| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Cyber Threat & Vulnerability Management AnalystCell: PHONE NUMBER AVAILABLE Email: EMAIL AVAILABLEPROFESSIONAL SUMMARYDiligent and skilled Vulnerability Management Analyst with a proven track record in utilizing Tenable.sc, Tenable.io, Qualys, and Service Now to assess and mitigate security vulnerabilities. Analytical and innovative, monitoring security events, investigating security logs, and providing proactive recommendations to prevent data bridge and ransomware attacks. Seeking an opportunity to contribute expertise in vulnerability scanning, risk assessment, and remediation within a dynamic cybersecurity environment with expertise in the following. Vulnerability Assessment Risk Assessment Remediation Planning Cross-functional Collaboration Security Best Practices Documentation and Reporting WIZ/ Twistlock Prisma Tenable.sc Tenable.io Qualys Service Now Splunk/CrowdStrikeTECHNICAL SKILLS SUMMARY Conducted web application security scans, analyzed results for false positives, prioritized vulnerabilities, and researched and proposed remediation steps. Drafted, evaluated, and monitored compliance with application and development security standards. Participated in application design and architecture reviews. Provided prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team members while drove actionable matrices and risk reports to Leadership. Performed asset discovery and vulnerability management in a client environment using tools such as Tenable.sc and Tenable.io and Qualys. Excellent kills in performing compliance scans using Tenable.sc and Tenable.io using CIS Benchmark and DISA STIGS. Develop an inventory of production systems such as IP addresses, OS, and applications using Tanium, SCCM and tagging on Tenable and Qualys. Organize all security controls based on patching cycles and prioritize patches. Use inventory and controls to compare to reported vulnerabilities. Mitigate the vulnerability by applying patching both on regular monthly patching and ad-hoc. Create patching policy and document and review the list of security updates going into each patching cycle. Monitor, test and verify patched systems after deployment. Generate patch report and work with the vulnerability management team to close the patching cycle. Proven ability to conduct authentication scans using Tenable.sc, Tenable.io and Qualys. Vulnerability Management Engineer that supports the system/application owner to ensure appropriate implementation of the NIST Security Framework through the lifecycle. Reviewed of the Risk Assessment Report (RAR) with SO for completion and accuracy Identified and recommended appropriate measures to manage, remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management. Performed security compliance and vulnerability assessments; develop and apply DISA- STIG or CIS benchmark or baselines for various operating systems (Windows, RHEL/CentOS) Performed and implemented configurations and or mitigations on both Windows and REHL servers to meet STIG and NIST Compliance. Experienced with cloud solutions such as Microsoft Azure and Amazon web services. CERTIFICATIONS CompTIA - Security + CE Amazon Web Services (AWS) - Certified Cloud Practitioner EDUCATIONBachelor of Science - BS in Cybersecurity System Assurance (University of Maryland Global Campus) (2019) WORK EXPERIENCEYEM GROUP (CONTRACTOR)Sr Vulnerability Management Analyst June 2023-Current Collaborate with the Cybersecurity Organization, technology teams, and infrastructure owners to discover, analyze, communicate, and track vulnerabilities impacting the organization. Conduct vulnerability scans, analyses, and reports to support Fiserv's global Vulnerability Management program. Deploy and maintain vulnerability management technology to effectively identify and mitigate vulnerabilities and security issues. Validate and triage identified vulnerabilities, ensuring accurate prioritization for timely remediation. Contribute to developing and operating the vulnerability life cycle processes, including detection, analysis, prioritization, and reporting. Partner with Cyber Threat Intelligence, Cybersecurity Incident Response, and technology remediation groups to achieve shared outcomes that measurably improve vulnerability detection and remediation. Analyze vulnerability and related data to create prioritization, develop metrics, and identify risks associated with vulnerabilities. Measure and improve scan coverage by analyzing data and implementing enhancements to the vulnerability management program. Actively participate in cybersecurity incident response efforts as needed, providing technical expertise and support. Troubleshoot scan results, especially when Nessus and/or Qualys agents are malfunctioning or misconfigured. Stays current on intelligence and trends in application security and assists in providing developers with the latest compliance information to make security a function rather than an option. Assist in configuring policies, credentials and upgrade both Tenable.sc and Tenanble.io Use Tenable to schedule both on-demand and scheduled scans. Create operational and executive reports in Tenable.sc using matrices to inform platform leads and upper leadership. Perform compliance scans using Tenable.sc and Tenable.io using CIS Benchmark and DISA STIGS. Conduct authentication scans using Tenable.sc and Tenable.io Troubleshoot stale Tenable data using Nessus Agents data and repository information. Used Service Now to intake and track vulnerabilities resulting from vendors such as zero days, third-party research tools, Internal pen test team, Nessus scan results, and CrowdStrike spotlight. Modify CIS Benchmark and DISA STIGS to meet both Windows and Linux Servers