| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
PHONE NUMBER AVAILABLE EMAIL AVAILABLECYBERSECURITY INFORMATION TECHNOLOGYSUMMARYSecurity Administrator/ Analyst with a remarkable 16-year track record of delivering exceptional results in both the private sector and United States Navy.Skilled in information security, cloud security with an emphasis in with an emphasis on the Microsoft security stack (Enterprise Mobility and Security suite), data loss prevention, security awareness program development, program management, executive reporting and strategic planningCloud vulnerability management with Defender for Cloud.Experienced in establishing and developing Information Security Management Systems based on NIST, SOX, ISO, and other frameworks.Experience in developing and delivering a mature cyber security road map with a modern zero trust approach.OVERVIEW OF KEY ATTRIBUTIONSTechnologies & Innovations Possesses exceptional knowledge of IT systems and infrastructure and profound skills in data management and analysis, with a strong emphasis on cybersecurity. Proficient in implementing and managing complex security systems, using technical data to analyze threats, and developing strategies to defend against cyber-attacks. Demonstrates a thorough understanding of the MITRE framework to effectively communicate and collaborate on cybersecurity across different organizations and industries. Possesses excellent strategic skills necessary to plan and control the implementation of new security systems to protect critical assets from cyber threats.Training & Development Demonstrated the ability to assimilate new ideas, concepts, methods, and technologies. Dedicated and innovative team builder with a superior work ethic. Completed Leadership courses to provide the best training and guidance for junior staff members.EDUCATION CERTIFICATIONBachelor of Science (B.S.) Cyber Security & Information Assurance Western Governors University Online In PursuitAssociate of Science (A.S.) Information Technology Multimedia ITT Technical Institute 2006 Joint Cyber Analysis Course Advanced Cyber Capabilities 2015CERTIFICATIONCompTIA Security+CompTIA Net+CompTIA A+ITIL 4 Foundations CertifiedEC Council Certified Encryption SpecialistSplunk Certified AdministratorSSCPTECHNICAL COMPETENCIESSoftware: Microsoft Office 365, VisioVirtualization System: VMWare, Virtualbox, Proxmox, ViteOperating Systems: Linux, Ubuntu, Kali, CentOS, Windows Server 2008 Windows XP, 7 & 10Policies: NIST 800-53, ISO 27001Networking: TCP IP, Protocols, Ethernet, Cisco Routers & SwitchesCyber Security tools: Antivirus software: Symantec, and Bitdefender Firewall software: Windows Firewall, Cisco Firepower, Intrusion Detection and Prevention Systems (IDPS): Snort, Suricata, and Zeek Security Information and Event Management (SIEM) solutions: Splunk, ELK, LogRhythmVulnerability scanning tools: Nessus, Qualys Network security scanners: Nmap and WiresharkWeb application scanners: Burp Suite, OWASP ZAP, and Acunetix Encryption software: VeraCrypt, AES Crypt, and GnuPG, Two-Factor Authentication (2FA) applications: such as Google Authenticator, Microsoft Authenticator, and Authy.PROFESSIONAL EXPERIENCELA Care, Denver, CO REMOTE Aug 2022 2023Security AnalystImplemented controls that align with HIPAA compliance requirements, reducing the number of automated services and scripts utilizing root privilege access by 40% and mitigating the risk of inadvertent escalation of privileges.Configure, test and enforce security policies within Defender for O365 in accordance with best practices including internal and external audit standards.Investigated and reported on 25 phishing email events, leading to the implementation of improved email security protocols and providing recommendations to prevent similar issues in the future.Identified and addressed compliance gaps by discovering 363 devices lacking antivirus protection, promptly installing antivirus software on those devices, and reducing the risk of malware infections that could compromise protected health information (PHI).Work with team to configure Data Loss Prevention policy for compliance.Recommended the removal of unnecessary applications from servers, resulting in a 15% increase in server performance.Designs future-state architecture and successfully identifies technologies to implement mandated enterprise Zero Trust concepts.Recommended the retirement of 50 outdated and unnecessary pieces of equipment from the LA Care Network, leading to a 20% reduction in maintenance costs and increasing overall network reliability.Recommended and implemented configuration changes to the LogRhythm SIEM, resulting in a 30% increase in threat detection accuracy and reducing the bottleneck in incident response.Demonstrated commitment to HIPAA compliance by collaborating with the service desk and sysadmins to remove encryption standards from LA Care, aligning with security regulations, and improving system performance by 25% while ensuring the privacy and integrity of patient data.Jacobs, Colorado Springs, CO Feb 2022 July 2022SIEM AdministratorSuccessfully implemented a SIEM solution in air-gapped, multi-domain environments for a $30 million contract, resulting in increased revenue and customer satisfaction.Reduced incident response times by 50% by designing and implementing automated incident response workflows in the SIEM.Provide technical leadership and expertise to support O365Improved threat detection accuracy by 40% through the fine-tuning of SIEM rules and correlation logic.Reduced SIEM false positives by 30% through the implementation of advanced threat intelligence feeds and the creation of custom correlation rules.Demonstrated expertise in manual hardening and system compliance techniques, implementing measures to safeguard critical assets.Developed innovative solutions to