Information Security Analyst - Consultant Resume
4.00/5 (Submit Your Rating)
TECHNICAL SKILLS
- Windows 2003/2008R2/20012R2/2016 Server Operating System and Active Directory
- Windows 10/8/7/XP Operating System
- Exchange 2010/2007
- VMWare 6.0/6.5, Citrix 7.6/7.9
- Symantec Backup Exec 2012, Veeam, CommVault
- Cisco IOS Working Knowledge
- Linux RHEL7 - Working Knowledge
- LANDesk /KACE for Endpoint Monitoring and Updating
- Splunk -Working Knowledge
- Wireshark
- Privilege Access Management-Thycotic Secret Server
- Symantec Endpoint Protection Manager 14.2
- CyberArk
- AlertLogic
- Forcepoint WebSense
- Packet Tracer
- CIS /NIST/ISO Frameworks
- ITIL best practices
PROFESSIONAL EXPERIENCE
Confidential
Information Security Analyst - Consultant
Responsibilities:
- Confirm that machines in Symantec Endpoint Protection Manager have up to date definitions are reporting online, and are functioning properly.
- Check actionable warnings and errors in SIM Alertlogic have resolution before close of business.
- Read security advisories in listed websites rate affected threats. delegate tickets to support teams who would mitigate
- Investigate each sales office and home office DHCP alert. Discover why they don't have SEP and issue tickets out to Service desk for resolution
- Confirm ForcePoint Websense is not showing any errors and the definitions on both databases are up to date.
- Confirm that all IP addresses listed as logging in are listed in the Website Potential Abuse Procedure. If not an incident is written.
- Run queries to check if any system patch levels is below Windows 1607 build in Home office.
- Review the Major Security Events spreadsheet to see if all incidents for this quarter have been logged and sent to legal if necessary.
- Run query to check if any system is vulnerable to WannaCry (January 3rd update). If so, send ticket to help desk to Windows update or patch depending on location.
- Run report for unencrypted and enrolled wireless systems in VMware Airwatch.
- Daily administration of the security queue ITSM and email to team any new tickets or ones that were moved to us.
- Monitor USB devices used on SEP clients. Save as report.
- Create report for invalid datacenter access
- Read material sent to InfoSec by Legal. Follow procedure to write up incident, get signed, and send back to Legal.
- Fill out any security incidents that are discovered from Type 1 and Type 2 and write up in accordance to the procedure. Update spreadsheets.
- Setup a flash drive as per procedure. Send in an envelope with user’s name on it to IT at designated location. IT will then give it to them.
- Requests for unapproved software must be downloaded and vetted by InfoSec
- Process data exchange requests for users that need to send data in a specific way to an external person.
Confidential
Senior Windows Engineer/Security
Responsibilities:
- Centralized Security Event Log Management Worked with network team to configure Splunk forwarders for metrics
- Established Accurate inventory and Network device monitoring Installed KACE v 7.0 to establish accurate inventory as well as asset management
- Deploy and Run Automated Vulnerability Scanning Tools
- Performed Systems Security Hardening
- Windows Server Patching- Deployed Automated System and Software Patch Management
- Installed Thycotic Secret Server (PAM) to manage administrator and vendor credentials
- Installed SEPM v 14.2 for servers and workstations configured security policies and exceptions
- Cleaned up DNS to remove stale records through third party management software and DHCP Logging to verify current assets
- Analyzed Tufin firewall to segment network traffic
- Assisted in triage and remediation of security breaches
- Maintained Inventory of Authorized Software for license auditing
- Ransomware Outbreak Response and Prevention
- Implemented MFA on Servers for all Administrative Access
Confidential
Windows Engineer
Responsibilities:
- Installed LANDesk to establish accurate inventory and deployment of Microsoft patches to ~ 8,000 desktops, laptops and servers through Microsoft WSUS server
- Performed Systems Security Hardening
- Managed DNS and DHCP to verify current assets
- Led the triage and remediation of security breaches such as Ransomware Outbreak
- Maintained Inventory of Authorized Software for license auditing
- Implemented Multi-Factor Authentication on Servers for all Administrative Access
- Implementation and administration of a VMWare 5x and 6x environment consisting of 23 Hosts running over 350 guest OS, all residing on HP Blade servers and HP 3Par Storage. The entire environment integrated and monitored by VRealize Operations Manager.
- Deployment and modification of Active Directory Group Policies to fit the needs of the user community and organization Administration of a Microsoft Exchange 2010 environment with 10000 user mailboxes
- Provided safe, secure, and reliable internet browsing for all hospital users and guests through Websense, and Checkpoint URL Filtering
- Administration of a Veeam 8x environment running on HP Surestore equipment
- Administration of Symantec Corporate Edition 11.x Antivirus server and Symantec
- IP reservations, DNS entries, Account modifications, print queue creations, /deletions, software deployment)
- Provide third level support.
- Ensure HP contract documentation, inventory, and Visio diagrams of the Data Center Server and Network equipment is current
- Implement and monitor all HP blade and standalone servers using HPSim
- Implement DCIM Sunbird DCTrack to maintain data center power and design specifications
- Responsible for configuring the infrastructure and installing applications on Windows IIS hosted platform.
- Working with application teams examining deployment requirements (hardware and software requirements).
- Reviewing application installation documentation.
- Executing the install.
- Automating the installation process.
- Ensuring that the installation is done in accordance with standards and best practices