| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Phone: PHONE NUMBER AVAILABLEEmail: EMAIL AVAILABLEProfessional SummaryResults-driven and seasoned cybersecurity professional with 8-9 years of experience in developing and implementing robust vulnerability management programs and proven ability to lead high-performing teams, collaborate with cross-functional stakeholders, and drive continuous improvements in security processes. Adept at staying abreast of industry trends and emerging threats to adapt and enhance vulnerability management programs accordingly. Hands-on experience leveraging industry-leading tools (Qualys, Tenable.sc, Tenable.io, Rapid7, Qualys, ServiceNow, CrowdStrike, WIZ, Prisma, and Nessus) to secure systems. Experience in asset discovery, vulnerability assessments, risk management, system hardening, continuous monitoring and POA&M management, compliance scans, and mitigation activities. Good knowledge of administrating databases and supporting the architecture, design, implementation, and configuration of highly available, secured, and resilient database systems on-premises and in cloud environments (GCP, Azure, and AWS).CertificationsCompTIA Security +Professional ExperienceVulnerability Management EngineerKaiser Permanente Nov 2022PresentUse Qualys and Tenable for end-to-end vulnerability management while creating custom CCRI-relevant queries, dashboards, and reports to help you gain insight into the clients most critical assets, reduce overall vulnerabilities per host, and help the organization remain secure and compliant.Identify and recommend appropriate measures to manage, remediate vulnerabilities, and reduce potential impacts on information resources to a level acceptable to the senior management.Provide prompt attention and visibility into risks, vulnerabilities, and issues, serving as an escalation path for team members while driving actionable matrices and risk reports to Leadership.Perform security compliance and vulnerability assessments; develop and apply DISA- STIG or CIS benchmarks or baselines for various operating systems (Windows, RHEL/CentOS)Perform asset discovery and vulnerability management on the client environment using tools such as Rapid7 and CMDB.Provide prompt attention and visibility into risks, vulnerabilities, and issues, serving as an escalation path for team members while driving actionable matrices and risk reports to Leadership.Track and obtain CVE data based on newly zero-day announced vulnerabilities and make this information available in a daily Vulnerability dashboard and notification sent to stakeholders.Perform third-party risk and vulnerability management activities, including risk analysis, findings creation and reporting, and remediation monitoring using Qualys and Tenable.Excellent team player capable of productively contributing to the client mission by supporting fellow teammates in a dynamic, growing, and changing environment.Review vulnerability data from multiple sources (e.g., external/internal penetration testing, internal/external vulnerability scanning, etc.) across multiple technologies and a changing environment, including infrastructure and applications, to determine the risk rating of vulnerabilities to business assets.Review, update, and develop required security documentation, including, but not limited to, System Security Plans (SSPs), Contingency Plans (CPs), Plans of Action and Milestones (POA&Ms), and Security Assessment Reports (SARs).Evaluate and determine if/when information security violations have occurred through network or device logs, open-source research, vulnerability, and configuration scan data, and user-provided reports.Provide technical assistance to system owners when needed.Obtain the ability to demonstrate understanding and in-depth knowledge of security threats and apply actionable data to processes and procedures.Demonstrate understanding and knowledge of correlation analysis and an understanding of monitoring programs, such as Splunk.Mentor and guide team members with vulnerability assessments, mitigation techniques, and approaches. Stay current on the latest technology trends, particularly as they apply to vulnerability and risk management.Test DISA-STIGs benchmarks for updates and new releases for technologies such as Fortinet Fortigate Firewall, MS Edge, IBM WebSphere Liberty Servers etc.Assigned DISA- STIGs to specific systems or areas within the branch's internal database.Vulnerability and Risk AnalystFM Global Sept 2019 Sept 2022Developed, created, and implemented a comprehensive vulnerability management program aligned with the enterprises objectives and risk appetite.Supported and led a high-performing team of cybersecurity professionals, providing guidance and mentorship to ensure the success of the vulnerability management program.Collaborated with cross-functional teams to identify and prioritize vulnerabilities, developing effective remediation plans that integrated seamlessly into business processes.Ensured understanding and integration of vulnerability management priorities across various teams.Drove continuous improvements in vulnerability management processes and tools through the use of industry-leading technologies, automation, and data-driven insights.Stayed current on industry trends, emerging threats, and best practices in vulnerability