- An experienced identity access management engineer Over Seven years of experience in IT experience.
- Detail - oriented and with a solid technical background and excellent interpersonal skills. Certified CyberArk Defender + Sentry, CompTIA (A+, Linux+, Security+), CIW-WSA, and ITIL professional.
- Experienced in Administration, Troubleshoot, and Installation of Cyber-Ark security components, ForgeRock, okta, and SailPoint.
- Proficient with the use of vulnerability scanning and assessment tools (e.g., ACAS/Nessus) necessary to identify and document security vulnerabilities.
- Experience conducting investigations and vulnerability assessment on endpoints.
- Ability to identify, interpret and evaluate significant applications, infrastructure, enclaves, and Enterprise system environments based on proposed accreditation boundaries.
- Proficient in conducting audits of corporate documentation to determine compliance with risk policies.
- Capability to effectively multi-task, prioritize work, and handle competing interests
SIEMS: QRadar, Splunk, ArcSight
Endpoint Protection: SCCM, BigFix, CrowdStrike, SEP, McAfee
Cyber-Ark, okta, SailPoint, and ForgeRock:
Significant experience in Data loss prevention (DLP): Symantec, Checkpoint.
Email & Web Security: Cisco IronPort
Confidential, Dallas TX
- Maintain Privilege Vault Web Access (PVWA) for RDP/VPN users, experience with PKI Vault encryption & decryption.
- Integrate accounts for Windows & Unix/Linux servers and other accounts associated with domains and directories and Application Identity Manager (AIM) integration
- Maintain Active Direction for Privilege Users, groups, and users.
- Setting security policies to enhance orderliness in the usage of security issues.
- Knowledge of CPM/PPM/EPV/PSM&PSM Recorder for RDP connections and session recording of activity logs in the PVWA, such as SIEM.
- Build Safes and add servers into the safes as needed. Troubleshoot and fix all problems that arose in Cyber-Ark due to the cyber ark's ill-usage from different users.
- Maintain PSM recording and check the session recorded and the log. Knowledge of PKI encryption and decryption functionalities in the Vault and EPV. Maintain EPV for password authentication
- Process, AD Configuration (User to connect AD) & Branches).
- Responsible for creating new user, Activate, enable user, groups, and ou account in active directory
- Analyze and discovered privileged and functional user account for risk, ownership and access appropriateness using various CyberArk tools or platforms: reconciliation, Password Synchronization, Service definition for Target System.
- Workflows and integration of various target system privilege account
- Manage user account, server space & other log files on servers and maintain mail.
Confidential, Plano TX
Information Security Analyst
- Investigated, documented, and gathered information on data security recommendations to protect.
- Maintain & support CyberArk on a daily basis from a tier 3 standpoint, troubleshooting Vault, CPM, PTA, PSM, and PVWA issues as required
- Led intrusion detection, vulnerability management, and PKI and participated in auditing, incident.
- Determined the internal control measures and ensured its strict implementation.
- Developed and documented security evaluation test plans and procedures
- Assisted with planning and execution of domain integration, user account, and e-mail migration.
- Adhered to and enforced corporate policies regarding network security, data, and software usage.
- Installation of CyberArk vault including multiple CPMs, PVWAs, and as built documentation.
- Process re-engineered business protocols to meet the high demand of a changing business environment.
- Recommends and coordinates the application of fixes, patches, & recovery procedures in the event of a security breach
- Create, modify, and disable user accounts base on authorized forms.
- Developed annual compliance training strategy and materials for the business units.
- Facilitate changes in the overall organizational policies to ensure alignment with the industry standards.
Confidential, Houston, TX
Data Loss Prevention Analyst
- Enforced DLP security policies and performed event analysis through use of systematic DLP to ensure the protection of networks, systems, and applications.
- Monitored DLP information security alerts though the use of available DLP tools to respond, triage, and escalate as needed.
- Analyzed event/alert patterns to properly interpret and prioritize threats with available DLP tools and other data protection devices.
- Identified trends and drove requirements aimed at improving and enhancing existing data loss prevention detection policies.
- Provided support to projects that enhance reporting, workflow, change/incident/problem management.
- Provided technical advice and input for the support of integrated security systems and solutions.
- Assisted with incident management in the events of a suspected security breach of data
Confidential, Dallas, TX
- Responsible for installation, management, and monitoring of Unix/Windows systems and associated hardware/software.
- Performed automated installations of Operating System using Kick-Start for RedHat Enterprise Linux 5/6.
- Created and managed User Accounts and Permissions on Linux servers.
- Wrote kickstart profile according to service requirement and install OS with kickstart with the support of nfs and web server.
- Developed an enterprise shared patch \ maintenance calendar and Share Point site to keep all support staff involved with the patch \maintenance of Windows servers to include IT support staff, business owners, application clients and managers.
- Configured HAProxy cluster with failover to handle reverse proxy and load balancing
- Monitored via Nagios to ensure consistent awareness of application, infrastructure, and network health status.
- Responsible for Installation, Configuration, Integration, Tuning, Backup, Crash recovery, Upgrades, Patching, Monitoring System Performance, System and Network Security and Troubleshooting of Linux/Unix Servers.