| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Street Address 110th Avenue E Mobile: PHONE NUMBER AVAILABLEPuyallup, WA Street Address Email: EMAIL AVAILABLECYBER SECURITY ANALYST/ ENGINEERSeasoned cyber security engineer and analyst with over 10 years of experience developing, implementing, and managing Enterprise IT and cyber security solutions, projects, and teams. My previous employers include T-Mobile, Trustcom, AMC Group, Intel, US Air Force, and City Credit Union. I have developed expertise in cyber security aspects including corporate-wide security, cloud, compliance, and vulnerability management by assessing and mitigating system and network security threats and risks. I am seeking to advance my career in this new position, where my skills and experience can be further utilized for the growth and security of the organization.RECRUITERS SUMMARYGeoffrey is a Certified Ethical Hacker (CEH)He is a Certified Scrum Product Owner (CSPO) and CompTIA Security+Has 10+ Years of experience in Cyber Security and 3 years of vulnerability management.He led T-Mobiles Third-Party Risk Management (TPRM) Cyber Team in identifying, estimating, prioritizing, and remediating risks to operations, assets, and use of information systems.3 years of cyber risk assessments of 438 third-party suppliers.Led and supported several projects including Application Development Security Review and supported the TPRM Cyber Team in meetings and presentations.Investigated the likelihood of exploiting cyber vulnerabilities, the impact it would cause to T-Mobile, and performed remediation by implementing appropriate security controls.He worked with T-Mobile business units and other stakeholders in supporting proper mitigation responses to identified risks.He has ability to demonstrate strong competencies in cyber security concepts and effectively multi-task and meet delivery expectations.He has Master of Business Administration MBA from Upper Iowa University.Geoffrey is a US Citizen veteran of the US Air Force living in Gardner, KS and is available to start immediately.He is available to take Telephonic/Video interviews with prior notice.Qualifications1.15+ years of experience in internal audit, cyber risk management, and vulnerability management.2.10+ years of experience with focus on Information Security and Third-Party Risk Management.3.Advanced understanding and experience in security policies and procedures4.Ongoing CRISC (Certified in Risk and Information Systems Control) completion expected in November 2022.5.CEH, CSM, CompTIA Security +, A+Technical skillsSecurity Vulnerability Assessments, Cloud Security, Defense-in-Depth, Data Loss Prevention, Encryption, Firewalls, VPN, IDS/IPS, SIEM, TLS, Wireless Security, Incidence Response, Agile Software Development, Cyber Risk Assessment, Pen Testing, Application Security.other skills summarySoftware Applications: Nessus, VMWare, Hypervisor, MS Windows, Linux, Wireshark, RSA Archer GRC, Aurora, Security Scorecard, Power BI, Log Rhythm (SIEM), Nexpose Rapid 7, Proof Point, IAM, Symantec End Point Protection, Palo Alto, Microsoft SQL Server, McAfee, MS Office Suite, NMAP, DNS, NTP, SIEM, Agile Software Development.Work ExperienceT-MOBILE, INC Bellevue, WA) Jan 2021 Nov 14, 2023Information Security AnalystAssisted the Third-Party Risk Management (TPRM) Cyber Team in identifying, estimating, and prioritizing cyber risks to operations, assets, individuals, and use of on-prem and cloud information systems and implementing appropriate controls and technologies.Key responsibilities:Acted as a trusted technical cyber security advisor to all levels of the organization, for a variety of TPRM cyber security projects and questions.Performed remediation by implementing appropriate security controls.Evaluated the likelihood of vulnerabilities being exploited and the impact that will cause on the company.Prioritized moderate to severe levels of risks so that appropriate response and resource allocation is directed towards remediation.Performed continuous monitoring of third parties to make sure they met the contractual obligations and sustained their security posture.AccomplishmentsReceived several awards within my first year with T-Mobile.Performed vendor cyber assessments of over 438 suppliers.Evaluated and assessed vendors compliance to NIST, PCI, CPNI, SOX standards.Handled and resolved complex cyber related cases and projects on behalf of our team such as API integrations.TRUSTCOM, LTD - Nairobi, Kenya June 2017 Dec 2020Cybersecurity EngineerPerformed network vulnerability scans (PCI Scans) with external security consultant companies such as Masergy and AT&T Security Information Enterprise Management (SIEM) to identify risks, documented detailed executive summary reports of scan findings, remediated