TECHNICAL SKILLS:

• Qualys Vulnerability Scanning *MS Office *Azure Active Directory
• Bit 9 End Point *Cylance Protect *SSL Certificate Management Venafi
• Web application firewalls (WAF) *PCI Compliance *FileTransfer Technology MoveIT/SFTP
• Bilingual English - Spanish *Inventory *Investigations
• Software application architecture
• Relay *Virtualization VMs,
• Analyst *Corrective Action *Budgeting
• Problem Resolver *Maintenance/Repair *Time Management
• Data Analyst *Reporting *Financial Reporting
• Profit & Loss Reporting *Training New Employees *Malware Analyst
• Threat Expert *Troubleshooting *Cryptography
• WADI Dashboard *NetMON Tools *S.N.M.P. Data
• AZURE *ENV *ACIS
• Wepawet *Jsunpack *jsBeautifier
• Virus Total *Anubis *URLQUery
• VURL Disscect *Black Hole Exploits *Javascript
• Bot Nodes (zombie systems) *Mules *Phish Kits
• SQL *Remote Desktop *Xbox Live
• LimeLight *KVM *VPN
• Tanjay-Polycom *Networks *WIFI Network
• Network Security *HIDS *HIPS
• NIDS *NIPS *Carbon Black

PROFESSIONAL EXPERIENCE:

Confidential, GA

Security Engineer/Qualys Subject Matter Expert

Responsibilities:

• Provide technical expertise and advice on areas of security technology, including: platform security, authentication systems, application security, security architecture and security frameworks.
• Identity Access Management configure both Venafi and Qualys users are given proper permissions to perform daily duties. working with vendors and other business teams on projects to meet deadlines, as well as working provision service accounts and roles with proper authorization.
• Role Based Access Architect with Venafi and Qualys to ensure data loss prevention.
• Identity Access Web Provisioning creating new accounts for web engineering teams to authenticate onto Venafi and generate, revoke, renew certificates.
• Work With Project Management to improve Vulnerability Scanning to Industry Standards and PCI Compliance.
• Analyze results of vulnerability scans, check for false positives, and escalate for remediation.
• Work with Venafi to replace deltas PKI infrastructure.
• Participating on project, To migrate enterprise amount of certificates from Sha1-Sha2 with third party vendor Forsythe
• Set up Qualys from Conception to Enterprise Scanning Level.
• Replace Live Applications with new applications with no Customer impact.
• Collaborate with business and IT staff to understand strategic and tactical business, application or service requirements, then translate those into securely designed solutions.
• Perform complex IT system and product evaluations to facilitate secure solution delivery.
• Provide complex technical guidance, oversight, and enforcement of security directives, policies, standards, plans, and procedures
• Working to improve documentation on process and workflows to better improve Security Engineering teams response to incidents with customers and members of other business units.
• Assess, design, implement, and integrate enterprise security solutions including, but not limited to, next-generation firewalls, web application firewalls (WAF), intrusion prevention/detection systems (IDS/IPS), content filtering, secure log management, security information, event management (SIEM) systems, anti-malware solutions, mobile device management (MDM), cloud orchestration, and endpoint security solutions
• Maintain knowledge of complex industry trends, current security issues, and security technologies.

Malware, Forensic Investigator

Responsibilities:

• Ensure clients and users working for Fiserv are not violating code of conduct.
• Use carbon black formerly known as bit9 to analyze processes on corporate users computers to “hunt” for malicious processes or hijacked processes using advanced queries: process name: java.exe AND child proc: powershell.exe AND filemod: *.vbs.
• Analyze malware and phish scams by installing them onto sandbox machines and reverse engineering it.
• Create watch list rules to alert company of any ransomware or malicious activity that may cause data exfiltration.
• Carbon Black malware analysis and reverse engineering.
• Ensure regulatory requirements are met by business units.
• Stay informed of latest security threats and malware tools. That may compromise Linux, Windows, and mac based operating systems.
• Recommend tools to better prevent/mitigate malware infections.
• Using carbon black isolate compromised machines to prevent further infection of machines in corporate environment.
• Ban hashes of known malicious files and malware to prevent and minimize impact of campaign day attacks.
• View website coding to look for redirectors and or silent malware droppers.
• Analyze java script files to find malicious net connections or suspicious GET commands.
• Go live onto machines over carbon black to find malicious files in appdata or other directories.
• Retrieving Memory images of machines deemed severity one to determine what vulnerability was exploited.
• Stay informed of latest security threats and malware tools. That may compromise Linux, Windows, and mac based operating systems.
• Collected, searched, recovered, sorted, and organized electronic information in all phases of an investigation and litigation matter.
• Performed triage on correlated security events; responsible for identifying, escalating, and validating security incidents in accordance with customer-specific Incident Management procedures.
• Developed correlation logic rules to identify certain combinations of events as 'Incidents' indicating attacker activity, generating alerts for enterprise Incident Management and Response teams from within a Security Information Management (SIM) solution.

