We provide IT Staff Augmentation Services!

Cyber Security Incident Response Engineer Resume

2.00/5 (Submit Your Rating)

SUMMARY

  • Extensive hands - on experience in Information Security in various industries such as Health Insurance, Manufacturing, and Retail with a focus on IT risk mitigation, security management, audit and regulatory compliance, project management, data management and risk remediation.
  • Skilled & technically proficient with multiple firewall solutions, network security, and information security practices.
  • Working experience on frameworks: HITRUST, HIPAA, NIST SP 800-53, NIST 800 -37 ISO 27001, COBIT, SSAE 16, SOC 1 and 2 HITECH, ITIL, SOX, CIS, PCI, COSO, FISMA, OWASP Top 10 Vulnerabilities, Agile Methodology.
  • 10+ years I.T expert, offers a proven track record in setting up and maintaining networks/systems as well as diagnosing and troubleshooting technical issues for internal/external clients. Provides high level technical support for end users, ensuring problems are thoroughly examined and are well tested prior to implementation.
  • Skilled team leader with a track record of directing multiple tasks effectively to ensure on target completion of all deliverables.
  • Outstanding interpersonal and communication strengths leveraged to train users and ensure total client satisfaction.

TECHNICAL SKILLS

Operating Systems: - Windows Platforms, Linux (UNIX)

Software: - Royal TS, Screen Connect, ConnectWise, MS Office, Visio, Symantec, McAfee antivirus, System Center Configuration Manager (SCCM), SQL 2005,2008,2012, SentinelOneForensic Toolkit (FTK Imager), Nessus, Cisco AnyConnect, Port Scanner, SplunkAmazon Web Services (AWS), vCenter

Networking: - TCP/IP, DNS, DHCP, FTP, SSH, ARP, EIGRP, OSPF, SNMP, STP, HTTP, VLANs, VPN, Telnet

Security: - Bitlocker Encryption, Windows Hardening, Patch management, Group Policy, Active Directory, LDAP, Penetration testing, Vulnerability Scanning

Hardware: - Desktops, Laptops, Printers, IP Phones, Firewalls, Servers, Cisco switches & Routers, NAS, SAN, UPS, APC, KVM, Watchdog censor, VPN concentrators

PROFESSIONAL EXPERIENCE

Cyber Security Incident Response Engineer

Confidential

Responsibilities:

  • Serve as Cyber security engineer to resolve ransomware attacks for insurance companies.
  • Experience and proficiency in designing and facilitating Cyber Incident Response and/or IT Disaster Recovery tests, exercises and/or simulations.
  • Identify incidents and make recommendations to protect network.
  • Deployed SentinelOne EDR tool to over 1500 workstations, VMware, Hyper-V machines via GPO
  • Run decryption tools per client on Hyper-V, VMware, and Workstations
  • Collect logs for forensic investigation.
  • Utilize digital forensic tools (In-house App FTK Imager, etc.) to perform incident response activities.
  • Troubleshoot/resolve issues with client systems to run software.
  • Penetration Testing/ Vulnerability scanning using Nessus.
  • Communicate and coordinate with customer to fix current threats.
  • Configure virtual machines on Hyper-V and VMware from backup

Information security Engineer

Confidential

Responsibilities:

  • Handled and coordinated numerous IT and security risk assessment-based to determine compliance with UHG standards. Roles and responsibilities included conducting statistical analysis, identifying vulnerabilities/ gaps, developing reports, and managing the remediation project.
  • Deployment/ Admin/Development work for Applications based on Microsoft Azure Cloud Platform (PaaS/ IAAS). Analyze business requirements and existing system in Production Environment.
  • Worked on different operating systems like Windows, Linux and Solaris and AWS Cloud (SaaS, PaaS, IaaS).
  • Troubleshoot Proxy server and recover from backup.
  • Administer Proxy server
  • Conducted Metasploit/Nessus penetration test on Web application, and Network service.
  • Configure and deploy SentinelOne EDR tool to over 2500 Windows and Linux devices Via GPO
  • Conducted root cause analysis for identified information security issues and risk observations.
  • Developed Cyber Security Standards on NIST Frameworks and insured their proper implementation to reduce the risk of vulnerability to IT assets.
  • Deploy Bluecoat agent on systems to defend corporate network.
  • Provided guidance and feedback to vendors for improving their security controls by managing and implementing tools like SIEM, IDPS/IPS and integrating security into their SDLC process.
  • Worked extensively on various SIEM (Tanium, Splunk, Skybox), AV, IPS/ IDS and DLP tools.
  • Performed internal risk assessment on IT security and controls team that managed security operations (Network Security, SIEM, Firewalls, IDS, encryptions, TCP/IP, DNS Incident Response) to determine compliance with Confidential security requirements.
  • Troubleshoot and recover network outage.
  • Use Cisco Meraki to monitor status on PCs and servers, also for deploying ESET Endpoint and other software packages to Servers and PCs.
  • Configure Print server
  • Configure and manage Virtual Machines using VMware 6.5
  • Backup VMware VMs using Veeam backup.
  • Configure and manage Cisco network switches and routers.
  • Configure Ubuntu 20.04 server
  • Configure Splunk server for logs.
  • Configure Suricata IDS and setup log sending to Splunk server.
  • Configure pfsense firewall logs to Splunk server.
  • Configure Windows devices to send logs to Splunk server.
  • Configure Cisco devices to send logs to Splunk server.
  • Document engineering processes.
  • Mentor junior engineers on new implementations and following documents for repeatability.
  • Troubleshoot and solve issues remotely using ConnectWise & Screen Connect

Network Operations Technician

Confidential

Responsibilities:

  • Served as a Network administrator to manage Cisco and Dell technologies such as servers, switches, and workstations for TDOT.
  • Configure/maintain and troubleshooting of Cisco switches, routers, and Firewalls for operations.
  • Configure and maintain Host servers/VMs for TDOT end users on Hyper-V and VMware (HP, Cisco)
  • Implemented and managed security related technologies, including Intrusion Prevention, Privileged Identity Management, SIEM, DLP, IPS/ IDS, Vulnerability Management and Multi Factor Authentication.
  • Reviewed architecture designs, security related changes and firewall requests to ensure that all implementations adhere to strict policies and best practices.
  • Troubleshoot and resolve Cisco IP Phones issues for TDOT staff.
  • Configure, maintain, and troubleshoot Windows servers 2012 & 2016 in TDOT (5) Regions.
  • Maintain EMC Avamar backup solution.
  • Install and monitor watchdog censor for temperature of network systems in datacenter.
  • Workstation troubleshooting/resolving for TDOT end users.
  • Deployed Bluecoat on systems to defend corporate network.
  • Deployed Symantec endpoint on systems.
  • Troubleshoot Cisco Jabber on TDOT workstations.
  • Migrated end users to new network using fiber optics patching.
  • Maintain NAS storage (Isilon)
  • Maintain data privileges using Group Policy Management
  • Respond to client needs using ServiceNow ticketing system.

Systems Engineer

Confidential

Responsibilities:

  • Served as a system lead to deliver an excellent customer service to VGT clients in India, Canada, Australia, and major cities in the U.S VGT gaming environment, while managing Cisco routers, switches, and ASA firewalls, Dell switches and Super-Micro servers
  • Configure, maintain, and deliver excellent customer support with over 50 clients while providing level 2-3 support on 200+ servers for Hyper-V, VMware ESXI, VCenter, Linux OS, Windows Deployment Service (WDS) Server, Cisco switches, routers, and Cisco ASA.
  • Assisted as a technical security analyst as part of a team responsible for assessing and ensuring NIST 800-53 Rev 4 management, operational, technical, and privacy security control implementation compliance.
  • Worked on different operating systems like Windows, Linux and Solaris and AWS Cloud (SaaS, PaaS, IaaS).
  • Coordinate with the software engineering team to implement in-house applications.
  • Mentor new employees on company systems and standards. Team lead in a group of 5.
  • Develop strategies and design for configuring servers.
  • Maintain backup and recovery system EMC Avamar.
  • Configure and maintain Suricata IDS.
  • Configure and test Juniper firewall against gaming production.
  • Configure and maintain Microsoft Exchange server 2007 & 2010 for VGT employees.
  • Configure and maintain AWS Networking for VGT employees
  • Create, document and maintenance of internal services.
  • Develop asset and configuration management standards, plans and procedures.
  • Configure and maintain SQL Servers for database engineers.
  • Identify and plan software/hardware upgrades, patch management, and firmware upgrades using SCCM.
  • Configure and maintain Proxy server.
  • Configure and administer Windows workstations and laptops for internal VGT users.
  • Configure and maintain Microsoft Windows server Windows Server 2016, 2012, 2008, 2003.
  • System hardening such as Bitlocker encryption, anti-virus, DHCP Client service
  • Execute technical tasks to ensure optimal functionality including Configuring, maintaining, and troubleshooting of LANs, WANs, and Servers
  • Resolve technical issues in a timely manner including troubleshooting and maintaining Office365, configuring and managing, IP Address management (IPAM), RAID Configuration, iDRAC configuration, and Imaging.
  • Utilize technical expertise to configure and manage Active directory and Group Policy for VGT users
  • Research and Implement Micro-segmentation for Advanced Persistent Threat and easy environment separation.
  • Strengthen system security/integrity by Performing backup procedures in case of a Disaster Recovery.
  • Modify scripts to Increase speed and efficiency using PowerShell.
  • Install and maintain McAfee antivirus protection on workstations, Hyper-V, and VMware systems
  • Document engineering processes
  • Adhered to agile methodologies. Worked in Kanban and sprints environment.

Network Technician

Confidential, Nashville, TN

Responsibilities:

  • Served as a network administrator to manage Metro Cisco switches, routers, and IP Phones.
  • Ensured cohesive operations by configuring and installation of Cisco switches, routers, and Cisco IP Phones to all metro sites.
  • Executed engineering activities to maintain existing networks and detailed project plan to build new networks per requirements.
  • Implemented technical tasks in fast-paced environment including performing patches and providing network consulting and support for all Nashville Metro clients.
  • Configure and managed Active directory, LANs, DNS, DHCP, T1 lines
  • Troubleshoot and fix Cisco IP Phones for Metro users/employees.
  • Travelled to metro sites to provide hands-on management of engineering projects.
  • Diagnosed customer problems over the telephone while delivering high quality customer service to Metro users.

Field Services

Confidential, Nashville, TN

Responsibilities:

  • Served as a field technician to configure and administer desktops/laptops for Metro employees.
  • Troubleshooted and maintained support with 300 - 400 onsite computers while ensuring operational functionality.
  • Managed essential data including inventory of Metro laptops and desktops.
  • Increased data security by providing OS updates on laptops and desktops for Metro Libraries and Parks, Computer scan and Virus removal.

Program Coordinator

Confidential

Responsibilities:

  • Served as a lead to ensure company processes and standards are met on time.
  • Resolved customer issues by communicating with customers though a ticketing system, via email, phone, and internal software chat systems.
  • Managed, trained, and led a department of 11 to complete required tasks and projects.
  • Spearheaded process improvements to reduce error, save time, and prevent overpayments.
  • Utilized Microsoft Office software to input invoices with high accuracy.
  • Guaranteed activities adhered to security policies and standards.

We'd love your feedback!