We provide IT Staff Augmentation Services!

Information Security Engineer Resume

OBJECTIVE

  • My objective is to develop to construct better security controls for auditing and improved secure implementation process. This will also build a better threat modeling for vulnerability management to support compliance and governance requirements.

TECHNICAL SKILLS

Operating Systems: Windows server 2020, 2016, 2012R2, 2008R2, 2003, Windows 10, Windows8.1, Windows7, Unix, CentOS7, Mac OS

Hardware: HP 3Par StorServ 7200, Cisco 2900 routers, HP (lights out) iLO & DRAC physical server web access tool, Windows Servers, Backup and recovery devices, printer networking, server, desktop, laptop, and (GR59u, CAT5) data cabling

Software: DUO, AWS, Outlook 365, LastPass, tenable io, Sophos, Jira, Confluence, Splunk (on Prem & Cloud), ManageEngine DesktopCentral, StealthBits, CiscoVPN, KnowBe4, Veracode, Access Card administration, Active Directory, SQL Server, VEEAM 9.0 backup, VMware vSphere Client 6.0, 5.5, 4.0 & 3.5, VMware AirWatch, VRealize Log Insight, Citrix XenApp 6.5 & 6.0, Citrix AppCenter, (End User Support), RSA, Microsoft System Center 2012, SCVMM 2012, SCOM, Veritas Cluster Server Manager, Oracle weblogic, Oracle Enterprise Manager, Oracle 10g, InetMgr, Remedy, HP Openview (Service Center), LabTech ConnectWise, Watchguard, Slack, SharePoint/Teams management console

PROFESSIONAL EXPERIENCE

Confidential

Information Security Engineer

Responsibilities:

  • InfoSec organizer of controls, policies, procedures, and operations
  • SOC 2 compliance startup & audit organizer into implementation
  • PCI compliance startup & audit organizer into implementation
  • PCI - DSS compliance coordinator
  • Project management forecaster
  • AWS cloud security administration
  • Departmental product analyst, POC tester & implementation
  • Built and implemented Security awareness portal for company use
  • Security Awareness trainer for Executive, C-level and below
  • Conducted companywide social engineering campaigns
  • Conducted multiple unannounced whaling and spear phishing campaigns
  • Held departmental campaign results for directors and showed the process walkthroughs of risk levels
  • Conducted annual, quarterly, Security Awareness training modules for compliance audits
  • Internal phishing campaign tester
  • Security best practice trainer for DevOps & QA departments
  • Virtual and physical MFA (Duo, google authenticator, Microsoft authenticator) & IAM monitoring tool management and administration
  • Tenable vulnerability threat analysis monitoring, reporting and remediation
  • Sophos vulnerability threat analysis monitoring, reporting and remediation
  • TrendMicro vulnerability monitor and remediation
  • ManageEngine Desktop Central hybrid environment threat analysis monitoring, reporting and remediation patch management adviser and processor
  • Sophos ransomware antivirus and ransomware administration for servers and workstations
  • SIEM Splunk cloud for physical and AWS monitoring administration
  • LastPass password manager administrator
  • Office 365 security administration of group and user account management and licensing
  • Worked on O365 account deployments and teams access administration
  • Worked on Microsoft Teams access with IaaS for all on/off site users with Microsoft Authenticator MFA protection
  • Atlassian Confluence administration and Jira functionality contributor

Confidential

Information Security Engineer

Responsibilities:

  • Active Directory & group permission cleanup and restructuring from company from previous mergers
  • Worked as a liaison between Info Sec and various teams to recommend best practices for Active Directory, environments, Group Policies, DFS file permissions for compliance procedures and workflow processes & procedures
  • Implement PCI/PHI/NIST security policies and settings for Windows platform in Active Directory system
  • DISA Stig infrastructure remediation coordinator
  • Qualys Vulnerability threat remediation procedures
  • Security Awareness Training and IAM new hire trainer and coordinator
  • Splunk monitoring report monitoring for Data, Network, and Application device & user activity
  • Slack alert notification and tracking for multiple endoints including Slack, LogInsight, and Kibana
  • Spirion (Identity Finder) & StealthBits Technology admin for PCI & PHI file and sensitive data permissions with encryption protection
  • KnowB4 phishing campaign and SAT administrator
  • Built and implemented Security awareness portal for company use
  • Security Awareness trainer for Executive, C-level and below
  • Conducted companywide social engineering campaigns
  • Conducted multiple unannounced whaling and spear phishing campaigns
  • Held departmental campaign results for directors and showed the process walkthroughs of risk levels
  • Conducted annual, quarterly, Security Awareness training modules for compliance audits
  • Internal phishing campaign tester
  • VRealize Log Insight tester and Splunk alert/report Administrator
  • VMware AirWatch MDM administration
  • VMware NSX remediation support Administrator
  • Duo 2FA testing to offboard RSA 2FA and for global tracking analytic features
  • Proof of concept testing Leading Edge for Data, Networking, Application security Technologies

Confidential

Solutions Engineer

Responsibilities:

  • MSP (Managed Services Provider) Engineering client support
  • Client support for SQL DB maintenance and backup plans
  • Client support for VMware cloud environment
  • Provided VEEAM 9.0 cloud backup support for client services
  • Provided client storage solutions with VMWare 5.5
  • Provided remote client service related file share permissions
  • Client support for security and general technical support request according to service tickets
  • Built and modified server compliance remediation related tasks and operation projects for company clients
  • Built remediation plan from Qualys reports to handle vulnerability 5, 4, & 3 alerts
  • Supported Exchange permissions related requests for MSP clients
  • Provided SPAM filtering support for multiple client exchange servers and email accounts
  • Helped to address windows update comparison to IBM BigFix to help remediate server compliance issues
  • Single handedly reduced SLA related service requests from 60+ day to less than 10 days for engineering MSP queue
  • Utilized LabTech client MSP support tools for infrastructure and end user support

Hire Now