Sr. Cyber Security Specialist Resume

TECHNICAL SKILLS:

IDS/IPs: Mcafee ESM, Checkpoint, Mcafee NSM, Imperva WAF

SIEM: Mcafee ePO Ocrchestrator, Symantec Sepm, Splunk, Netcool/Omnibus

Vulnerability and Penetration Testing: Nessus, Qualys, nmap

Forensic/Malware: Netwitness/RSA Security Analytics, Mandiant, Encase, Wireshark, FireEye

Security Standards/Guidelines: FISMA, HIPAA, NIST

Threat/User Management: Triton/Websense, Blue Coat Reporter, Active Directory

Asset Management: IBM BigFix

Ticketing System: Service Now, Remedy, HPSM, RT

PROFESSIONAL EXPERIENCE:

Confidential

Sr. Cyber Security Specialist

Responsibilities:

Monitor various security tools (e.g. Splunk, IBM BigFix and Mcafee ePO) to identify potential incidents, network intrusions, and malware events, etc. to ensure confidentiality, integrity, and availability of VA architecture and information systems.
Review and analyze log files to report any unusual or suspect activity.
Utilize incident response use - case workflows to follow established and repeatable processes for triage and escalation.
Generate trouble tickets and perform initial validation and triage to determine whether incidents are security events, using open source intelligence (OSINT).
Follow established incident response procedures to ensure proper escalation, analysis and resolution of security incidents.
Report incidents to US-CERT and provide detailed information.
Analyze and correlate incident event data to develop preliminary root cause and corresponding remediation strategy.
Provide technical support for new detection capabilities, recommendations to improve upon existing tools to protect the VA network.

Confidential

Senior Security Analyst

Responsibilities:

Monitor various network defense devices for possible intrusion attempts.
Review intelligence reports from various agencies and reliable external sources to find IOCs.
Upload malicious hash values to the security platform (IPS, FireEye).
Quarantine the machines wif suspicious behavior and initiate triage.
Analyze risks detected by AV solution and initiate AV scans upon the machines.
Address phishing/spear phishing attempts.
Run vulnerability/compliance scans and provide reports to the patch management team.
Evaluate user’s software requests for possible vulnerabilities in the requested software.
Engage proxy/firewall team to implement blocks upon suspicious IPs/Domains.
Compile shift report for the upper management.

Confidential

Security Administrator

Responsibilities:

Review IDS logs to detect anomalies and malicious behavior.
Assess vulnerable assets and take appropriate steps to mitigate the risk, according to the agency guidelines.
Log security events in internal ticketing system for team and management review.
Review intelligence reports from entities like DHS, US-Cert. Recommend changes to improve the security posture of the organization.
Recommend firewall, web proxy blocks.
Train new hires to understand the tools and environment.
Upgrade IDS rules utilizing secure terminal.
Assisted in the creation of the SOP’s.

Confidential

Security Analyst

Responsibilities:

Assist users wif spam related issues.
Submit malware samples to the AV Team and subsequently notify AV vendor.
Monitor the network devices to maintain the uptime for the devices such as Database Servers, Exchange Servers, Firewall Appliances, Routers, and Switches.
Recommend Firewall rule sets to avoid possible network abuse and breach.
Depending on user requirement and instructions from the management, make possible changes to the web proxy settings.
Identify and analyze reported websites and categorize the websites accordingly.
Review Threat intelligence reports and create a list of the IOCs for the federal management review and possible changes to the agency’s security posture.

Confidential

Sr. SOC Analyst

Responsibilities:

Review security alerts from customer’s abuse inbox, webserver logs, and process various feeds from multiple partners (Anti Phishing Working Group, AOL, Clean MX, Phish Tank etc.).
Detect and perform administrative/technical shutdown of the fraudulent activities, including Phishing/Spear Phishing, Malware, Brand Infringement, Vishing, Smishing, Botnets, Fast Flux phish attacks.
Client base included well non entities (Internal Revenue Service, American Express, Wells Fargo, Royal Bank of Scotland, Natwest Bank) and various other financial organizations around the globe.
Worked against Brand Infringement and counterfeit websites. Client base included new balance, True Religion Jeans etc.
Course of actions included reaching out to the ISPs, domain owners, server admins, webmasters Computer emergency response teams and Law enforcement agencies to terminate fraudulent activities wifin their perimeter.
Send notifications to browser partners Microsoft, Firefox and others to fraud cast fraudulent URLs.
Communicate wif customers to provide informational updates and deliver exceptional service quality.
Prepare daily reports for the management and customers.