baselines. Communicate and coordinate compliance findings with the appropriate system engineering team for baseline configuration changes. Perform remediation on the internal host and rescan for verification while working with other teams for remediation action. Use STIGS viewer to analyze compliance findings and report to the appropriate changes that need to be done on Windows Member, Domain Controllers, SQL servers, and REHL (Red Hat Enterprise Linux) 7 & 8. Perform asset discovery and vulnerability management using tools like Rapid7 and CMDB in client environments.STATE OF MARYLANDThreat and Vulnerability Management Analyst June 2017- May 2023 Possess expert-level knowledge of leading vulnerability scanning tools, including Nessus, Qualys, Nexpose, Netsparker, and Burp Suite. Conduct thorough vulnerability scans, leveraging advanced scanning tool features to identify and analyze security vulnerabilities across complex network infrastructures. Demonstrate a strong understanding of TCP/IP addressing, ports, protocols, services, DNS, DHCP, NAT, PAT, subnetting, and CIDR to communicate effectively within diverse network environments. Utilize in-depth knowledge of various network devices, such as routers, switches, firewalls, IDS/IPS, load balancers, proxy servers, and network taps, to assess vulnerabilities and implement robust security measures. Collaborate with cross-functional teams to prioritize and remediate identified vulnerabilities, ensuring a proactive and efficient response to potential security threats. Develop and maintain documentation related to vulnerability scanning processes, network configurations, and security best practices. Stay abreast of emerging threats, industry trends, and advancements in vulnerability management, contributing to the continuous improvement of cybersecurity practices. Stayed aware of current business and industry trends relevant to the business and cybersecurity Performed vulnerability scheduled scans as directed by management using Qualys and Tenable.sc. Conducted regular vulnerability assessments using Tenable.sc, Tenable.io, Qualys, and other scanning tools to identify security vulnerabilities across the enterprise's infrastructure. Analyzed scan results, assessed the risk associated with identified vulnerabilities, and prioritized remediation efforts based on criticality and potential impact. Collaborated with cross-functional teams to develop and implement effective remediation plans, ensuring timely and secure resolution of identified vulnerabilities. We utilized Service Now to track and manage the vulnerability remediation process, maintaining accurate records and documentation for auditing purposes. Worked closely with system administrators and IT teams to provide guidance on secure configurations and best practices for vulnerability mitigation. Stayed abreast of emerging threats, industry best practices, and updates to scanning tools, adapting the vulnerability management program accordingly. Conducted regular training sessions for IT teams on vulnerability management processes and the use of scanning tools to enhance overall awareness and effectiveness. STATE OF MARYLANDCyber Security Analyst June 2012- May 2017 Conducted additional investigations within the client's area of responsibility for malicious activity or activity that could indicate lateral movement within the environment. Performed network analysis of egress and ingress traffic to inform determination and recommendation during an investigation. Conducted containment of compromised host and performed remediation effort. Perform proactive remediation, such as blocking and taken-downs malicious IOCs through RecordedFuture and Anomali Used Service Now to track, categorize, and escalate tickets to the appropriate teams. Created work note templates that got integrated into Service Now to reduce ticket creation time and improve consistency across the team. Reviewed incident analysis and provided feedback to junior analysts. Used Tanium to track and discover assets and end users during the investigation. Assisted in suppressing false positions through Splunk notables. Performed a lead role in threat detection and incident response activities. Monitored, defended, and protected perimeter interface for malicious network traffic using Splunk ES. Provided threat intelligence and an additional line of defense against cyber-attacks and advanced persistent threats (APTs) using tools like Anomali threat stream and FraudWatch Security. Collected and analyzed security data to find potential anomalies in the security environment and eliminate any risks and vulnerabilities. Used all three industry-accepted methodologies, such as Hypothesis-driven investigation, IOC-driven investigation, and Machine learning investigation, to drive threat hunt efforts. Performed dynamic analysis through the Malware Code Analysis Platform (MCAP) to disseminate malware and observe behavior indicators. Analyzed firewall logs, Full Packet Capture (PCAP), IDS alerts, Anti-malware alerts, Host Intrusion Prevent System (HIPS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings. Assisted in preparing client deliverables, including reports, briefing presentations, and recommendations to communicate security information, event summaries, vulnerabilities, and threats to clients on a routine and periodic basis, helped to distill technical concepts into valuable and informative information. Provided sound technical recommendations that enable remediation of security issues. Provided security monitoring and incident response services in alignment with the mission to protect network assets (including Industrial Control Systems) Carried out investigations into network intrusions and other cyber security breaches. |
