SUMMARY:

• My drive, passion, and confidence in the IT Security field is what makes working in this field exciting.
• I have over 10 years of solid IT Security experience in a number of different areas - particularly focused in Vulnerability Management, Threat Analysis, Incident Response, SIEM, Compliance, and other similar areas.
• I always look to stay current in this rapidly evolving field and look forward to making a positive impact in my next role.

TECHNICAL SKILLS:

Tenable Nessus & SecurityCenter:  Qualys Vulnerability Management

Cenzic HailStorm:  Trustwave AppDetective, Imperva SecureSphere Database Activity Monitoring, Imperva SecureSphere Web Application Firewall

SIEM: Confidential /QRadar,  Confidential Proventia IPS

Security Tools: Nmap, WireShark, SiteProtector

EXPERIENCE:

Confidential, CT

Security Engineer

• Constructed a vulnerability and patch management program from the ground up for the Engineering (Manufacturing) side of the company.
• Composed a vulnerability management process document and flow diagram to have as a guide as we progress into a mature program.
• Incorporated an Asset Inventory (CMDB) and Exception management process to fit into the program.
• Conducted discovery and vulnerability scans using Qualys and analyzed/prioritized the findings to how it impacts the environment.
• Created Remediation report and plan and coordinated with our team and system owners at plants on how to handle the remediation efforts.
• Used metrics like CVSS, Qualys Severity, Criticality, and Categorization to evaluate each finding to assign a Risk Rating which would help prioritize the Remediation report.
• Clearly communicate the risks to appropriate team members and coordinate on how to handle the remediation efforts.
• Collaborate with the Ops team to build infrastructure and servers on AWS
• Oversee AWS cloud monitoring systems and processes, recommend improvements, and perform optimization and tuning.

Confidential, RI

Security Engineer

• Using Qualys, Archer, and other internal resources the main goal was to drive and facilitate Vulnerability Remediation by improving the continuous vulnerability management process for the organization.
• Updated and enhanced the vulnerability workflow so that the team can stay current on the weekly vulnerability scans and getting them addressed.
• Performed HIPAA Risk Assessments on systems that handled ePHI using Qualys Vulnerability Management.
• Analyzed the technical vulnerabilities that come into our group and determine the appropriate actions to take.
• Communicated with various teams and individuals about the vulnerability details and provide remediation assistance/compensating controls that can be applied to reduce risk.
• Coordinated with Governance, Risk, and Compliance team on actions determined for complex issues and path to take that will keep the organization at lowest risk possible.
• Stayed updated on the latest vulnerabilities and collaborate with the security team on the findings from the division I am responsible for.

Confidential, MA

Cyber Security Consultant

• Performed Static Application Security and Dynamic Application Security Tests using Confidential AppScan Source/Enterprise.
• Reviewed Security Design and Architecture deliverables to make sure security requirements are met and on pace to achieve secure solutions.
• Advised and incorporated Threat Modeling (i.e. STRIDE / DREAD) into the program for an understanding of threats from the outside-in.
• Produced Vulnerability Scan Reports and communicated the results to development with the appropriate analysis and fix recommendations.
• Helped Development understand the security vulnerabilities and the impact they can have so that it helps them implement the proper code fixes.
• Created and executed test cases and test scripts as part of QA in the Confidential Rational Team Concert platform and also produce documentation to support the test plans.
• Informed and educated Development about the OWASP top 10 risks, Secure Coding Practices, and other security related resources to help them incorporate security throughout the SDLC.
• Performed false positive validations on many of the findings that results from the dynamic analysis.
• Helped improve and strengthen the Network/Infrastructure Vulnerability Management process that was immature to support the AppScan side of the program.
• Performed Network Vulnerability scans using Tenable Nessus and analyze/prioritize the findings. Assign the findings and recommendations to the appropriate system owner. Communicate the vulnerabilities for appropriate remediation plans.

Confidential, CT

Cyber Security Engineer

• Performed HIPAA Risk Assessments on multiple State of CT agencies that handled ePHI.
• Conducted vulnerability scans using Cenzic Hailstorm, Tenable Nessus and Trustwave AppDetective.
• Communicated the findings to the appropriate teams and assisted them on fix recommendations.
• Discussed secure web application coding practices to reduce the chances of Injection, XSS, XSRF, and other OWASP related risks.

Confidential, GA

Security Analyst

• Imperva DAM (Database Activity Monitoring) - Performed daily operational real-time monitoring, analysis and resolution of database related (MSSQL, Oracle) security events.
• Created and implemented the complete Real-time Monitoring and Incident Response processes as to how to handle Alerts.
• Created a tuning process for the team to document any policy changes/exceptions to be made on the Imperva SecureSphere Dashboard.
• Communicated alerts/violations to DBAs and other admins. Discuss the intent of any of the traffic that we see and explore what remediation efforts can be performed.
• Imperva WAF (Web Application Firewall) - Work in conjunction with vulnerability management team to take dynamic scans they produce to upload to the Imperva WAF for immediate protection from web application attacks.
• Analyze and Review the SecureSphere console daily and deal with the identified application events review and tune the Web application firewall rules for each of the applications being protected.

Confidential,Atlanta, GA

Cyber Security Analyst

• Performed Risk Management for a federal client utilizing NIST guidance, to include Certification and Accreditation (C&A), applying NIST 800-53 Security Controls, 800-64 Life Cycle Methodology/SDLC, and Risk Assessments.
• Reviewed/Assessed C&A packages for compliance with NIST C&A guidance, including System Security Plans, System Categorization Documents, Risk Assessments, Plan of Action and Milestones, Contingency Plans, Configuration Management Plans, and Privacy Impact Assessments
• Performed vulnerability scans on systems using Confidential Appscan (Enterprise Version) and Nessus Vulnerability Scanner. Generate reports that would provide vulnerabilities by host. Communicate and assist end user on Appscan results
• Based on the vulnerability scan report, composed a risk mitigation worksheet to determine if the responsible system owner wants to accept, mitigate, or reject the risk.
• Developed and executed security control assessment plans for management, operational, and technical controls documenting weaknesses and providing mitigation strategies

Confidential, Atlanta, GA

Lead Security Analyst

• Threat analysis - Monitored customer traffic that included Malicious code, Malicious website access, Unauthorized Activity, Brute force attempts, Trend Analysis, Virus/Worm signatures, and other suspicious activity that customers needed to be aware of.
• Performed real time security event monitoring through signature-based and anomaly based activity.
• Provided proactive IDS/IPS administration, signature tuning, and maintenance.
• Incident Response - Detected, investigated, and responded to security incidents; and followed an organized internal IR plan to handle incidents in a technical and nontechnical manner.