| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
PHONE NUMBER AVAILABLEWoodbury, Minnesota Street Address
EMAIL AVAILABLEhttps://LINKEDIN LINK AVAILABLEFederal Security Clearances: GSA USPS2 USDA FISMA high EnvironmentSecurity Technologies: Nessus Tenable Vulnerability Management Qualys Vulnerability Management HP Web Inspect Linux DLP Alerts Assessments Data Analytics BI Tools (Tableau, Cognos, SAP/BO) Microsoft Defender for Cloud Apps RSA ArcherEducationMasters Degree in Information Security Technologies, University of MinnesotaMasters Degree in Management Information Systems, Metropolitan State UniversityBachelor of Science in Business Administration, National American UniversityExperienceLumen 2/23/2023 5/31/2024Senior Information Security EngineerRepresent Federal SOC as a Subject Matter Expert (SME) regarding Lumen vulnerability scanning capabilities and methodologies.Oversee response to High severity vulnerabilities that impact Lumen systems by analyzing vulnerabilities, identifying systems impacted, and collaborating with system owners to communicate risks, establish remediation priority, and validate remediation efforts.Coordinate and lead routine vulnerability scanning and remediation oversight on Lumen systems and external federal customer systems as required for compliance of Federal Information Security Management Act (FISMA), and other industry compliance standards as necessary.Identify vulnerabilities on Lumen systems and external federal customer systems through vulnerability scanning for Lumen infrastructure, products, and services encompassing network elements, operating systems, databases, and applications across the corporate enterprise.Contribute to strategic security initiatives to improve vulnerability management and vulnerability scanning capabilities through automation development, process enhancements, and infrastructure expansion.Create reports and generate vulnerability metrics for executive management levels to utilize in making informed business decisions that impact the security of Lumen and its Federal customers.Perform operational support of vulnerability management systems and applications that the Federal SOC team is responsible to maintain and define documented procedures and processes.Conduct penetration testing on a limited basis to assist Federal SOC team penetration testers.Identify deficiencies within vulnerability management and vulnerability scanning tools, procedures, and processes and provide recommendations for improvement.Securian Financial July 2020 2/17/2023Senior Information Security Risk AnalystAssessed adequacy of security process and controls, calculating the impact of potential adverse events, and facilitating risk mitigation planning.Raised security and risk awareness, provided security recommendations, and enabled risk-informed decisions.Consulted with, and provided guidance, to project teams, control owners, and partners to safely enable business objectives.Advised new security Policy, standards, best practices, and system configuration.Partnered with business leaders to facilitate information risk analysis and mitigation plans.Developed and maintained relationships with business technology leaders, developers, architects, and stakeholders to support and facilitate risk management practices.Embraced and influenced a culture of continuous improvement by evaluating, collaborating, and recommending program and service improvement opportunities.Assisted with development and maintenance of Information Security awareness and education materials and presentations.Reviewed and provided direction on privileged security and firewall access requests.Processed security oversight alerts, such as Data Loss Prevention (DLP) alerts.Supported internal and external client audits by interviewing and preparing any necessary evidence.Collected and analyzed security metrics to measure the effectiveness of the security management process.Assisted with development and maintenance of documented Information Security policies, standards, and controls.Signature Consulting April 2019March 2020Business Data Analytics Consultant (Contractor)Contributed to creating a process that will safeguarding financial crime data based on corrective action from the US Treasury department.Scanned for financial crime data using the data Platforms (SQL, Oracle, Teradata, Hadoop, DB2 SAS and BI Tools.)Identified Servers/Databases connected to the SAR/UAR data.Developed and implemented Active Directory Access controls on the SAR/UAR data making sure offshore users do not have access to it.Developed and implemented security standards, procedures, and guidelines for multiple platforms and in diverse systems environments.Reviewed the development, testing, and implementation of security plans, products, and control techniques.Cargill, Minneapolis, MN February 2017 October 2018Vulnerability Management AnalystPerformed information system security vulnerability scanning using Tenable Nessus to discover and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components.Performed compliance scanning to analyze configurations and facilitate implementation of configurations and hardening settings for networks, operating systems, applications, databases, and other information system components.Scanned without results and evaluated or collaborated with Nessus Tenable to develop a new plugin to detect the vulnerability.Provided analysis of vulnerabilities to other team members to assist with overall vulnerability remediation efforts.Weekly scans of systems that Performed access control procedures, including use of information database and all associated control processes.Established relationships with system owners and business process partners to ensure that identified vulnerabilities are remediated in accordance to established timelines.Monitored team mailbox and ticketing system to ensure proper steps are taken for all identified vulnerabilities and support of the Security Operations Center (SOC.)Worked with the program manager to develop and maintain a vulnerability intelligence process that monitors for emerging systems vulnerabilities.Automated the vulnerability management process to improve operation efficiency.Analyzed penetration test results and engaged with technology partners and business units to resolve identified vulnerabilities within SLAs.Understand approaches for addressing vulnerabilities including system patching, deployment of specialized controls, code or infrastructure changes, changes in development processes, cloud and mobile devices.Identified and resolved any false positive findings in assessment results.General Dynamics/UPS, Minneapolis, MN October 2015 November 2016Information Security Analyst/Penetration TestingPerformed vulnerability assessments using enterprise vulnerability scanning tools (Tenable Nessus Scanner) supporting United States Postal Service IT infrastructure and its tenants as needed.Performed penetration testing using HP Web Inspect tool.Configured and operated vulnerability management systems to run scheduled and ad hoc vulnerability scans.Identified and evaluated potential threats and vulnerabilities.Analyzed and prioritized discovered vulnerabilities to ensure remediation in a timely manner and in compliance with regulatory requirements. |
