SUMMARY:

• Dynamic and motivated professional with extensive knowledge in vulnerability assessments, incident response, log analysis in Information Technology and Operation Technology. Skilled in building and maintaining professional relationships, demonstrating exceptional communication skills, making critical decisions during challenges, and coordinating with various teams to achieve a common goal.
• Specialist in Cybersecurity Analysis and Defense, Planning and Monitoring with 8 Years of Experience
• Well - organized, Self-starter, Quick learner, Self-Motivated, Team player with analytical, technical, and communication skills
• Knowledgeable of the TTP (Tactics Techniques and Procedure) playbook for Incident Response adhering to the MITRE Industrial Control Systems attack matrix
• Perform manual searches from the gathered logs via Splunk
• Analyzed log data from SIEM tools such as Splunk and Wireshark to identify threats and vulnerabilities on the network to prevent cyber security incidents
• Skilled & technically proficient with multiple firewall solutions, network security, and information security practices
• Applied current information assurance technologies to architecture, design, development, evaluation, and integration of systems and networks infrastructure
• Experience with Security Information and Event Management Tools like Splunk and IBM QRadar
• Knowledgeable of Cisco Switches and Router Configurations and working CLI
• Conducted vulnerability assessments mitigating risk through patch management.
• Worked with Legal and Compliance teams and perform electronic discovery and computer forensics to support investigations

TECHNICAL SKILLS:

• Network Security
• Network Access Control (NAC)
• Endpoint Security
• Virtualization
• Authentication
• AntiVirus
• AntiMalware
• Application Security
• Firewalls
• Data Loss Prevention
• DLP Planning data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage, Email Gateways, User Behavior
• Network Access Security Methods
• Access Control List (ACL)
• IP Filtering
• MAC Filtering
• Port Filtering
• Tunneling & Encryption
• Remote Access
• Mobile and Wireless
• Wireless Access Points
• Mobile Device Email
• Mobile Device Management (MDM)
• Security Tools
• WireShark
• SNORT
• IBM QRadar
• Splunk
• Nessus
• Testing
• Vulnerability Testing
• Security Assessment
• Nmap
• Methods
• Network Security Defense
• Security Offense

PROFESSIONAL EXPERIENCE:

Confidential

System Engineer

Responsibilities:

• Integration of Applications into Azure AD platforms
• Identify Security vulnerabilities and implemented procedures to ensure data center meets all security requirements
• Implements disaster recovery solutions and achieved 98% uptime for all servers
• Evaluate and report cyber threats, as well as aidin preventing, detecting, examining, studying, and analyzing computer and network intrusions.
• Developed and maintained security implementation policies, procedures, and data standard
• Evaluate and report cyber threats, as well as aidin preventing, detecting, examining, studying, and analyzing computer and network intrusions

Confidential, Atlanta, Georgia

Cyber Security Engineer

Responsibilities:

• Monitored Information Technology Security devices, including intrusion detection/preventions systems, data loss prevention, network access control, and firewalls.
• Researchedsecuritystrategies and techniques used in malicious campaigns to identify their source or offending parties involved.
• Demonstrated knowledge of processes, procedures, and regulations using Nessus.
• Performed scans of the entire system and provided an overview of the network vulnerabilities.
• Appliedknowledge of Intrusion Detection/Prevention Systems and rule/signature writing.
• Evaluate and report cyber threats, as well as aidin preventing, detecting, examining, studying, and analyzing computer and network intrusions.
• Supplied support in the discovery, reaction, mitigation, and exposure of cyber threats affecting client networks.

Confidential, Phoenix, Arizona

Cyber Threat Hunter

Responsibilities:

• Threat assessment and remediation analysis skills
• Analyzed log data from SIEM tools such as Splunk and Wireshark to identify threats and vulnerabilities on the network to prevent cyber security incidents
• Monitored and analyzed Intrusion Detection Systems (IDS) to identify security issues for remediation
• Monitored the general support system for vulnerabilities and threats, including patch management, weak password settings, and weak configuration settings
• Reviewed and analyzing log files to report any unusual or suspect activities
• Worked with system data including but not limited to security event logs, system logs, proxy and firewall logs
• Performed security control assessment of all assigned systems, developed test plans and assessment reports in support of system authorization
• Streamlined the phishing analysis to an almost analyst-free experience
• Applied understanding the function and content of information security policies, standards, procedures, and practices as well as threats, risks, and vulnerabilities at a functional level

Confidential, Arizona

Security Analyst

Responsibilities:

• Performed periodic reviews of process controls and technical controls to ensure continuous adherence to SOX compliance
• Supported day to day data security operations
• Monitoring security patch levels of the servers, workstations and network environments, and anti-virus systems
• Performed proactive network monitoring and threat analysis
• Recommended and addressed the acceptability of the software products for continuous monitoring project
• Monitored and analyzed Intrusion Detection Systems (IDS) to identify security issues for remediation
• Assisted in planning, development, and security of a system that aims to establish a security infrastructure
• Developed and maintained security implementation policies, procedures, and data standards

Confidential, Phoenix, Arizona

Assistant Analyst

Responsibilities:

• Experience investigating, capturing, and analyzing events related to cyber incidents
• Documented and logged technical incident detail for future
• Assessed business process to identify potential risks
• Experience researching emerging cyber threats to understand and present hacker methods and tactics, system vulnerabilities, and indicators of compromise
• Conducted above-core software reviews to ensure applications requested by users comply with requirements, guidelines, and standards before being installed on systems
• Defined, established, and managed security risk metrics and track effectiveness
• Defined security best practices for the university based on common threats and vulnerabilities found