SUMMARY:

• A skilled and highly organized Security Professional with high ability to adjust quickly to new technologies, environments and procedures; ready to use my skills and experience in identifying and resolving threat to network systems and company data..

TECHNICAL SKILLS:

• Experience in the application of FISMA guidelines including the NIST special publications 800 - 30, 800-53, 800-83, 800-84, 800-86, 800-92, 800-94, 800-115, 800-117 rev1, 800-137, 800-128 and FIPS 200
• Experience in Computer Forensics, Data and Event Analysis, Endpoint threat analysis, Network intrusion analysis and Security Monitoring
• Experienced in taking quick action on cyber threat intelligence
• Understanding and experience with the System Development Life Cycle (SDLC)
• Experienced in identifying potential threats and ensuring security of network systems
• Strong knowledge of system, network security, log analysis, and intrusion detection technologies
• Knowledge in project management, risk assessment, and security audits
• Strong knowledge of TCP/IP, firewalls, routers, and network protocols and technologies

PROFESSIONAL EXPERIENCE:

Confidential, MD

Cyber Security Analyst

Responsibilities:

• Experience in Recognizing potential, successful, and unsuccessful intrusion attempts and compromises using Security Onion tools such as: Snort, Suricata, Sguil, Elsa, Wireshark, CapMe, Bro and NetworkMiner
• Communicate alerts regarding intrusions and compromises, applications and operating systems as stated in Incident Response plan. Assists with the planning and implementation of counter-measures or mitigating controls.
• Monitor incoming event queues for potential security incidents using Security Information Event Management tool (i.e. Security Onion and Splunk).
• Support cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff.
• Utilize understanding of attack signatures, tactics, techniques and procedures associated with advanced threats.
• Conduct malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols.
• Knowledge of data collection hardware and software (i.e: FTK Imager and Autopsy)
• Perform both Dynamic and Static analysis of malicious code / malicious software
• Conduct base level analysis to determine the legitimacy of files, domains, and emails using tools such as Wireshark and a Linux Toolkit as well as online resources such as Virustotal, malwr.com and hybrid-analysis.com
• Work as part of a team to determine the root cause of security events and coordinate remediation
• Maintain and update the Cyber Security Incident Response Plan & Playbook, including the comprehensive contact list, call trees and response approaches for new incident scenarios and integration of new tools and capabilities as identified.

Technical Specialist

Responsibilities:

• Highly refined customer service skills, such as: listening skills, empathy, and aligning with customers diverse wants and needs
• Advanced troubleshooting and problem solving skills
• Comfort and familiarity with technology and computer skills
• Receptiveness to change, challenges, and ambiguity
• A sense of urgency and time management - due to the loud, crowded, and ambiguous environment
• Obtain up to date knowledge for all Apple products and devices to assist customers and proficient while using technology and programs within the store
• Deliver service in a way that encourages brand loyalty
• Assist in maintaining the Apple Store’s appearance to Apple standards as well as makingsure that all available products are on the floor and restored when needed
• A strong sense of community with my team and customers

Linux/Unix Engineer

Responsibilities:

• Hardening/Patching Linux servers, and upgrades (release), on standalone servers
• Linux OS file systems/ Disk management
• Managing files in archive or compressed forms.
• User and security management
• Setup, configure and troubleshoot TCP/IP, DHCP, DNS; NFS,
• Scripting (bash and python) to schedule and automate processes including full and incremental backups using tar.
• Managing swap configurations
• Scheduling of automatic repetitive Jobs utilizing Shell Scripts with Crontab.
• Constant hands on Linux network environment
• Performed multiplatform volume management using LVM.
• Monitoring and log management on Linux servers, including processes, crash and swap management, with password recovery and performance tuning.
• Reviewed server platforms, installations, and configurations to ensure corporate and industry standards are followed
• Working knowledge of firewalls and switches

Linux/Unix Administrator

Responsibilities:

• Installed and configured Linux servers for new build environment.
• Experienced in adding Disks and creating partitions and File system Administration.
• Configured and monitored Disk mirroring, striping using LVM.
• Experienced in monitoring & troubleshooting with performance related issues
• Managed all rebooting & part replacement activities.
• Experienced managing and upgrading of Linux servers.
• Provided training to Junior Staff
• Experienced in user Management & Administration.
• File system management.
• Ticket assessment on daily basis.
• Experienced managing swap and other utilities.
• Job Scheduling and Automating process using CRON.
• Experienced installing of patches and packages.
• Configured and managed network interfaces.
• Basic creation and troubleshooting on scripting like Shell and Python.

Network Security Administrator

Responsibilities:

• Provided security hardening for Windows servers and Databases.
• Managed Windows/Linux administration, LAN/WAN/VPN administration, and Hyper- V/VMware ESXi administration. Also managed file servers, AD/GPO/DHCP/DNS, and wireless access points
• Analyzed malware behavior, network infection patterns, and security incidents.
• Resolving daily technical issues and providing desktop support.
• Conducted security hardening of Windows server and workstations.
• Reviewed codes to web servers from application-level cyber-attacks.
• Conducted security event monitoring for corporate-wide, in-scope applications.
• Handling data network and server management, and testing network connections.