| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Street Address
Email: EMAIL AVAILABLE Phone: PHONE NUMBER AVAILABLEProfessional ProfileIT Security Analyst with 16 years of experience performing research, analysis, and troubleshooting to identify, resolve, and explain complex security issues.Cybersecurity, Incident Management, and IT compliance support across the Enterprise InfrastructureCybersecurity capabilities and risk management to ensure network and IT systems are protected against cyber-attacks and malicious intrusion.Cybersecurity capabilities and risk management in line with the Systems Engineering Life Cycle and consistent with technical requirements to ensure network and IT systems are protected against cyber-attacks and malicious intrusion.Security policies interpretation and implementation requirements to ensure confidentiality, integrity, availability of information, systems, and network.Performed research, analysis, and troubleshooting to identify, resolve, and explain complex security issues to members of the company.Security Assessment and Authorization (SA&A) professional knowledgeable in Risk Management Framework (RMF), Systems Development Life Cycle (SDLC), security life cycle and vulnerability management using FISMA, and applicable NIST standards.Implemented the Continuous Monitoring process of the RMF to perform a near real-time risk management and continuous information systems authorization.Working knowledge of different Operating Systems such as Linux, and WindowsPossessed a unique combination of technical abilities, communication skills, and ability to multitask that allow me to collaborate with end-users or business.Great attention to detail, and ability to work effectively as a team member with excellent communication, strong analytical and collaborative skills.Highly motivated, organized and results and detail-oriented with excellent interpersonal, communication and presentation skillsCloud SpecialistAWS architectTechnical SkillsSecurity Technologies: FireEye, IronPort, Sourcefire, McAfee Web Gateway, Splunk, Splunk Express, McAfee DLP, Nessus Security Center, Nmap, Wireshark, IDS/IPS; Log Management, Anti-Virus Tools; (Norton, Symantec).Application: MS Office (Word, Excel, Outlook, PowerPoint, Access); Wireshark, NMAP, Nessus, ArcSight, SharePoint, Nessus, VMware, CSAM, STIGs, and SCAPSplunk, RSA network, Deep packet analysis, NetFlow analysisMS Data Protection includes Azure Information Protection. Collaborate with Data Analyst, Data Scientists, Machine Learning Engineers to identify and transform data for ingestion, exploration, and modeling with the focus of security. Work with data governance team and implement security into the process for data quality checks and maintaining security in the data catalogs. Understand and apply concepts like data lake, data warehouse, lake-house, data mesh and data-fabric where relevant with security being paramount.Operating Systems: Unix-Based Systems (Solaris, Linux); Windows.Networking: LANs, VPNs, Routers, Firewalls, TCP/IP, palo altoSoftware: MS Office (Word, Excel, Outlook, Access, PowerPoint)Ticket Systems: ServiceNow, RemedyOSINT: URLVOID.COM, VirusTotal.com, zscaller.com, urlvoid, abuseip, mxtoolbox, etc.Specialties Skills: Testing & Troubleshooting, System Administration, Security Analyst, Application Support, Project Management, Technical Support & Customer Service, Azure platform, palo Alto deploymentLog analysisIncident ResponseThreat IntelligenceLinux AdmiEducation and BackgroundMaster of Science: in Cybersecurity Dec. 2020University of Maryland Global CampusMaster of Science: in Physics Dec. 1996University of Abomey Calavi, BeninMembership & CertificationsCompTIA Security+ May 2020CISSP - In ProgressCAP- In progressAWS Certified Solutions Architect -In progressEmployment HistoryInformation-Business Security Analyst 05/2007 01/02/2023Midzone cable, Fort Washington, MDResponsibilities:Provides high-level analysis of security data to identify significant activity.Advising multiple areas of Midzone's business, technology teams, and leadership on implementing cyber security best practicesWorks in an Agile environment and supports review of business needs, priority refinement, milestones, and deliverables, and identifies opportunities and risks.Performs vulnerability scanning with Nessus to detect potential risks on single or multiple assets across the enterprise network.Develops, coordinates, implements, and maintains standards and procedures to protect information systems and data security and integrity.Observes and analyses traffic to learn valuable lessons from known malicious actors and to determine countermeasures against such threats.Possessed a unique combination of technical abilities, communication skills, and the ability to multitask that allow me to collaborate with end-users or business.Provides detailed status updates on existing cybersecurity incidents daily to include follow-up with client/customer to ensure satisfactory resolution.Develops risk assessment reports; identifying threats and vulnerabilities applicable to the system.Evaluates the likelihood that vulnerabilities would be exploited and assess the impact associated with this threat and vulnerabilities.Develop and implement Data-Loss prevention security standards. Design, develop and maintain data security models. Develop the various data transformation rules and data modeling capabilities. Collaborate with Data Analyst, Data Scientists, Machine Learning Engineers to identify and transform data for ingestion, exploration, and modeling with the focus of security. Work with data governance team and implement security into the process for data quality checks and maintaining security in the data catalogs Understand and apply concepts like data lake, data warehouse, lake-house, data mesh and data-fabric where relevant with security being paramount. Be familiar with data models for cloud data warehouses. Understand and be able to use different databases like Relational, Document, Graph and Key/Value. Analyze data using SQL. Work as part of an agile team. Provide regular data protection-related training of regulations and company procedure updates to staff. Draft policies and standard operating procedures related to privacy and data storage. Create technical documentation as needed.MS Data Protection includes Azure Information Protection.Apply required security patches within NIST and enterprise guidelines.Conducts kick-off meetings to categorize the system according to NIST requirements of Low, Moderate, or High System. FIPS 199 and SP 800-60Conducts security control Assessment to assess the adequacy of management, operational, privacy, and technical security controls implemented.Prepares systems certification and Accreditation package, making sure that management, operational and technical security controls adhere to a formal and well-established security requirement authorized by NIST 800- 53R4.Develops Security Assessment Report (SAR) detailing the results of the assessment along with the Plan of Action and Milestones (POA&M)Conducted follow up meetings to assist information system owners to close/remediate POA&M itemsDevelops System Security Plans (SSP) to provide an overview of system security requirements and describe the controls in place or planned by information system owners to meet those requirements.RCA when required, and Perform mitigation required to protect critical resources.Information Security Analyst 07/2004 04/2007CCD Telecom, Silver Springs, MDResponsibilities:Enterprise- wide system security plan, Risk assessment and Privacy policies developmentPerform incident response to investigate and resolve computer security incidents.Compose security alert notifications and other communications.Use McAfee DLP Manager to protect intellectual property and ensures compliance by safeguarding sensitive data.Process Web Site Review Requests using McAfee Web Gateway GUI to grant temporal Web Access to users within the Company to websites that are being blocked for security.Block malicious domains, Hashes, Files, and IPs following company's Standard Operation Procedures.Stay up to date with current vulnerabilities, attacks, and counter measures.Develop follow-up action plans to resolve reportable issues and communicate with other Analysts to address security threats and incidents.Review and process accidental disclosure requests following standard operation proceduresRegularly develop new use cases for automation and tuning of security tools.Analyze, investigate and process Malicious/Phishing Email alerts from IronPort and FireEye following standard operation procedure.Contribute to security strategy and security posture by identifying security gaps, evaluate and implement enhancements.Prioritize and differentiate between potential intrusion attempts and false alarms.Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall, SOC functions.Provide Incident Response (IR) support when analysis confirms actionable incident.Strong working knowledge of network security monitoring and incident response, as well as superior written and technical communications skills.RefereeUpon request |
