| 20,000+ Fresh Resumes Monthly | |
|
|
| | Click here or scroll down to respond to this candidateCandidate's Name
EMAIL AVAILABLE PHONE NUMBER AVAILABLE Austin, Texas Street Address
PROFESSIONAL EXPERIENCEOverall Experience 3 years of experience with SIEM and vulnerability 2 years of security engineering experience (IAM, AWS, Azure) 3 years of program management and ticketing systems. 2 years of security analyst experience 2 Years of governance, risk and compliance experience 1 year of DevOps Experience 2 years of full stack developmentWEX Inc. July 2022 PresentInformation Security Analyst /Engineering Remote Portland, ME Managed vulnerability assessment and remediation efforts and successfully closed security findings within strict deadlines. Designed and implemented security policies and procedures, ensuring compliance with ISO 27001, NIST and GDPR regulations. Conducted regular security audits and risk assessments, providing actionable insights to enhance the security posture. Developed custom security scripts and tools to automate repetitive tasks, improving operational efficiency by 25%. Worked closely with development teams to embed security best practices into the software development lifecycle (SDLC). Led comprehensive security assessments, identifying and mitigating critical vulnerabilities in cloud infrastructure and applications. Conducted in-depth code reviews using tools like Veracode, Checkmarx, and HPe Fortify, resulting in a 30% reduction in high-risk vulnerabilities. Collaborated with Red Team to perform penetration testing and develop threat models, improving the overall security resilience. Implemented automated security solutions, including SAST, DAST, and SCA tools, enhancing the efficiency of the security review process. Ensured all the exceptions had resolution plans and compensating controls in place while remediating the findings Worked with CISO and other teams to prioritize the findings based on their severity (critical, highs) and provided everything needed for audit. Regularly reviewed the browser extensions in place to make sure their codes are updated, and the manifest version is up to date. Collaborated with the development team, and DevOps for coding best practices and deployment. Led the initiative to integrate security controls into CI/CD pipelines, reducing the time to detect and remediate vulnerabilities by 40%.Real Digital Information Security Analyst Remote Feb 2021- June 2022 Assisted in monitoring and analyzing security events, identifying potential threats, and initiating incident response procedures. Performed security vulnerability scans using tools like Nessus and Qualys and provided detailed reports on findings through PowerBi. Supported the implementation of network security measures, including firewalls, IDS/IPS, and VPNs, ensuring secure access and data protection. Maintained and updated security documentation, including policies, procedures, and incident reports. Ensured cybersecurity hygiene, managed BitSight and SSC Took a lead on the policy exceptions and vendor management side (PCI, SOC, SaaS, AI and other assessments, HIPAA, API Assessment)EDUCATION University of Southern Maine Master of Science, Computer Science and Cybersecurity Southern New Hampshire University August 2020 Bachelor of Science, Information Technology Thrive Cybersecurity Program Israel, October 2020 CERTIFICATES CompTIA CYSA+, November 2023 CompTIA Security +, Feb 2023 Penetration Testing Course Associate (ICSI, UK), March 2021 Python Hacking Course, January 2021 Web Application Penetration Testing Practical (WAPT), December 2020 Network Security Specialist (ICSI, UK), June 2020 Advanced Ethical Hacking, January 2020Skills and Tools Security Tools: Veracode, Checkmarx, HPe Fortify, Nessus, Qualys, Burp Suite, Metasploit Programming Languages: Python, Java, JavaScript, C++ Frameworks: OWASP, NIST, ISO 27001, GDPR Technologies: Docker, Kubernetes, AWS, Azure, GCP, LogicGate, Netskope, Axonius, Qualys, Splunk, Jira, Azure, NMAP, Virtual Machine, Ansible, Scripting, Jenkins, Coupa, Certa. Soft Skills: Strong analytical skills, excellent communication, team collaboration, problem-solving |