SUMMARY:

• An aspiring Penetration Tester and Security Architect, with Extensive background in different domains of information security possessing strong motivational drive to succeed in the industry is seeking a full - time employment.
• IT customer service and support for dynamic business of over 100 employees with diverse technical background to ensure 100% customer satisfaction with delivered solutions.
• Use of Microsoft operating systems and VMware virtualization on a Storage Area Network to deliver custom solutions in a rapid application development environment.
• Designed, develop, test, implement and support software development projects through various phases of SDLC using Object oriented methodology and UML with focus on OWASP Top 10.
• Implemented and managed security controls in a dynamic IT infrastructure.
• Secured IT infrastructures by implementing best security practices, risk assessment methodologies and Security operations monitoring. Evaluated secured systems through penetration testing with Kali, Vulnerability management and implemented countermeasures where required.

TECHNICAL SKILLS:

Hardware: Intel, Mac book, IDE/RAID/SCSI/SATA drives devices, Direct Attached Storage, NAS, SAN Servers, Network Appliances, NetBackup, Citrix, Switches, Routers, and misc. PC hardware.

Software/Programming Languages: C++/C#, MS SQL, Java, JavaScript, PHP, HTML/XHTML, Dreamweaver, ASP.NET, Visual studio, Visual Paradigm, Power Shell, Python, Microsoft Office 365 suite, Service Now, Spice works, Jira, Confluence and Tugboat Security Assurance.

Operating Systems: Windows Server 2003/ 2008/2012/2016, 95/98/ME/2000/NT/XP/Vista/7/8/10, DOS, Linux/Unix, and Mac OSX.

Database Platform: MS Access, SQL Server, and Oracle

Networking: Cisco Ethernet 802.3, TCP/IP, FTP, DHCP, DNS, ADFS, WINS, Telnet, DSL/Cable, Routers (Cisco IOS)/Juniper and switch configuration, cabling, remote access, Active Directory, Microsoft Exchange 2007/2010, VMware ESXi and tools, Firewalls, Proxy, VLAN, VPN, NAT, SSL, SSH, IDS/IPS, IPSEC, LAN/WAN, Wireshark, and Wireless technologies.

Security: Penetration Testing with Kali, Metasploit, Nessus, HackTheBox, OSCP / CEH tools, Alien Vault / Splunk / Sentinel SIEM, UEBA, Security Endpoint Solution, Centrify Privilege Access Management, Nmap, Snort, WAF, Burp suite, Vulnerability Management, Threat Intelligence, Malware Analysis, Encryption, Reverse Engineering, IT Audit / Compliance, Risk Assessment, Cyber Incident Response, AWS / Azure / Google Cloud Security, API Offensive Penetration Test, Multi-Factor Authentication, Data Loss Prevention, Microsoft Intune Mobile Device Management, Business Continuity & Disaster Recovery Plan and Knowledge of Security Standards, Frameworks and Methodologies: NIST, ISO (27001/02), SOC I/II, EU GDPR, ITIL, CIS Benchmarks, OWASP Top 10, MITRE s ATT&CK.

PROFESSIONAL EXPERIENCE:

Confidential

Cyber Security Specialist

Responsibilities:

• Evaluated the organization's technology use, needs, and recommended, made implementation of improvements, such as security solution upgrades, Disaster Recovery plans, Cloud computing and Security Architecture roadmap.
• Responsible for performing ethical hacks and technical security assessment through regular vulnerability assessment and internal penetration testing for the entire IT infrastructure including network, web applications, API, servers, databases, and workstations.
• Supervised security operations activities such as external penetration testing, vulnerability assessment and management, patching initiatives, and audit review.
• Created written reports, detailing assessment findings and recommendations.
• Provided oral briefings to management and technical staff, as necessary.
• Lead and Collaborated with the IT team to investigate and bring security events to a closure; Managed different initiatives related to cybersecurity awareness and phishing campaigns.
• Performed penetration test on endpoints, workstations, servers, and web applications to find security misconfigurations, weak passwords, user accounts, backdoors, and exploitable vulnerability.
• Researched and analyzed known hacker methodology, system exploits and vulnerabilities to support Red Team Assessment activities.
• Lead and inspected security design features, installations, implemented, created, and revised policies to ensure compliance with applicable standards or regulations (ISO 27001, SOC I/II, GDPR, SWIFT), Daily management of PAM, SIEM, DLP, AV (alerts/events, escalations, investigations, portal management, SIEM rules tuning, etc.)
• Deployed, created, and managed use cases for Azure Sentinel SIEM, Microsoft O365 Defender, load balancers, Palo Alto firewall rules, alert policies, playbook, VM instances and Intune MDM.

