OBJECTIVE: To acquire a security position that would fit my field of expertise with loss prevention and that would meet the requirements needed by the company. To help provide a stringent protection and security of sensitive data which is valuable to the organization.

Lead Cyber Security Analyst

Confidential

Manage complex tracking and data analysis tasks in order to identify and respond to information security-related events and alarms as they occur. Perform comprehensive security reviews of critical systems and applications, working with business partners to address the identified vulnerabilities using Confidential Intrusion Detection Systems IDS , Extreme Network's Intrusion Prevention Systems IPS . Maintain integrated programs to protect the integrity, confidentiality, and availability of information assets and technology infrastructures.

Strategy Planning:

• Oversee security audits of risk assessment of security systems, including applications, servers, remote access logs, and web and email filters, while working business partners/clients in tandem to resolve security and privacy exceptions
• Designing a systematic monitoring/reporting method for compliance and invulnerability. Implement network vulnerability testing and information security forensics investigations
• Identify vulnerabilities applicable to systems and applications, determine their severity and urgency, work with system owners to determine whether and/or when corrective action will be taken, and perform necessary actions to verify corrective actions, if any, were effective

Acquisition Deployment:

• Evaluate all new applications prior to installation ensure they adhere to security policies before distribution within the system. Conduct detailed risk analysis assessment of networks, applications before meager as one security systems
• Configuring solutions of new and existing applications to adherence with PCI, SOX, and HIPAA compliance

Operational Management:

• Execute routine incident response procedures. Escalate, track, and communicate security and privacy incidents. Scrutinize network traffic and monitor company virus protection procedures to ensure adherence to security policies. Coordinate responses to detected intrusions
• Monitor the performance and activity of information security systems and services using a Security Information Event Management SIEM tool, HP's ArcSight ESM, Host Intrusion Prevention System HIPS ,McAfee ePolicy Orchestrator ePO , Vulnerability Management tool, Tenable'sNessus

Confidential

IT Security Analyst

As Security Analyst for Confidential, assisted with the coordination of information security activities and collaborated among divisions within the school to ensure that information systems were implemented in accordance with University Policy, Federal and State laws and regulations.

Strategy Planning:

• Participated in the planning and design of enterprise security architecture, the creation of enterprise security documents policies, standards, baselines, guidelines and procedures.
• Implemented computer incident response principles and processes. Conducted computer intrusion analysis and investigation, employing computer forensic tools and evidence preservation techniques.
• Developed in-house data backup and recovery strategy in collaboration with the IT Director of UNC School of Medicine.
• Contribute to a cloud architected plan that structures department and centers into a single logon and other legacy systems, resulting in the seamless integration of account, and event management and reporting.

Acquisition Deployment:

• Maintained up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions. Improved and developed security processes related to new attacks and threat vector.
• Deployed, integrated, and conducted initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.

Operational Management:

• Provided technical support to identify security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives using Qualys Vulnerability Management tool with clear understanding of many areas of IT such as Encryption, Forensics and TCP/IP
• Monitored the confidentiality, integrity and availability of the data residing on or transmitted to/from/through UNC workstations, utilizing view logs and reports of all in-place devices servers and other systems, databases, and other data repositories.

Confidential

IT Security Specialist

Under the direction of Confidential, worked with a cross-functional information security team to facilitate an enterprise deployment of Symantec's Endpoint Protection/PGP Encryption software. This deployment was designed to protect over 9,000 devices for the organization by complying with the regulatory requirements of HIPAA. The deployment incorporated all of Duke Medicine, in an effort to protect sensitive information by preventing unauthorized access to mobile units. Supported the IT service staff from 19 departments, 7 institutes, 23 centers, 17 graduate and 6 certificate programs by integrating a working encryption solution across these silos.

Strategy Planning:

• Held communication sessions to explain procedure and demonstrate how the solution would be deployed and maintained
• Contacted the Directors and Managers to identify and outline deliverables timeframes for a successful project, working with IT infrastructure teams to ensure that processes and security solutions were met
• Worked with the support teams, Enterprise Service Desk Support and Local Support to identify and resolve issues and problems

Acquisition Deployment:

• Performed a variety of duties involving staging, installation, configuration, operation, support, and maintenance of mobile workstations, encryption/decryption of systems, troubleshooting, testing, and technical problem resolution
• Assisted in scheduling, coordinating, and execution of work with personnel and contractors
• Collaboratedin the creation of documentation for all encryption-related activities performed by internal staff or external contractors

Operational Management:

• Responded and resolved a variety of encryption-related incidents and problems
• Worked with clients on the phone and in the field to provide early assessment of the client's needs through discussion and evaluation of the products for an efficient solutions deployment
• Using risk analysis and testing tools network packet analyzer Wireshark,to find vulnerability within the medical side of Duke

Confidential

IT Security Consultant

As a Security Consultant, helped oversee the entire Help Desk staff to ensure that 27,000 end users, 17 schools/colleges, 72 academic departments and 56 programs/curriculum received appropriate assistance. Among other things, managed, monitored, and tracked all procedures related to the identification, prioritization, and resolution of Help Desk requests.

Strategy Planning:

• Planned and executed annual distribution of 5,000 Carolina Computer Initiative CCI hardware and software computers to incoming faculty, staff, and students. Configured computers for users in staff and faculty locations
• Researched and advised the security policies for equipment, software technological products, and communicated to IT team the implementation of their function
• Established and enforced service level agreements in consultation with end users/departments to establish problem resolution expectations and timeframes, while abiding by regulatory compliance of the PCI-DSS security standards

Acquisition Deployment:

• Liaised with vendors for the procurement of new systems technologies, oversaw proposals, managed operational expenditure statements of hard- and software installation, and resolved adaptation issues
• Collaborated with other schools/colleges to identify and/or procure departmental software for internal staff and external clients
• Managed research on emerging products, services, protocols, and standards to assure proactive response to changes and communicated their impact upon end users and departments

Operational Management:

• Coordinatedand performed hands-on fixes, including installing and upgrading software, installing hardware, implementing secure file backups, and configuring systems and applications. Along with the use of Qualys Vulnerability Management tools
• Scheduled and managed existing hardware and software life-cycle program to meet secure guidelines and needs of an IT Department
• Supervised the development, implementation, and administration of Help Desk staff training procedures and policies
• Assisted Audit Managers in the performance of complex audit assignments and investigations, often undertaking specific elements of the assignment with minimal supervision.