management, adapting the program to maintain optimal security posture.Evaluated and recommended vulnerability management tools and technologies, achieving an optimal balance of effectiveness and efficiency.Developed and delivered regular metrics, reports, KPIs, and presentations to executive leadership and key stakeholders, effectively communicating the status and effectiveness of the vulnerability management program.Built a diverse vulnerability management program covering secure software development lifecycle, patch governance, and application security.Logged and tracked discovered vulnerabilities.Used Service Now to triage remediation tasks and assign them to the system owner, tracking tasks accordingly.Applied root cause analysis to identify and assess problems and key drivers of success. Developing potential conclusions from data with limited complexity.Completed ad hoc metrics and reporting when requested.Stayed aware of current business and industry trends relevant to the business and cybersecurity Performed vulnerability scheduled scans as directed by management using Qualys and Tenable.sc.Work with the Business owners to effectively communicate the risks of identified vulnerabilities and recommend selecting cost-effective security controls to mitigate identified risks.Ensures scan results are presented in appropriate dashboards and reports and forwarded to other data systems as necessary.Interfaced with third-party vendors and other Conduent organizations to improve the scanning process.Initiated remediation campaign and follow-up with Asset owners to mitigate based on SLA.Performed and led various levels of data analysis, data and metric reporting, and research on existing and emerging cyber threats, particularly those directed against clients' networks.Strong understanding of IT environments, information security, and privacy. Experience analyzing and evaluating network and security vulnerabilities.Experienced with SIEM and EDR tools such as Splunk, MDE, and CrowStrike.Experience with Web Application scanning using Tenable.io.Experience with Host-based scanning using Tenable.sc Install and troubleshoot Nessus AgentPerformed compliance and secure baselines scans (CIS, STIG)Cybersecurity/SOC AnalystSRA International Jun 2015 Jun 2019Worked with federal clients to mitigate cyber risk and threats and detect, collect, and report cybersecurity incidents.Monitored security events and escalated verified alerts according to procedures to activate incident response processes with tools such as Netwithness, FireEye EX, NX, AX, and Splunk.Assisted in preparing client deliverables, including reports, briefing presentations, and recommendations to communicate security information, event summaries, vulnerabilities, and threats to clients on a routine and periodic basis, helping to distill technical concepts into valuable and informative information.Provided sound technical recommendations that enable remediation of security issues.Provided security monitoring and incident response services in alignment with the mission to protect network assets (including Industrial Control Systems)Analyzed firewall logs, Full Packet Capture (PCAP), IDS alerts, Anti-malware alerts, Host Intrusion Prevent System (HIPS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings.Supported investigations into network intrusions and other cyber security breaches.Supported a coordinated response to complex cyber-attacks that threaten assets, intellectual property, and computer systems.Contributed to developing and improving security monitoring and incident response processes and solutions as required to support our cyber security program. Operate security monitoring and incident response toolsets with a focus on continuous improvement.Researched and recommended solutions for incident response and digital forensics using OSINT tools.Utilized advanced threat models, SIEM use cases using Splunk, and incident response playbooks specific to customer network requirements.Analyzed and evaluated anomalous network and system activity.Performed continuous and constant monitoring of intrusion detection systems.Created technically detailed reports based on intrusions and events.Aided in computer incident investigations.Assisted in troubleshooting and solving a wide variety of client issues.Used network security analysis tools like Snort, Splunk, TCPDUMP, Wireshark, and other Host or Network-based Intrusion Detection Systems.Used Splunk to validate log sources and indexed data, searched through indexed data to optimize search criteria, and created custom alert schema, reports, and dashboards.Added Customer Context, eliminated noise and false positives, and developed trends and data models using Splunk.Analyzed PCAP files and email headers for any malicious content.Performed security patches for Linux/UNIX and Windows OS.Perform penetration tests on computer systems, networks, and applications.Create new testing methods to identify vulnerabilities.Use Metasploit for both Linux and Windows exploits and payloads.Built python scripts for port scanning using socket and TCP.Familiarity with socket methods such as Server, Client, and GeneralSearched for common software, web applications, and proprietary systems weaknesses.Pinpointed methods and entry point that attackers may use to exploit vulnerabilities or weaknesses. |