Confidential

Network Management and Security Systems Specialist

Responsibilities:

• Implemented and managed systems monitoring platform for the Cisco, Juniper and MRV based network, this included HP NNM, NetVoyant by CA and SIEM, and multiple perl and shell scripts.
• Implemented and maintained the NetVoyant performance monitoring system on various servers such as Linux, windows server.
• Managed and troubleshoot logs files, traps notifications, backups, and managed web portal, conducted regular Vulnerability and Risk Assessments on Corporate assets, Conducted Compliance Assessments, managed Corporate and Product Vulnerability and Patch Management Program.
• Analyzed security logs collected using HP ArcSight (SIEM), Created correlation rules for security alerts.
• Investigated various security incidents, mostly the results of malware infections, analyze system security logs, including firewall logs and intrusion/prevention logs, Performed system security audit on monthly basis. Performed Penetration testing of infrastructure, breach discovery and weaknesses.

Confidential

IT Security Specialist / Penetration Tester

Responsibilities:

• Consulted on IT policy and standard reviews, performed penetration test and vulnerability security assessment based on the OWASP Top 10, and diagnose security vulnerabilities in the development environment.
• Performed continuous monitoring of Intrusion Detection Systems (IDS/IPS), Managed daily monitoring and analysis of log files and security audit trails.
• Analyzed and evaluate the vulnerabilities found and report on metrics by providing information to the owners of the resources and project teams. Conducted research on the latest security technologies and standards, as well as the threat and vulnerability landscape.
• Monitored various sources of emerging threats (e.g., newly discovered vulnerabilities, viruses, malwares, worms).
• Provided Protection for password forms and implemented security counter measures.
• Performed risk assessment to identify security requirements and implement hardened solutions to secure systems.

Confidential

Computer Desktop Support

Responsibilities:

• Completed new computer deployments and maintained computer asset inventory to help enable a growing organization.
• Performed Computer deployments including software installations, data migration, physical to virtual (P2V) conversions and slipstream of old hardware working closely with employees to ensure satisfaction with delivered systems.
• Managed corporate FTP server to facilitate dynamic development of SCADA systems between clients in a time sensitive environment.
• Performed Hardware and software troubleshooting including upgrades, patches, and scheduled maintenance in a windows client/server-based system.
• Undertook SCADA web application testing, provided plans for SCADA security while performing quality assurance checks, working closely with development team.
• Performed risk assessment to identify security requirements and implement hardened solutions like CSET, Snort to secure systems.

Confidential

IT Consultant

Responsibilities:

• Prompted from previous position in recognition of demonstrated ability to train staff and upgrade their efficiency.
• Provided technical support, Installed, and maintained hardware and software. Performed configurations, upgrades, troubleshooting and repairs. Conducted client consultations for wireless LAN hardware and software, including networks, routers, and servers.
• Provided top tier support for the Global Corporate Active Directory forests, including developing and standardize security policies for AD objects.
• Analyzed businesses needs recommended and implemented solutions, Harden and secure Windows/Linux servers, Implemented Risk Assessment, Vulnerability, Penetration Testing with Back Track and Security Engineering services.

Confidential

Systems/Network Engineer

Responsibilities:

• Performed software installation, upgrades/patches, troubleshooting, and maintenance on Windows/Linux servers.
• Responsible for all aspects of Linux security, including performing Windows/UNIX security audit, writing, and implementing security policies, and ensuring compliance to security standards.
• Installed and monitored performance of wired and wireless networks to maximize operations, performed risk assessment surveys to identify security requirements and administer Windows 2003 Servers for multiple sites: including design and implementation of Active Directory Forest Architecture.
• Provided top tier support for the Global Corporate Active Directory forests, including developing and standardize security policies for AD objects.