Federal Analyst

Responsibilities:

• Identify scripts, analyze commands to watch out for dangerous commands that decrypt passwords or delete certificates.
• Identity Access Management working with Azure Active Directory in creating roles for RBAC For Monitoring and risk calculation.
• Role Based Access assigned new accounts separate privileges and roles to ensure separation of duties.
• Identity Access Web Provisioning creating new accounts (subscriptions for users) with Microsoft Azure.
• Troubleshoot server deployments with tools like WADI dashboard.
• Look for errors like missing S.N.M.P Data in windows azure cloud using NetMON tools.
• Update server toolset with scripting command \\folder\path\tool\specific tool\update
• Log and escort people in US government ENV Fairfax by creating command for secure remote desktop connection.
• Use ACIS web browsing tool to configure permissions on other servers.
• Run Encryption and Decryption commands for connection strings and keys.
• Make sure procedure for Encryption through ram memory does not expose secrets.
• Create key vaults for customer databases.
• Create self-signed certificates with stash client
• Retrieve cert thumbprint, public key information.
• Update client password owners.
• Troubleshoot and check status of services in Azure management portal.
• Increase capacity of Virtual machines in a cluster from azure management portal
• Retrieve published setting files of azure subscription ID’s
• Analyze files developers request to bring into the environment to determine if they are secure, possibly malware, or contain malicious coding.
• Developing, implementing and managing strategic, technical and operational security plans that are aligned with business goals and objectives
• Assist in the development of procedures surrounding incident response, computer forensics, malware analysis, and daily cyber security operations
• Actively participated in assessing the effectiveness of security technologies such as IDS/IPS, firewalls, and web proxy devices to prevent unauthorized access, modifications, disclosures or misuse of company resources.
• Documented procedures for incident response activities to improve security operational processes.

IT Fraud Analyst

Responsibilities:

• Identifying, analyzing, and categorizing fraudulent web sites.
• Investigating and determining legitimacy of DNS and BGP changes.
• Contacting ISP’s around the globe in order to take down and remove fraudulent content and sites.
• Analyze malware in controlled environments to determine if zero day threat or old known malware.
• Work with registrars around the globe creating templates to inform them in their native language of fraudulent domain names.
• Report thousands of phish sites parasites and malware content, search find and close sites gathering fraudulent data such as credit cards and SS numbers for sale.
• Work with various tools such as Wepawet, Jsunpack, jsBeautifier, Virus total,Threat expert, Anubis,URLQUery, VURLDisscect.
• Work with a Interal Big Data Source while at same time Updating External Big Data source.
• Identify old and new Black Hole Exploits.
• Read javascript to find redirectors to fraud content or if it is hiding any black hole exploit code.
• Use commands in terminal such as md5 to find malware or data that has been edited, curl and its switches to find redirectors - I, k - x, wget, dig, host, host ns dig mx.
• Worked effectively with Bank Departments’ management teams in identifying fraud detection and trending issues.
• Protected credit accounts from being used for fraudulent purchases thus minimizing product loss and black market sales.
• View hundreds of different web page sources to find any redirectors or code stealing personally identifiable information.
• Locate, analyze, and report problems inherent in unprotected BGP & DNS systems.
• Locate and report Command & Control servers, bot nodes(zombie systems), Mules, Phish kits, credential gathering, unauthorized distribution, credential distribution, hacker dialog, and malvertising.

IT Consultant/Tier 2 analysis/engineer

Responsibilities:

• Deploy various patches on a production environment to millions of systems remotely through tunneling.
• Troubleshoot SQL, Network, and Hardware issues.
• Identity Access Management with Active Directory to assign roles to new engineers. As well as to give new members of teams overseas the access they require to perform patching, or troubleshooting.
• Flush caches using azure, and using limelight.
• Review and analyze security event logs and security appliance logs. Investigate security events forwarded from Level I Analysts for security risk
• Review and analyze security event logs and security appliance logs. Investigate security events forwarded from Level I Analysts for security risk
• Configure Secure Lightweight Directory Access Protocol with Microsoft to identify teams to work with in the case of a severity 1 outage.
• Communicate with hundreds of Microsoft partners and services daily.
• Handle Tickets of issues coming in through ticketing software.
• Worked with Microsoft partners to help improve efficiency and design of previous tools.
• Remote desktop troubleshooting of windows server 2000 and 2012.
• Support all servers and services of Xbox Live and millions of customers.
• Work with various different tools to troubleshoot and diagnose server issues
• Trace packets of information in order to find and locate where issues are occurring.
• Troubleshoot various game issues bugs, purchasing issues, and finding ways to implement fixes and resolve issue.
• Flush caches using azure, and using limelight.

PC Tech Support

Responsibilities:

• Disconnected and reconnected two thousand PCs of various brands from one corporate office to another.
• Set up various brands of net switches in order to keep network up and running for hundreds of users.
• Set up KVM’s and servers in corporate offices.
• Set up docking stations for use for employees through VPN.
• Set up Microsoft Tanjay-Polycom phones and USB phones in hundreds of offices.
• Took inventory of hundreds of various office tech supplies.
• Set up networks with various Cat Rated network cables.
• Labeling individual USB, DVI, VGA wires, network cables, PCs, Docks, Monitors, KVMs, and Keyboard/Mice and the ports they should be connected to.

Assistant Manager

Responsibilities:

• Trained new workers how to greet customers, and wait tables.
• Organized financial information daily of expense and profit information using MS excel.
• Referenced other food handlers where to get resources or food materials needed.
• Communicated with diverse cultures through customer service.
• Managed two shifts morning and afternoon shift Managed and led a staff of 15 (waiter, waitress, cooks, cleaning staff, host)