Security Analyst Resume
3.00/5 (Submit Your Rating)
Houston, TX
SUMMARY
- Over six (6) years of IT experience working in the areas of security analysis, application security, vulnerability assessment, and penetration testing.
- Has strong troubleshooting, and problem solving skills on security analysis to detect vulnerability on applications and servers to mitigate problems.
- A subject matter expert in areas of application security, hosting, DNS servers, WordPress CMS, vulnerability testing.
- Experienced in implementing networking and security systems based on engineering designs
- Analyzed networks using wireshark, tcpdump to study packets, and network activities for understanding application and website traffic.
- Proficient in Bash shell, DNS servers, Apache web servers, cPanel, WHM, Exim Servers for troubleshooting domain resolution, application hosting.
- Scoped out and executed penetration testing and vulnerability analysis based on OWASP Top 10 against web applications.
- In depth understanding of OWASP Top 10 and WASC THREAT CLASSIFICATION 2.0 methodologies.
- Experienced in performing SQL injection, XSS testing, CSRF, Brute force attacking, Script Injection, password cracking, RFI, LFI and other common hacking techniques.
- Executed vulnerability testing with various DAST tools like Burp - Suite, Vega, Nikto, Nessus.
- Manually tested the application to verify the threats and filter out false positives.
- Implemented best practices that include communication, intelligence gathering, and documentation for testing for security vulnerabilities in web applications.
- Excellent knowledge in configuring and working with Linux and Windows systems.
- Documented the scope, attacks, analysis, results and evidence and generated well documented periodic reports for managers and auditors.
- Constantly synced with security trends, vulnerabilities, attacks and technology.
TECHNICAL SKILLS
Network and Security tools: Kali Linux, Burp Suite, Metasploit, SQLMap, Nessus, Nmap, WPscan, OWASP ZAP, Vega, IBM AppScan, HP Fortify, Acunetix, John-Ripper, Mimikatz, Maltego, Recon-ng, httrack, arp spoofing, Wireshark, TCPdump
Operating System: Linux (Debian, Kali, Ubuntu), Windows
Additional Experience: MS Word, Excel, PowerPoint, Visio, WordPress, WHM, cPanel, VMware, SQL, Python, Java Script, HTML5 & CSS
PROFESSIONAL EXPERIENCE
Confidential, Houston, TX
Security Analyst
Responsibilities:
- Reduced security backlog for clients by 5% within two weeks of starting the job
- Self-taught technologies like WHM and Cpanel for support hosting for clients within the first week of job.
- Analyzed the security risk by questionnaire assessed on clients and generated the Risk Assessment report.
- Identified OWASP Top known vulnerabilities like Injection risks, CSRF, broken authentication, XSS, sensitive data exposure etc.
- Monitor web traffic across the network and filter unnecessary or malicious sites as needed.
- Created, reviewed and maintained Security Assessment Plan and policies for clients.
- Provided assistance to developers in patching vulnerabilities based on the test results.
- Properly recorded and generated reports according to policies based on security vulnerabilities.
- Performed operating systems, network, web and compliance scan with DAST tools to detect vulnerabilities.
- Educating clients the importance of SSL, strong passwords, email phishing and best practices.
- Tools: Burp Suite, IBM AppScan, SSLyze, SQLmap, WPscan, NetSpark
Confidential - Spring, TX
Security Engineer
Responsibilities:
- Used information gathering tools like Maltego, Recon-ng in order to gather intelligence and generate vulnerability assessment report on client applications.
- Consult with client regarding security practices and assess them to generate risk assessment report.
- Analyzed network and packets to identify traffic and security of the application.
- Performed CSRF, password cracking, injection attacks manually and using Burp suite to avoid false positives.
- Performed security system troubleshoots and provided issue resolutions based on findings to clients and developers.
- Served as a go-to person with reliability for providing assistance to new team members, developers on secure application coding practices and application threat assessment.
- Consulted clients on the best practices in the industry and product features.
- Tools: Burp Suite, SQLmap, Kali Linux, Nmap, Recon-ng, wireshark, TCPdump
Confidential
Application Security Analyst
Responsibilities:
- Keep up with latest security trends, security news, updates and threats.
- Established vulnerability assessment practices, proactively assessed public facing applications for vulnerabilities.
- Performed vulnerability scanning, password cracking, and injection attacks manually and using Burp suite, Vega and Nessus.
- Filtered false positive findings for the vulnerabilities reported in the scan reports by performing manual testing.
- Provided assistance to developers in code review and in patching vulnerabilities to application codes.
- Tools: Nessus, Vega, OWASP ZAP, Metasploit, SQLmap, httrack, Recon-ng, Maltego, Nmap, TCPdump, wireshark
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
