work.
- Seeking a position that will allow knowledge growth in cybersecurity with an exciting company.
- During my spare time, I truly enjoy a great deal of self-study, attend a variety of security, and meet up groups to help stay abrasive with current technology, security, and self-development. Thrive working in a team and independently to accomplish any missions.
- Accomplished Information Technology professional with extensive experience and recent education Cybersecurity providing analytical support needed to drive the achievement of key organizational cybersecurity-related goals and objectives.
- Additionally, have a bachelor’s degree in Computer Information Systems. Skillful at solving complex problems, systems testing, hardware/software security assessments and controls, systems implementations, and upgrades.
- Knowledge in project lead, helpdesk team management, access control, and financial asset audits, and inventory management.
- Proficient to develop and maintain long-term relationships with strategic business partners and technical stakeholders through open lines of communication and the effectiveness of the technical support provided.
AREAS OF EXPERTISE:
- Identity Access Management
- IT Program Support & Auditing
- Network Administration & Security
- Cybersecurity Best Practices
- System Implementations & Upgrades
- Enterprise Technologies
- Relationship Building/Team Player
- Flexible/Detail-Oriented
- Analytic Thinker
TECHNICAL SKILLS:
Network Security: Protocols and attacks, Wireshark, IPS, and IDS, firewall.
Systems and Web Security: Windows, Linux, and OSX systems, Apache, and defenses. Knowledge of Web Vulnerability.
Threat Intelligence: Knowledge and identification of Threat Actors including APT’s and Concepts and Scanning.
GRC: Compliance requirements including HIPAA, PCI, NIST, GDPR, SOC2, and ISO 27001.
Hunt Analysis: Threat identification, surveillance, data, and tracking.
Detection & Logs: Splunk SIEM, Security Monitoring, Intrusion Detection, and Crisis management.
Digital Forensics: Methods, analyze OSX data with Autopsy tool.
Identity and Access Management: access and permission security control, least privilege, role-based access control (RBAC), IAM life cycle, Identity federation, SSO, SAML, Identification, 2FA/MFA
Tools: Learned Bash Scripting, Python, Oracle VM VirtualBox, Kali Linux, Linux VM, Visual Studio, Wireshark, Zenmap, Snort, MetasploitExploit DB, Brute Force, John the Ripper, Burp Suite, Autopsy, and Command Line Tools (ping, netstat, tracertnslookup/dig, ipconfig/ifconfig, tcpdump, Netcat, Nmap)
PROFESSIONAL EXPERIENCE:
Confidential, Denver, CO
IAM Administrator & Auditor
Responsibilities:
- Maximize organization healthy secure posture by managing identity and access in CA Service Desk, Active Directory, Google, PAM applications (One Identity, Safeguard, 2FA/MFA, Ping Identity, and Starling), review of procedural documentation including litigation holds, attribute mapping, communicating process, and conducting the review and permission auditing.
- Collaborate closely with the Manager of IAM, Confidential Project Manager, IAM team, and other stakeholders to provide auditing status, area for improvement, and reviews of account policy enforcement.
- Maintain risk management and compliance by performing various IAM audits such as (Disabled Users, Password Never Expires, Never Logged In, 60-90 Days Inactivity, Orphaned Users, Shared, Services, Administrator, Training and Testing accounts), that can result for bulk users offboarding to help save time in accounts clean up, cost-effective and prevent any compromise of account attacks from unmanaged identities.
Confidential, Denver, CO
Responsibilities:
- Experienced and successfully deployed various software, hardware, and systems security controls, policies, and hardware encryption for mobile devices, applications, and website control to help reduce security risks, data loss, and hardware thefts.
- Involved with support for the development of Confidential for IT security control and disaster recovery plan to ensure company compliance.
- Supported 90% - 95% of the company/enterprise, including business partner proprietary applications, company’s SharePoint, and network management systems (MDM, ManageEngine, and VMware Admin Console).
- Assisted with IT asset planning, purchases, and resources procurement growth.
- Enhanced systems improvement, effectively managed multiple IT projects, conducted periodic IT systems, and security access audit.
- Results in smooth business continuity with resource availability, successfully systems upgrades and implementation, and help reduced any vulnerable account attacks.
- Knowledge of mobile device encryption with McAfee Endpoint encryption, identified, quarantined, and remediated, any infected machines with malware or vulnerability in the anti-virus software.
- Created and deployed machine images.
- Provided technical support and performed some network and email troubleshooting.
- Understanding of Agile and various phrases of testing for company claim system migration and implementation.
Application Support Analyst/Project Lead/Helpdesk Lead
Confidential
Responsibilities:
- Performed whitelist and blacklist of websites to prevent users from being exploited to website attacks by visiting foreign sites.
- Redesigned helpdesk system by redefining categories, identifying top user issues reporting and service requests, and restructured ticket routing assignments. This increases our IT team and company productivity for serving our users.
- Successfully led and accomplished multiple implementation projects, including virtual environment, operation systems, customized web application, partner applications, hardware/software rollouts, and VoIP phone integration during office moves.
- Established policies and procedures for the company’s main claim system on how to handle inactive accounts “Locked” status to preserve user access and for audit trail purposes.
- Managed and administrated access security control for the company’s claim system through extensive user’s interviews and testing phases of user accesses to properly configured user level of access which includes setup of the role-based model structure.
- Trained users on functionality, implementing self-service of network account locked-out issues, which reduced helpdesk tickets and calls to the helpdesk.
- Improved security password policy by reducing the days of password expiration from 180 to 90 days, which was in line with the corporate IT risk assessment for the partner SSL Juniper system.
- Remarkably enhanced auditing responsibilities and improved the organization’s external auditing scores due to routine review of permission audits.
SharePoint Administrator
Confidential
Responsibilities:
- Managed the company’s SharePoint, information security, including setting up and managing user security permissions and regulations, producing the web applications, team, and project sites for the business, metadata, branding, and charts for customized sites.
- Completed work on IT SharePoint projects, including Web Portal content, OBIEE SharePoint integration, and 3rd party applications.
- Enhanced department websites, which enabled collaboration and communication, including the employee recognition web application to improve the streamlining of key human resources processes.
Systems and Testing Administrator
Confidential
Responsibilities:
- Operated in collaboration with business partners, vendors, and internal support teams, centralizing, and managing the communication of testing and troubleshooting complex technical issues.
- Installed, tested, evaluated, administrated security access control, and troubleshot hardware, software, and operating systems to determine the efficiency, reliability, and compatibility with existing systems, leading root-cause analysis for all key company-wide system failures or outages.
- Effectively engineered, managed, and directed all phases of testing activities, including user acceptance testing and regression testing to meet milestones and rollout schedules for various test and implementation projects including the virtual environment.
- Awarded the company Blue Ribbon and promoted to Application Support Analyst for proficiency in quickly learning testing concepts and processes and the ability to take on new responsibilities and learn new skills.
- Successful implementation of origination’s main claims system and user rollout that cut costs significantly of hiring additional staff for the major project.