We provide IT Staff Augmentation Services!

Information Security Analyst Resume

2.00/5 (Submit Your Rating)

San Antonio, TX

SUMMARY:

  • Result driven IT professional wif notable success directing a broad change of corporate IT security initiatives while participating in planning, analysis and implementation of solutions in support of business objectives.
  • Excel at providing comprehensive secure network design systems, system analysis and full life cycle project managementanalysis
  • Hands on experience leading all stages of system development efforts including requirements definition design architecture testing and support.
  • Outstanding project and program leader able to coordinate and direct all phases of project based efforts while managing, motivating and guiding teams. strong organization & customer service skills, Communication (written and verbal) is paramount, flexibility to wear “different” hats as part of a dynamic service team, inter - personal skills, dependable, Initiative to “jump in and help” teh team where needed.
  • Conduct information security risk assessments and controls selection activities.
  • Conduct remediation activities working wif remediation owners to drive to resolution
  • Conducts advanced vulnerability, security configuration, and/or penetration testing assessments and manages teh resulting findings.
  • Responds to cyber incidents, performing detailed analysis using complex security tools to determine root cause and effects
  • Technical understanding of Enterprise level IT infrastructure, networking, architecture, and security administration.
  • Create reports based on metrics and analysis of teh information.
  • Enterprise level experience logging SIEMS, password management, and multifactor autantication.
  • Experience on Information Security systems wif specific noledge around access control like RSA Autantication Manager, Cisco Secure ACS.
  • Investigates, analyzes, and responds to suspicious behavior, attacks, and security breaches using a variety of cyber defense tools to identify and mitigate threats.
  • Conducts vulnerability, security configuration, and/or penetration testing assessments of systems and networks
  • Develops and implements solutions for addressing vulnerabilities, threats, and exploits. Stays current wif latest information security threats, exploits, trends, and intelligence.
  • Functional understanding of protocols including: TCP, UDP, DNS, NetBIOS, HTTP, HTTPS, RDP, SMTP, SNMP, SSH, SSL
  • Implementing encryption standards, Security risk and compliance management, Assessment, Auditing.
  • Technical understanding of system architectures (network, servers, storage).
  • Monitors networks, systems, and applications for complex suspicious behavior (includes Insider Threat), attacks, and security breaches.
  • Conducts routine forensic analysis of network switches& routers, Checkpoint firewalls, Palo Alto firewalls, Cisco (IPsec/SSL) VPNs, MacAfee IDS/IPS.
  • Experience administering web proxy, email security, Web Application Firewall, Data Loss Prevention and Cloud Access Security Broker technology
  • Experience in system administration applied to planning and researching and developing security policies, standards, and procedures across multiple platforms and applications
  • Experience applying security principles, methodologies, and controls to new and emerging technology
  • Experienced in teh use of virtualization, Virtual servers (VMWARE ESX).
  • Experience wif designing and deploying Antivirus, RAID and LVM Management, Clustering, DLP and SIEM solutions.
  • Conducts routine forensic analysis of compromised systems to determine teh attack vector and teh consequences of teh breach.
  • Experience wif patch management, device hardening, configuration auditing and other end point security best practices.
  • Experience wif Data Migration tools and migration project based on Solaris/HP-UX/Linux/AIX based solution platforms.
  • Experience of cyber arc and SIEMtool Splunk.
  • Experience of Digital s management.
  • Experience wif Access Control Management (AD, LDAP, etc.)
  • Experience of Apache Server Administration and Squid Proxy Servers.
  • Experience of Secure data exchanges (PGP/GPG, SFTP, and SCP).
  • Experience of Network and Vulnerability Scanning tools Like Nessus and Qualys.
  • Experience of BCP/DR design and testing.
  • Experience in utilizing Snort, Nmap, Tcpdump, Wireshark, Blackstratus, Qualys.

PROFESSIONAL EXPERIENCE:

Confidential, San Antonio, TX

INFORMATION SECURITY ANALYST

Responsibilities:

  • Analyze teh enterprise information security environment and recommending security measures to safeguard valuable information assets.
  • Day to day support, monitoring and maintenance of enterprise network security systems, review of performance parameters of infrastructure components including Switches, Routers, Firewalls, and IPS security logs.
  • Identify, evaluate, and report on information security risks.
  • Responsible for implementing security risk and compliance management, assessment, auditing administration and management of customer’s security infrastructure.
  • Analyzes and responds to security threats of significant risk from various security platforms and technologies.
  • Configures tests, manages and upgrades security products and other technologies impacting data security.
  • Performs network troubleshooting to diagnose more complex network problems.
  • Supports more complex security platform changes and upgrades.
  • Performs security reconnaissance on assets, gathering intelligence to identify and respond to potential security threats or vulnerabilities of significant organizational risk or complexity, ensuring appropriate leader notification and threat mitigation.
  • Reviews threat management systems, appropriately classifying and responding to threats of significant risk.
  • Coordinates wif security monitoring function to ensure they are provided wif appropriate intelligence on any significant threats.
  • Conducts highly confidential more complex cyber forensic investigations, acquiring, collecting documenting and preserving evidence from various forms of electronic media and equipment, alerting leadership as appropriate based on policies and practices.
  • Responsible for planning, coordinating and implementing of security measures dat will provide detection, prevention, containment, and deterrence mechanisms to protect and maintain teh integrity of data files. Overall responsibility will include all user departments as well as assigned Information Technology staff.
  • Ensures network (LAN/WAN, telecommunications, and voice) security access and protects against unauthorized access, alteration, or destruction.
  • Develops, communicates and implements data and computer security policies and procedures.
  • Confers wif executive management and I.T. personnel to identify and plan for security for data, software applications, hardware, telecommunications, and computer installations.
  • Review computer logs and messages and develop tests on systems to identify and report any possible violations of security.
  • Works wif external service providers and vendors to identify, select, and implement data security, backup and archiving software, hardware, and processes.
  • Develops and communicates standards of use, operations, and security of network and data. Collaborate wif vendors and internal departments to develop and implement procedures. Collaborate wif senior staff on strategic and tactical security guidance for all IS projects, including teh evaluation and recommendation of technical controls.
  • Monitor and maintain teh ministry wide security infrastructure and frameworks while analyzing, planning and making recommendations for changes to ensure consistency across teh ministry. Regularly evaluate and assess information security vulnerabilities, solutions, and organizational posture. Assist in developing cyber security policies and procedures wif federal compliance standards as a guideline.Administering and configuring Cisco network devices, Palo Alto, Checkpoint and Cisco ASA firewalls.
  • Administer DLP, SIEM, IDS/IPS, AV, and vulnerability management programs.
  • Ensure dat Firewall Rules are reviewed in accordance wif Risk management Framework. Maintaining network compliance wif SOX/PCI requirements.
  • Analyze requirements and make recommendations to optimize performance of security software programs or information systems.
  • Maintain security of cloud infrastructure. Perform periodic security compliance audits and assessments, and data forensic review for vulnerability or compromise and ensure implementation of a resolution.
  • Collaborate wif network and technology support team to enhance and improve security processes and documentation.
  • Partner as appropriate wif HR and Legal in areas related to risk assessment and resolution.
  • Stays current wif security technologies and threats and make recommendations on business value. On a daily basis, assess new risks and mitigate as they surface.
  • Respond to IT security incidents, providing initial assessment of impact severity and types of incidents being addressed.
  • Investigates any fraud and other computer delinquencies.
  • Review/monitor access to customer information systems to ensure appropriate segregation of duties wifin and across applications.
  • Review, research and document security notifications.
  • Assist wif tracking of vulnerability assessments and penetration testing results remediation
  • Assist management to analyze, document and define requirements associated wif existing security roles and permissions; review roles/permissions wif users to ensure requirements are fully met.
  • Assist wif conducting technical/security reviews and risk analysis for new Information security initiatives.
  • Assist wif monitoring access to all systems and; and wif tracking documentation of access authorizations to all resources.
  • Participate in teh development and implementation of teh appropriate and effective controls to mitigate identified threats and risks.

Confidential, Alpharetta, GA

Information Security Engineer

Responsibilities:

  • Implementation ofinformation security policies, procedures, and standards.
  • Ensure compliance wif information security policies, procedures, guidelines, and standards
  • Support teh disaster recovery planning, testing, auditing, risk analysis, business resumption planning and contingency planning in an information technology, maintenance of teh Disaster Recovery Plan and Business Continuity Plan
  • Conduct internal compliance reviews of information security environment and serve as consultant for security issues dat require immediate resolution
  • Work wif third-parties engaged to perform IT related risk and/or operational assessments such as annual intrusion testing
  • Liaison between Information Technology department and third-parties engaged to provide information security monitoring and/or management services
  • Interpret and disseminate security related information to upper management and teh board of directors in relevant terms, e.g., summary dashboards
  • Facilitate audit and regulatory reviews by gathering documentation or representing facts to auditors and regulators when interviewed
  • Ensures compliance wif data destruction methods and following policy
  • Conducting risk assessments to identify and assess security risks of new, existing, or proposed infrastructure;
  • Analyze security incidents and assist in teh escalation of security events in conjunction wif teh incident response policy/program
  • Implementation of information security and on-going to all personnel
  • Monitoring teh internal control systems to ensure appropriate access levels are maintained
  • Coordinate annual testing for compliance wif emergency preparedness and Disaster Recovery
  • Review internal, external, and regulatory recommendations.
  • Conduct disaster recovery planning, testing, auditing, risk analysis, business resumption planning and contingency planning

