We provide IT Staff Augmentation Services!

Information Security Specialist Resume

SUMMARY:

Knowledge of many security tools and practices including intrusion detection, anti - virus/spam protection, vulnerability assessment and management including implementation and system monitoring using SIEM tools. Experience in security awareness, system administration, log management, incident analysis, system backup and recovery as well as product/application evaluation and installation.

OBJECTIVE:

Implementation of tools and services that promote confidentiality, integrity and availability of network services and products. Assist with the strengthening of network security architecture and provide continuous monitoring of systems and network resources. Promote security awareness as well as learn, improve and share experiences.

EXPERIENCE:

Confidential

Information Security Specialist

Responsibilities:

  • Designed and implemented a security architecture for the Court.
  • Maintain and monitor Dell SonicWall system for abnormalities
  • Manage a quarterly vulnerability management program using Nessus and Nexpose
  • Provide information security awareness quarterly to new employees and increase awareness using media and posters
  • Improved backup and recovery plan for network components
  • Mitigate threats and maintain a high level of integrity on the network
  • Provide security recommendations for new system and products introduced to the environment
  • Assist IT Division in leveraging physical and virtual network anomalies
  • Tested. Implemented and monitor EventTracker log management product for suspicious network activities

Confidential

Information Assurance Officer (International/Expatriate)

Responsibilities:

  • Scanned project network for vulnerabilities using Retina scanner
  • Updated scan results into DOD Vulnerability Management Systems
  • Updated IA documentation
  • Checked DISA for Retina updates and performed updates on all internal scanners and servers when available
  • Ensured documents are adequately filed and labelled
  • Applied STIGs to assets using online VMS utility
  • Provided a weekly report of findings and deadlines for patches/vulnerabilities
  • Provided remediation instructions to system/network administrators

Confidential

Information Security Analyst

Responsibilities:

  • Submitted domain block requests for systems
  • Investigated incidents using category level data and provided recommendations for remediation of vulnerabilities
  • Used Arcsight, Snort, HBSS and custom applications to review system logs to monitor and eliminate threats on the network
  • Prepared reports on findings reported via email and over the phone
  • Implemented blocks on the hosts and systems that posed a threat to the network
  • Monitored web, email and network activities using a ticketing system to gather related information, closed incidents and evaluated system web activity traced via proxy servers
  • Used Wireshark to review PCAP data when investigating incidents
  • Used putty to parse through web activity using various grep commands

Confidential, Annapolis Junction, MD

Sr. Information Security Engineer

Responsibilities:

  • Managed deployment of retired IDS and AV to 600k clients and servers
  • Implemented the pilot for Sophos Anti - virus and IDS applications
  • Installed the IDS/IPS agents nationwide
  • Managed exceptions for false positives on IDS policies
  • Added/Edited firewall/IPS rules using SiteProtector and Sophos management
  • Performed ad-hoc vulnerability scans using Webinspect and ISS/IBM Scanners
  • Provided reports of vulnerabilities and provided remediation steps to SAs
  • Deployed Siteprotector management console and Proventia Desktop agents
  • Managed the ISS Proventia servers
  • Applied needed updates to host based and network based ISS/IBM products
  • Maintained ISS database server for IBM Proventia suite
  • Performed queried on IBM database server to improve performance
  • Managed new policies as needed for Proventia users
  • Troubleshoot warnings and alerts on systems
  • Researched spam emails for malicious content and implemented blocks
  • Performed war dialing semi-annually

Confidential, Washington, DC

Infosec Management Analyst

Responsibilities:

  • Coordinated patch management presentation and implementations
  • Inspected and scanned local telecommunications equipment
  • Assisted with the migration of independent systems into online system
  • Managed risk assessments and C&A using DITSCAP and NIACAP rules
  • Used FISMA, OMB and NIST publications to conduct evaluations of systems
  • Developed policies and directives on improving systems
  • Maintained the IT Security website with updates on patches and other security issues
  • Conducted security awareness sessions for staff and contractors

Confidential, Washington, DC

IT Security Specialist

Responsibilities:

  • Coordinated vulnerability testing
  • Constructed reports for project presentations
  • Coordinated all virus related testing, resolution analysis and deployment of AV product research
  • Administered ACF2 mainframe accounts
  • Coordinated vendor presentations
  • Ran vulnerability programs to assure hacker-proof environment
  • Reinforced incident handling procedures
  • Updated anti-virus software and user notifications
  • Performed scans for illegal devices on the network including wireless LANs
  • Researched new security tools for implementation in our network
  • Managed Antivirus projects
  • Implemented a security assessment review that is used to identify vulnerabilities on systems prior to adoption into network
  • Conducted forensic studies of infected/exploited computers
  • Performed fingerprinting scans of systems to determine operating system and other information about system

Hire Now