SUMMARY:

• An ambitious candidate in: Security information and event management (SIEM), Hunt analysis, network security, systems security, governance, risk and compliance (GRC), strategy/analysis, threat intelligence and log detection.
• Certifications include: Confidential Core, Confidential Enterprise Security, and AWS Solutions Architect.

TECHNICAL SKILLS:

Information Management: Python, Java, and Bash scripting including REGEX for managing folders, files, and programs; Data mining & munging, including web scraping; Statistical analysis noledge using Confidential, cross - tabbing, and multiple linear regression techniques.

Security Management: Network Security across teh OSI Model; OS Security using Active Directory and Linux/Unix systems; Risk & Vulnerability Assessments using 5-step and 8-step models; Kill Chain using Lockheed Martin 7-step model; SIEM ( Confidential, ELK Stack, and LogRhythm); Familiarity with IAM & FIM

Network Security: across teh OSI Model; OS Security using Active Directory and Linux/Unix systems; Risk & Vulnerability Assessments using 5-step and 8-step models; Kill Chain using Lockheed Martin 7-step model; SIEM (LogRhythm and Confidential ); Familiarity with IAM & FIM.

Penetration Testing & Threat Intelligence:: THESE COULD INCLUDE ITEMS SUCH AS: NMAP, NetCat/Ncat, and Wireshark to identify vulnerabilities; Training in different kinds of APTs and TTPs.

PROFESSIONAL EXPERIENCE:

Confidential, Houston, Texas

CYBERSECURITY ENGINEER

Responsibilities:

• Used Confidential build and dashboard development. Performing hands-on architecture, design, and development of systems
• Discovered threat and Create Notable event, incident investigation and Correlation
• Provide security consulting to project and development teams in teh area of information security
• Implement all teh SOC to monitor and analysis security risk
• Standardize and implement Confidential Universal Forwarder deployment, configuration and maintenance in Linux and Windows platforms
• Maintain, Manage and Monitor Confidential Infrastructure (Identify bad searches, dashboards and health of Confidential )
• Monitor simple mail transfer protocol email system, webmail using Rapid7 VM, Cisco Stealth Watch
• Used User Behavior Analytic to parse data into Confidential and detect anomalies in true positive events
• Used SNMP (Simple network management protocol) to monitor teh application on teh server
• Using Confidential Enterprise to perform data mining and analysis, utilizing various queries and reporting methods
• Analyzing and monitoring security-related technologies including host-based firewalls, host-based using IDS, LDP server configuration controls, logging, SIEM, monitoring tools, antivirus systems.
• Actively hunt for and dissect previously unidentified threats and differentiate between potential intrusion attempts and false alarms
• Monitor and detecting security use cases on Confidential e.g. SQL Injection, SQL Map, Burp-suit intruder
• Using Confidential Enterprise Security Environment in Amazon web Services (AWS) Cloud
• Using Confidential Phantom Security Orchestration, Automation, and Response (SOAR) system to evaluate notable event for correlation alert
• Ability to leverage REST API for purpose of advanced Confidential administration and Confidential query automation
• Operate and maintain application security tools, e.g. static application security testing (SAST) and dynamic application security testing (DAST) tools

Confidential

ADMINISTRATOR WhiteHat Security

Responsibilities:

• Used different method to onboard data into Confidential server (UI, CLI, Configuration)
• Develop alerts and timed reports Develop and manage Confidential applications
• Performed Confidential noledge objects e.g. Configuration, Uploading data, field extraction, validation of boarded data, REGEX search, event parsing, and data transformation
• Performed server installation, networking, patching, and maintenance
• Improve search data, run saved searches and work with search job using python, Java
• Use Confidential GUI development creating Confidential apps, searches, Data models, dashboards, and Reports using teh Confidential query language.
• Perform index administration, maintenance and optimization and create data retention
• Create Confidential Applications, Confidential Dashboard and Visualizations.
• Standardize and implement Confidential Universal Forwarder deployment, configuration and maintenance in Linux and Windows platforms
• Manage and troubleshooting Confidential accounts (create, delete, modify, etc.)
• Transfer Confidential log file in Json format to Elastic search
• Support Confidential on UNIX, Linux and Windows-based platforms. Assist with automation of processes and procedures
• Developed Confidential infrastructure and related solutions
• Provided different method to install search head, forwarder and deployment servers and troubleshoot at teh back end
• Used different method to collect data from various servers and managing Confidential apps
• Implementing and maintaining Confidential infrastructure and configurations in a single environment and in a clustered environment on AWS.
• Build Confidential Enterprise Docker

Penetration Tester

Confidential

Responsibilities:

• Work on improvements for security services, including teh continuous enhancement of existing methodology material and supporting assets
• Secure coding practices, ethical hacking and threat modeling
• Communicate technical vulnerabilities and remediation steps to developers and management using DAST
• Be responsible for performing manual penetration testing and communicating your findings to both business and Developers using Nmap, Qualys, Nessus, WebInspect, Burp, Backtrack, Metasploit
• Ability to use teh general attack stages e.g. foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks
• Applied security testing to detect and remedy related security issues such as OWASP top 10
• Hooking Vulnerable injecting a key logger or gaining full control over teh target machine by exploiting XSS
• Gather detailed information about networks & connected clients like their OS, ports
• Perform application penetration tests across public and private networks
• Discovering and exploiting file upload vulnerabilities to hack
• Strong noledge of security vulnerabilities and remediation as listed in sites like OWASP extracting sensitive data from teh database such as passwords, user information
• Generating a backdoor that works outside teh network and configuring teh router to forward connections to kali
• Used SQL injections in POST and GET bypass login forms if teh inputs are injectable, this will allow us to login as any user without a password.
• Design and promote an application security program using inputs/frameworks from communities such as OWASP, PCI DSS,
• Provide systems engineering for ground and space system specifically in Cybersecurity, Cryptography
• Cryptography Key Management
• Ability to gain an understanding of Corporate and product-specific policies/control environment, as well and U.S. regulatory requirements

CLOUD SECURITY ENGINEER

Confidential

Responsibilities:

• Design and coordinate cohesive responses to threats that involve multiple teams across teh organization
• Evaluate teh impact to teh organization of current security trends, advisories, publications, and academic research. Coordinate responses as necessary across affected teams to do teh right thing for our customers and our organization
• Recognize, adopt and instill teh best practices in security engineering fields throughout teh organization: development, network security, security operations, incident response, security intelligence
• Provide subject matter expertise on architecture, authentication and system security
• Improve teh efficiency of information security processes and advance teh TEMPeffectiveness of teh information security controls of teh cloud operating model
• Work closely with development, test, documentation and product management teams to deliver high quality products and services in a fast paced environment
• Strong demonstrated noledge of web protocols, common attacks, and an in-depth noledge of Linux and Windows and cloud services tools and architecture
• Develop and execute Cloud Information Security strategy to proactively identify risk and drive remediation
• Develop horizontal view of risk posture across multiple technology domains
• Support teh performance of ongoing measurement, monitoring, and evaluation of teh third Party information security risk
• Advice project team to perform application threat modelling and coordinate other security activities such pen-testing and code reviews

TECHNICAL & LANGUAGE SKILLS

Technical: STATA, Excel, ArcGIS, C#, R, Python, .Net, Bash scripting in Unix/Linux, MySQL, AWS & Google Cloud Platform Language: Proficient in English (speaking and reading)