those vulnerabilities, and monitored improvement to remediated items.Performed vulnerability scanning and remediation.Coordinated and executed the information security policy, standards, and procedures of the organization.Provided analysis and coordinated the appropriate response to information security incidents, analysis, and remediation.Developed and published information and data security policies, standards and guidelines based on knowledge of best practices and compliance requirements.Was lead technical contact for clients, customers, business, and vendors requests and inquiriesAMC ENTERTAINMENT HOLDINGS, INC Leawood, KS January 2017 May 2017Information Security Engineer - (4 Month Contract Position)Provided design, direction, testing, and deployment of DLP and encryption technologies for AMC Theatres.Key responsibilities:Integrated active directory with various applications such as Rapid 7, Tripwire, Symantec end-point solution, CyberArk, Log Rhythm, to authenticate using AD credentials.Performed technical security system administration, implementation, and testing.Worked with the Director of Information Security, providing leadership and strategic direction for the function, including planning, analysis, operational and awareness activities.Participated in the preparation and implementation of necessary information security policies, standards, procedures and guidelines, in conjunction with the Information Security Committee.Performed required assessments and activities as part of overall Information Security program.AccomplishmentsResearched, tested, tuned, and implemented Proof Point data loss prevention (DLP) program and email encryption within 3 months of employment.Participated in the maintenance of about 9700 endpoints by deploying Symantec antivirus updates.Participated in research and successful implementation of Identity Access Management software application (AIM) for use in identity management and account provisioning.Configured and tuned our vulnerability management software application (Rapid7- Nexpose) for optimum performance.Managed Log Rhythm SIEM solution by tuning RBP alert ratings.Worked with various information security vendors to assess our current posture and evaluate future information security needs.INTEL SECURITY Plano, TX August 1, 2016 November 2016IT Security Analyst II (4 Month Contract Position)Worked as part of a team of five professionals who designed, planned, and implemented vulnerability management (SIEM) solutions for Intel Security, including discovery scanning, prioritization, and remediation, resulting in business value to Intel Corporation.Essential Duties and Responsibilities include the following:Managed and operated McAfee Vulnerability Management Software (MVM), which is a vulnerability scanning solutions for Intel Security that enables scanning, prioritization, and remediation efforts.Deployed Nexpose - Rapid 7 vulnerability scanning tool to scan all IP space of Intel Corporation.Managed data resulting from discovery and vulnerability scans, assessments, and remediation efforts in SQL Server database systems.Established and maintained productive relationships with other internal business units such as network operations.Actively investigated the latest in security vulnerabilities, advisories, and incidences.Deployed scan servers across the world to scan an expanded Class A network of over 18 million Intel IP Address space. This was accomplished by dividing the entire Intel network into four regions namely, AMR- Americas Region, GAR Asia, GER Europe, and DMZ High Security Zone.CITY CREDIT UNION Dallas, TX Jan 2016 June 2016Information Security Analyst - (Contract Position)Developed and maintained City Credit Union Information Security (CUIS) program policies and procedures, provided support to internal business partners in the use of CUIS guidelines, and monitored and reported on the status of corporate-wide compliance with CUIS program requirements. CUIS program includes: Information security, Contingency planning, Risk Assessment, Incidence response, and service provider management.Essential Duties and Responsibilities include the following:Information SecurityPerformed network vulnerability scans (PCI Scans) with external security consultant companies such as Masergy and AT&T Security Information Enterprise Management (SIEM) to identify risks, documented detailed executive summary reports of scan findings, remediated those vulnerabilities, and monitored improvement to remediated items.Performed role and permissions analysis of the City Credit Union roles and permissions and updated in accordance with the organizations access rights policy of least privilege.Performed organization wide risk assessment to identify risks to information and data