address moderately complex information system compliance and security challenges, leveraging comprehensive understanding of security design concepts.Proven self-starter with exceptional multitasking and time management abilities, delivering results efficiently.Collaborated effectively in a team environment, fostering cross-disciplinary cooperation to achieve project objectives.Communicated proficiently with program leadership organizations, translating technical concepts into clear and concise messages.Demonstrated track record in vulnerability assessment and remediation, ensuring robust protection of systems and networks.Maintained relevant security certifications, including DoD 8570.01 IAT-II certification (Sec+) for a Linux environment.Network Security Engineer Jan 2021 - Feb 2022Reduced the number of security incidents on the network by 40% through the implementation of advanced firewall rules and network segmentation.Improved network uptime by 30% through the implementation of network redundancy protocols and the configuration of high-availability devices.Designed and implemented a security information and event management (SIEM) solution, resulting in a 50% reduction in the meantime to detect security incidents.Implement M365 Security capabilities such as Data Loss Prevention (DLP), Microsoft defender for endpoint protection.Proficient in Agile and Scrum methodologies, adeptly applying them to hardware and software life-cycle management and engineering change proposal processes, resulting in streamlined operations and efficient project execution.Demonstrated hands-on technical expertise as an individual contributor, with a proven track record of success in one or more areas such as Linux system administration.Documented skills and experience in Linux system administration, showcasing the ability to effectively manage and optimize Linux-based environments, ensuring high availability, security, and performance.Strong understanding of hardware and software life-cycle management, utilizing best practices and industry standards to drive effective planning, development, testing, and deployment of products and solutions.Collaborative team player with excellent communication skills, able to work effectively across cross-functional teams, bridging the gap between technical and non-technical stakeholders to achieve project goals.Booz Allen Hamilton, St. Louis, MO Dec 2018 Dec 2020Network EngineerDesigned and implemented a virtualized infrastructure solution, reducing server hardware costs by 30% and improving resource utilization by 40%.Reduced the time required to provision virtual machines by 50% through the implementation of automated provisioning workflows and templates.Improved the availability of virtualized applications by 25% through the implementation of high-availability and disaster recovery configurations.Designed and implemented a virtual desktop infrastructure (VDI) solution, resulting in a 50% reduction in hardware and licensing costs for end-user workstations.Improved end-user productivity by 30% through the implementation of VDI, enabling remote and secure access to corporate resources.Reduced virtual infrastructure maintenance costs by 20% through the implementation of proactive monitoring and maintenance processes.Designed and implemented a virtualized backup and recovery solution, reducing the recovery time objective (RTO) for virtual machines by 60%.Improved the security of virtualized environments by 35% through the implementation of virtualized network security controls, including micro-segmentation and virtual firewalls.Sandoval Technologies, St. Louis, MO May 2018 - Dec 2018Cyber Security SpecialistProvided training on effective use of security software; ensured all trainees could pass competency on programs used and expectations of the organizationSupported development of applications, dashboards, and ecient use of resources for network security monitoring; focused on Host, Network, and Server based intrusion detection and protectionConducted vulnerability analysis to support risk mitigation and security implementation in accordance with Defense Information Systems Agency Security Technical Implementation Guides and Air Force Instruction; required understanding of adversary emulation to detect attack against Air Force and inter-Agency infrastructureUsed Wireshark to collect PCAPs, then review PCAP for malicious activityUnited States Navy, Various Locations Mar 2008 May 2018Cryptologic Technician Network AnalystConducted network analysis and implemented network security controls, reducing the number of successful cyber attacks on the organization by 50%.Designed and implemented a network intrusion detection system (NIDS) solution, improving the organization's ability to detect and respond to cyber attacks.Analyzed network traffic and identified malicious activity, resulting in the successful mitigation of 10 high-severity cyber incidents.Provide advice on DLP development.Demonstrated expertise in implementing, troubleshooting, and adapting ELK (Elastic, Logstash, Kibana) for logging and auditing purposes, ensuring seamless operations and optimal performance.Conducted in-depth analysis of audit log data, leveraging strong analytical skills to assess compliance with published standards and regulations.Proven ability to analyze events or incidents, effectively triaging issues, conducting comprehensive log analysis, and identifying the root cause to mitigate security vulnerabilities.Collaborated closely with customers to understand their specific requirements and customize SIEM (Security Information and Event Management) tools, ensuring alignment with security and compliance needs.Played a vital role in the administration and maintenance of SIEM and Log Management tools, ensuring their reliability, availability, and optimal functionality. |
