SUMMARY:

• Highly creative and client - focused in Cyber Security with over seven years of industry experience in cyber threat defense tactics and threat monitoring strategies.
• Capabilities include outstanding relationship management, analysis, and problem resolution skills as well as outstanding organizational, multitasking, and team building skills at all levels.
• Proven ability as a resourceful coordinator, quick to learn new skills in fast-paced IT environments. Currently holding a Secret Clearance.

TECHNICAL SKILLS:

IPS: SourceFire IPS

Network Security Tools: Tenable Nessus, Retina, Qualys

SIEM & Log Retention Management: ArcSight, Splunk, BlueCoat Reporter, Sourcefire, Remedy

Endpoint: CounterTack, Symantec Endpoint Manager, Tivoli

PROFESSIONAL EXPERIENCE:

SIEM Admin

Confidential

Responsibilities:

• Create, setup and configure SIEM appliances for multiple divisions.
• Add or remove datasources (i.e., Windows, Linux, Cisco, etc.) on SIEM.
• Evaluate Operating system (Windows, UNIX, Linux, etc), applications (Web servers, databases, etc), network device (firewalls, routers, etc) and security devices/software (HIPS, HBSS, etc) events within the SIEM.
• Setup, run, and remove alarms and reports on SIEM.
• Build and edit dashboard views for different teams on SIEM

Security Analyst

BlueAlly - Vienna, VA

Responsibilities:

• Create and modify Security rules on proprietary SIEM for multiple Customers.
• Monitor and analyze network security events (IPS, Antivirus, Proxy and Firewall logs) via SIEM.
• Configure and run scans in Nessus, both on a schedule and by customer request and responding to customer inquiries regarding scan results and vulnerability mitigation methodology.
• Perform post-processing to format scan results to customer specifications.
• Monitor, research and resolve events in CounterTack endpoint threat detection & response application.
• Create internal technical documentation and customer facing documentation.
• Provide training and mentor on analysis techniques and scanning methodology.

Network Security Analyst

Confidential - Washington, DC

Responsibilities:

• Maintain pass down activity log for next shift to ensure appropriate follow through on issues that developed during my shift.
• Modify Rules and channels in existing tools used for detection and integration of multiple products together for security functions (ArcSight, Sourcefire, Splunk, BlueCoat Reporter). Prioritizing and differentiating between potential intrusion attempts and false alarms.
• Conduct monitoring and analysis of network security events from IPS, Antivirus, Proxy and Firewall logs.
• Provide Daily Status Report to Federal and contract staff that consists of a list of deployed and returned international laptops, tickets opened within the last 24hrs and the latest Critical patches that are deployed. (Symantec Endpoint Manager, Tivoli Bigfix).
• Review open source security advisories and threat intelligence to notify Federal Security Staff via the creation of internal RFC to deploy security and patch updates. (Google Chrome, Java, Microsoft, Apple)
• Perform endpoint security scans and updates on remote endpoints via Symantec Endpoint Manager, as a part of security event investigations.
• Maintain and support defensive security infrastructure in direct support for our Security Operations Center (SOC).

Information Assurance Analyst

Confidential - Fairfax, VS

Responsibilities:

• Coordinate and perform technical and non-technical Computer Network Defense (CND) activities, including assessments to evaluate compliance with established Information Assurance policies and regulations according to Army National Guard and DoD requirements.
• Monitor multi-level security networks to identify potential security violations, incidents, attacks, and/or potential malicious behavior.
• Analyze and document intrusion detection incidents and data when required and perform routine preventive and corrective actions to test and monitor network activities.
• Periodically assist with the installing, day to day technical support, testing, and troubleshooting of IT systems in accordance with the established policy, procedures, test plans.
• Assist with Retina scanning and compliance.

Network Security Analyst

Confidential - Chantilly, VA

Responsibilities:

• Proficient in researching traffic patterns to identify false-positives and/or malicious traffic within IDS (Intrushield, TippingPoint, etc), IPS (Snort), scanners (Qualys), proxy (BlueCoat) and firewalls (CheckPoint, ASA, PIX, and Netscreen).
• Ability to analyze high volume of security events while maintaining a solid quality of analysis.
• Identified data in firewall events to assist in troubleshooting.
• Assisted with IDS and IPS Security Event tuning and noise reduction.
• Proficient in suppressing messages on Firewall modules per customer and/or internal request.
• Proficient with the SourceFire IDS/IPS to update devices and perform health checks.
• Worked out of a SOC inbox and organized and routed issues to appropriate party in priority.
• Performed searches within Remedy to identify historical traffic for customer requests and/or internal needs.
• Worked out of Remedy on a daily basis to manage tickets, customer accounts, and device inventory.
• Proficient in handling multiple work queues in priority and escalated matters when appropriate.
• Provide excellent customer service and always received positive feedback from management.
• Strong documentation and report creation skills.
• Act as a mentor to others on shift.

IT Administrator

Confidential - Alexandria, VA

Responsibilities:

• Perform basic repairs on computer components, i.e. NICs, video cards, CPU and memory upgrades.
• Installed and configured network printers, fax machines, and projectors.
• Kept inventory for all rugs and company supplies, i.e. Ink cartridges, Printer paper, bathroom supplies.
• Answer phones and fill request customer in a timely matter.
• Follow all policies, procedures, and practices for store maintenance and operations.
• Responsible for installing Windows XP on new hire and client machines.