assets.Ensured the integrity, confidentiality, and availability of computer and data communication systems through effective management of computer resources specific to the security infrastructure.Provided analysis and coordinated the appropriate response to information security incidents.Provided immediate response to network security notifications and alerts.Ensures that our computer systems exceeded security and service level targets through the use of reliable products, services, network and system monitoring, penetration and security testing, and sound practices.Configured and maintained network security devices such as firewalls, encryption devices, IDS/IPS, web proxies, VPNs, and secure email gateway.Ensured that the servers and desktop environments are kept current with service and soft ware updates and patching requirements.Monitored logs and changes to highly sensitive computer system security controls to ensure appropriate security administrative actions, and investigated and reported on any irregularities.Maintained a high-level understanding of business functions and workflows for critical information systems used by the credit union.AccomplishmentsDrafted a City Credit Union patch management policy that would be used as guide for patch management. This was accomplished within 3 months of employment.Performed enterprise wide risk assessment within 3 months of employment.Performed several phishing tests and re-trained the users who failed the tests.Performed monthly software patching, upgrades, and hot fixes using SCCM.Performed quarterly PCI Scans and vulnerability scans and remediated over 5,400 vulnerabilities.Managed FutureX Excrypt 9000 Hardware Security Module and its encryption keys.Managed firewalls and intrusion detection and prevention systems.Performed Fiserv role and permission analysis and removed several accounts that were unauthorized and duplicates as well as reviewed user permissions and removed unauthorized permissions accordingly. This had not been done in 5 years.UNITED STATES AIR FORCE - Topeka, KS Nov 2014 March 2018IT Security AnalystWorked as part of the team to manage system information security architecture, design, installation, planning, and risk remediation activitiesControlled enterprise-wide security architecture and permissions of all the computers on the Air Force Network Domain (AFNet).Performed daily proactive diagnosis to prevent or alert anomalies and remediate identified vulnerabilities.Monitored, evaluated, and maintained systems and procedures to protect host and network systems from unauthorized access such as network and host based IDS/IPS systems.Ensured information assurance by transmitting secure data between classified systems, malware detection, virus signature updates, encryption technologies, and proper documentation and file systems.Configured, Installed, and administered security improvements to network infrastructure and telecommunications systems that support the U.S.A.F mission.Enhanced network security by updating anti-virus and firewall programs and network security protocols.MEDICAL INDUSTRIES AMERICA, INC. Adel, IA June 2001 - January 2012Internal AuditorAssisted with audit project planning which includes developing audit scope, risk assessment, and budget.Identified existing internal controls and evaluated for effectivenessPrepared well written audit findings, including remediation recommendations, and submitted to management for review.Demonstrated the ability to organize and develop the audit report executive summary, prioritized audit findings, and assigned appropriate risk rating.EducationUPPER IOWA UNIVERSITY May 2003Master of Business Administration, MBACOLUMBUS STATE UNIVERSITY, Columbus, GA May 2001Bachelor of Science, Business Information SystemscertificationsCertified Ethical Hacker (CEH)Certified Scrum Master (CSM) Agile Software DevelopmentCertified in Risk and Information Systems Control (CRISC), November 2022CompTIA: A+, Security +Microsoft Technology Associate Database AdministrationMicrosoft SQL ServerCybercrime Essentials Certificate, March 2016Information Security: Identity Theft, March 2016Internet Security Essentials, May 2016Online Threat Defense, May 2016Data & Records Retention, May 2016Nexpose Vulnerability Scanning Training CertificateHONORS AND AWARDSNational Defense Service Medal US Air Force 2015Athlete of the Year Columbus State University 1998charity activitiesThe Noble Foundation, Eldoret, Kenya 2018 - PresentHumanitarians, Inc., Fort Scott, KS 2007 - 2018referencesBritney Hommertzheim, Director Information Security (AMC Theatres Corporate) (EMAIL AVAILABLE)Edwin Ngeno, Director Information Security (Trustcom) (EMAIL AVAILABLE)Elsie Gichuru, I.T Manager Information Security (Trustcom) (EMAIL AVAILABLE) |
