SUMMARY

• An experienced identity access management engineer Over Seven years of experience in IT experience.
• Detail - oriented and with a solid technical background and excellent interpersonal skills. Certified CyberArk Defender + Sentry, CompTIA (A+, Linux+, Security+), CIW-WSA, and ITIL professional.
• Experienced in Administration, Troubleshoot, and Installation of Cyber-Ark security components, ForgeRock, okta, and SailPoint.
• Proficient with the use of vulnerability scanning and assessment tools (e.g., ACAS/Nessus) necessary to identify and document security vulnerabilities.
• Experience conducting investigations and vulnerability assessment on endpoints.
• Ability to identify, interpret and evaluate significant applications, infrastructure, enclaves, and Enterprise system environments based on proposed accreditation boundaries.
• Proficient in conducting audits of corporate documentation to determine compliance with risk policies.
• Capability to effectively multi-task, prioritize work, and handle competing interests

TECHNICAL SKILLS

SIEMS: QRadar, Splunk, ArcSight

Endpoint Protection: SCCM, BigFix, CrowdStrike, SEP, McAfee

Cyber-Ark, okta, SailPoint, and ForgeRock:

Significant experience in Data loss prevention (DLP): Symantec, Checkpoint.

Email & Web Security: Cisco IronPort

PROFESSIONAL EXPERIENCE

Confidential, Dallas TX

Cyber-Ark\IAM Admin

Responsibilities:

• Maintain Privilege Vault Web Access (PVWA) for RDP/VPN users, experience with PKI Vault encryption & decryption.
• Integrate accounts for Windows & Unix/Linux servers and other accounts associated with domains and directories and Application Identity Manager (AIM) integration
• Maintain Active Direction for Privilege Users, groups, and users.
• Setting security policies to enhance orderliness in the usage of security issues.
• Knowledge of CPM/PPM/EPV/PSM&PSM Recorder for RDP connections and session recording of activity logs in the PVWA, such as SIEM.
• Build Safes and add servers into the safes as needed. Troubleshoot and fix all problems that arose in Cyber-Ark due to the cyber ark's ill-usage from different users.
• Maintain PSM recording and check the session recorded and the log. Knowledge of PKI encryption and decryption functionalities in the Vault and EPV. Maintain EPV for password authentication
• Process, AD Configuration (User to connect AD) & Branches).
• Responsible for creating new user, Activate, enable user, groups, and ou account in active directory
• Analyze and discovered privileged and functional user account for risk, ownership and access appropriateness using various CyberArk tools or platforms: reconciliation, Password Synchronization, Service definition for Target System.
• Workflows and integration of various target system privilege account
• Manage user account, server space & other log files on servers and maintain mail.

Confidential, Plano TX

Information Security Analyst

Responsibilities:

• Investigated, documented, and gathered information on data security recommendations to protect.
• Maintain & support CyberArk on a daily basis from a tier 3 standpoint, troubleshooting Vault, CPM, PTA, PSM, and PVWA issues as required
• Led intrusion detection, vulnerability management, and PKI and participated in auditing, incident.
• Determined the internal control measures and ensured its strict implementation.
• Developed and documented security evaluation test plans and procedures
• Assisted with planning and execution of domain integration, user account, and e-mail migration.
• Adhered to and enforced corporate policies regarding network security, data, and software usage.
• Installation of CyberArk vault including multiple CPMs, PVWAs, and as built documentation.
• Process re-engineered business protocols to meet the high demand of a changing business environment.
• Recommends and coordinates the application of fixes, patches, & recovery procedures in the event of a security breach
• Create, modify, and disable user accounts base on authorized forms.
• Developed annual compliance training strategy and materials for the business units.
• Facilitate changes in the overall organizational policies to ensure alignment with the industry standards.

Confidential, Houston, TX

Data Loss Prevention Analyst

Responsibilities:

• Enforced DLP security policies and performed event analysis through use of systematic DLP to ensure the protection of networks, systems, and applications.
• Monitored DLP information security alerts though the use of available DLP tools to respond, triage, and escalate as needed.
• Analyzed event/alert patterns to properly interpret and prioritize threats with available DLP tools and other data protection devices.
• Identified trends and drove requirements aimed at improving and enhancing existing data loss prevention detection policies.
• Provided support to projects that enhance reporting, workflow, change/incident/problem management.
• Provided technical advice and input for the support of integrated security systems and solutions.
• Assisted with incident management in the events of a suspected security breach of data

Confidential, Dallas, TX

Systems Admin

Responsibilities:

• Responsible for installation, management, and monitoring of Unix/Windows systems and associated hardware/software.
• Performed automated installations of Operating System using Kick-Start for RedHat Enterprise Linux 5/6.
• Created and managed User Accounts and Permissions on Linux servers.
• Wrote kickstart profile according to service requirement and install OS with kickstart with the support of nfs and web server.
• Developed an enterprise shared patch \ maintenance calendar and Share Point site to keep all support staff involved with the patch \maintenance of Windows servers to include IT support staff, business owners, application clients and managers.
• Configured HAProxy cluster with failover to handle reverse proxy and load balancing
• Monitored via Nagios to ensure consistent awareness of application, infrastructure, and network health status.
• Responsible for Installation, Configuration, Integration, Tuning, Backup, Crash recovery, Upgrades, Patching, Monitoring System Performance, System and Network Security and Troubleshooting of Linux/Unix Servers.