SUMMARY:

• COMPTIA Security+ Certified Cyber Fraud and Enterprise Security Analyst wif strong skills in Threat and Fraud detection and remediation, SIEM technologies, Active Directory management, and PCI Compliance standards. Strong Process and Procedure creation wif emphasis on efficient, repeatable steps.

TECHNICAL SKILLS:

Cyber Security Technology: Active Directory; CyberArk PAM; Trend Micro Antivirus; AlertLogic SIEM; AlertLogic WAF; Powershell; Command Line; IIS Administration; CarbonBlack; AlienVault; Symantec Endpoint Protection

Network Monitoring Solutions: SCOM; Solarwinds; What sUp Glod; Spectrum

Server Support: Server 2012 & 2012R2; Server 2008 & 2008R2; Server 2003

Network Support: Cisco Router; Cisco Switch;VLAN Administration; F5 Load Balancer

PROFESSIONAL EXPERIENCE:

Security Operations Center Cyber Security Analyst

Confidential, Irving, TX

Responsibilities:

• Splunk data analysis and dashboard functionality for researching and correlation of threat and fraud indicators.
• Leverage SAS and SQL queries to perform deep dive analysis into IOCs, trends, anomalies, and illegal money movements/accounts/transactions.
• Utilize ArcSight SIEM for alerting and investigation of possible at - risk activity. Emphasis on correlation of alerts, alert triggers and rules, and underpinnings of SIEM setup.
• Akamai WAF investigation regarding suspicious traffic, IPs, and hash activity across teh network.
• Discover and mitigate automated attacks on teh environment using Shape anti-automation tools.
• Investigate click stream and end user activity in SilverTail and ThreatMetrix to determine autanticity and identify patterns of user activity or possible automated/compromised accounts.
• Raise and maintain tickets/changes/tasks using both Archer and ServiceNow ticketing systems.
• Coordinating wif different teams, business units, and external vendors to properly complete changes as required.

Cyber Security Analyst

Confidential

Responsibilities:

• Identity and Access Management (IAM) and Privileged Access Management (PAM) utilizing Active Directory user/group creation and management, and CyberArk for elevated account access throughout teh organization.
• Active Directory administration and management including OU Creation, End User Life Cycle Management, and reporting per IT Security procedures.
• O365 Administration including Security & Compliance administration, End User provisioning, 2 - Factor Autantication implementation, reporting and bulk actions wif Powershell scripting, and mailbox permissions for all levels of teh Company including C-Suite Executives.
• Alert Logic SIEM overview, Log Management analysis, and WAF monitoring and configuration.Trend Micro Antivirus, Cloud App Security, Deep Security Manager, and Endpoint solutions investigation and analysis. CrowdStrike Endpoint Protection analysis and investigation for real time and long term threat detection.IIS administration across multiple domains utilizing GoDaddy s and Self Signed s.
• DNS entries for internal and external facing sites on Domain Controller Servers.Validation of Server settings to ensure PCI Compliance across applicable Production, Test, and Development environments.
• Train and develop new IT Security employees on IT Security applications, procedures, standards, and corporate policies.
• Create and maintain IT Security on-boarding/off-boarding SOPs, IIS creation document, spam inbox handling document, and additional SOP and runbooks as requested by management.

Enterprise Security Analyst

Confidential TX

Responsibilities:

• Carbon Black SIEM technology monitoring and security analysis
• Symantec EDR monitoring and end-point client management
• AlienVault threat analysis monitoring and investigation
• Microsoft Outlook Potential Phish email analysis and malware detection
• Incident Response reporting on critical security issues
• Coordination wif multiple IT Groups and Business Units on security related requirements
• DLP Project responsibility for Disk Encryption and USB Blocking initiative
• Creation of multiple processes for teh Enterprise Security Team to cover company wide employees

NOC Admin/Server Tech

Confidential, Dallas, TX

Responsibilities:

• Solarwinds, SCOM (System Center Operations Manager), and What’sUp Glod (WUG) system installation and administration for enhanced company wide network monitoring
• Project coordination to implement a new Service Management application (HEAT ITSM) to handle teh growing needs of teh company and replace old, out of date ticketing software
• Process creation and implementation for multiple IT and Monitoring areas dat had no created or followed processes
• Active and proactive monitoring of all company IT Hardware (e.g. Servers, Routers, Switches, ESXi Hosts, VMs, Wireless Access Points, etc.) using monitoring software
• Failure Analysis reporting on critical outage issues
• Worked wif multiple IT Groups and Business Units to ensure all software and hardware monitoring requirements were being met
• SNMP and Port Configuration on Servers to ensure monitoring capabilities
• Asset tracking of Kronos Clock hardware at over 100+ manufacturing plants as well as warehouse inventory to ensure proper asset management
• Kronos DCM Server maintenance and communication to all Kronos Clock assets deployed

NOC Engineer

Confidential

Responsibilities:

• Active and proactive monitoring of all company IT Hardware (e.g. Servers, Routers, Switches, ESXi Hosts, VMs, Wireless Access Points, etc.) using monitoring software
• Maintenance and monitoring of teh Sony tape backup services
• Failure Analysis reporting on critical outage issues
• Problem Ticket and Service Request responsibilities in Remedy and iDeliver Ticketing System
• Communicate wif other IT Groups to investigate/resolve Critical and non-Critical Issues and complete Service Requests