Confidential, Chandigarh, INDIA

IT SECURITY Engineer

Responsibilities:

  • Implement information security policies, standards, procedures and guidelines, in conjunction wif teh Security Governance Committee.
  • Conducts vulnerability, security configuration, and/or penetration testing assessments of systems and networks and develops and implements solutions for addressing vulnerabilities, threats, and exploits.
  • Maintain teh Middleware software security and prevent unauthorized access to teh applications and administration in compliance wif IT security policy.
  • Prepare quarterly and annual security awareness communications on teh Information Security Management System
  • Experience of server refresh and migration project based on Solaris/HP-UX/Linux/AIX based solution platforms.
  • Implementing and supporting wif Data Migration tools.
  • Experience investigating, capturing, and analyzing events related to cyber incidents.
  • Prepares and delivers written and/or verbal briefs including recommendations to senior leadership on latest threats, alerts, incidents, and improvements.
  • Experience investigating, capturing, and analyzing events related to cyber incidents.
  • Experience planning and directing recovery activities including forensic event analysis, and malware evidence collection and reverse engineering
  • Experience deploying, managing, and troubleshooting firewalls and software-defined or virtual networking security components
  • Experience deploying, managing, and troubleshooting firewalls and software-defined or virtual networking security components
  • Experience deploying and managing endpoint security.
  • Experience in teh technology and process of vulnerability and security configuration assessment and scanning
  • Experience administering web proxy, email security, Web Application Firewall, Data Loss Prevention and Access Security Broker technology
  • Experience in system administration applied to planning and researching and developing security policies, standards, and procedures across multiple platforms and applications
  • Experience applying security principles, methodologies, and controls to new and emerging technology
  • Installing and maintaining Open Source based Tech Stack in production environments
  • Performing OS and application up-grades on existing systems

Confidential

UNIX System Administrator

Responsibilities:

  • Provide remote and on-site support for domestic and international customers, including tier III support.
  • LAN /WAN products sale support for key account of all sizes.
  • OS installation, migration and upgradation, account specified security application deployment, Patch installation and upgradation and firmware/license related upgradations
  • VERITAS Cluster Management, Client/Server support, network/NFS system administration and support, OS upgrading, Server rebuilding.
  • Disk/Volume Management, San space evaluation and planning.
  • DBA space request Administration and deployment.
  • Understanding of SAN and NAS storage. Installation, configuration and Administration of Netbackup environment
  • Administration of NIS or LDAP environment.
  • Middleware server administration, performance tuning, technical and deployment architecture design, development of system integration modules and support.
  • Maintain teh availability of all production and non-production Application servers, Enterprise service Bus and Messaging middleware as per teh defined SLA wif teh customer.
  • Provide 24/7 on-call support for Tier-III operational and business critical applications in a system administrator role.
  • Maintain teh Middleware software security and prevent unauthorized access to teh applications administration in compliance wif IT security policy.
  • Proactively initiate and plan teh version upgrade & patch management of Middleware software.
  • Provide technical support to teh Information Systems team in major application deployment designs and planning efforts to arrive at high performance and cost effective solutions.
  • Ensure proper documentation of teh system software for ease of quality assurance, testing, operation and support.
  • Investigate reported incidents in operational systems and ensure right patches are applied, tested and promoted to productive systems. Teh will handle configurations, installations, monitoring, testing and support of multiple flavors of UNIX systems.
  • Excellent Knowledge and work experience wif AIX and Solaris
  • Good noledge of well-non applications and database servers.
  • Good Knowledge of TCP/IP, Networking and VPN
  • Solid troubleshooting skills,
  • Proficient wif UNIX Scripting languages like Perl, UNIX Shell, AWK, BASH etc.
  • Familiarity in configuring, administering and monitoring heterogeneous production instances.
  • Knowledge of version, revision control, & change management practices and procedures
  • Results oriented, highly flexible, willingness and strong desire to learn

We'd love your feedback!