| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Senior Security AnalystSECRET CLEARANCEPHONE NUMBER AVAILABLEStreet Address
EMAIL AVAILABLETECHNICAL SKILLS IncludeWindows Server 2012R2, Software Installation, Microsoft Exchange, Software Documentation, Computer Hardware, Troubleshooting, Putty, McAfee EPO, Wireshark, WSUS, Active Directory, Networking, Technical Support, Operating Systems, Linux, Help Desk Support, System Deployment, System Administration, Windows 10, BMC Remedy, VMware, VPN, Workstation imaging, Antivirus, NIPRNET, and SIPRNET, BlackBerry Enterprise Server, Dell GPO Admin, Dell Change Auditor, Assured Compliance Assessment Solution (ACAS), NIST, Metasploit, Kali Linux, and Splunk Enterprise Security, SIEM Fire eye, IDS, IPS (Wireshark Full Pcap) (Fireeye) HX,NX,EX,ETP, Firewalls: Palo Alto, Juniper, Net screen, Service now, Cisco IPS HIPS, Forescout, SCCM, Google Vault, NIST-800-171 compliance for government contractors NIST 800-60, Service Now, Nessus, Sentinel 1, Windows defender, Microsoft threat analytics Palo alto, Fortinet. AWS, Azure.PROFESSIONAL EXPERIENCE(DGC) USAIDComputer Systems Incident Response Team (CSIRT) Analyst II Dec 2018 - CurrentManual Kev analysis (pulling known exploitable vulnerabilities for Windows Linux Mac IOS and IMAC) This is a manual report were I filter for all assets observed within the last 7days in Nessus. I export a report and then perform a VLOOKUP to get accurate values.Kev analysis training for new team membersAsset discovery. Pulling Asset reports from security tools such as Forescout HX, SCCM and AirWatch.IRP review and Testing for the client.Zero-day timeline analysis of when Zero-day exploits are published, assets are discovered and when patches are being implemented. And also identifying what assets are impacted by these new active exploits.Reporting any infected host or IOCs (indicator of compromise) to US-Cert (30 minutes prior to detection)Reviewing Alert in FireEye HX, NX, EX, ETP (Identifying if these alerts are true positives and performing any remediation that is necessary.gathering of any triage data, investigation details, file, or browser history pertaining to an alert.utilization of Splunk ES (Enterprise Security) for any log history pertaining to any events by reviewing and dissecting any (Juniper, Net screen Syslog. Panorama) logs.performing GREP and ZGrep searches on the sys log servers for any data that hasn't been archived so we may view data dating back 5 years ago to make proper determination.Weekly status meetings updating the client on existing vulnerabilities and anomalies by providing recommendations and different remediation tactics.Sending out CISO counseling forms to council users for downloading any authorized software or any user that has committed any security violations.Monitor Fire eye ETP for any suspicious retroactive Phishing alerts.Being sure to Follow NIST guidelines for NIST-800-171. outlines cybersecurity-related requirements government contractors. (DOD) published a page interim rule to the Defense Federal Acquisition Regulation Supplement.(Apex Systems) AT&T Army UCSenior SOC analyst (SOC Lead)/ Splunk Junior Admin July 2017- Dec 2018Completing (DAR) daily activity reports.Completing SOC morning reports.Completing (WAR) Weekly Activity Report.Helping in process new SOC and NOC personnel.Deploying Splunk- creating Port mirroring/ installing Splunk/ Install Stream Application on Splunk/ Setting up Sys log in CentOS/ installing Universal Forwarder.Testing access to ACAS HBSS Splunk and Nessus scanner.Shift turnover informing the next shift of any device issues or any other malicious events that have occurred throughout the shift.Sitting in meeting with SOC manager and HBSS, Splunk and ACAS admins, going over new tasks and implementation.Sitting in on interviews for new hires.Performing Putty redirects to network devices such as Nessus scanner, ACAS, and HBSS.Writing out SOP s for new SOC policies and procedures.Running ACAS SCANS on Boulder and Vienna Environments.Helping NOC admins SCAP Linux servers. Working with Splunk Admin on creating filters/alerts/dashboards for SOC team.Run daily health checks on Splunk Deployment server.Configuring universal forwarders when it not phoning home or responding to edge servers.Reviewing Splunk Build documentation and making sure Red hat admin can conduct deployment and perform daily backup of server.Prism, Inc (DMDC)IA Security Analyst/ Systems Engineer February 2017- July 2017Ensuring that STIG standards are compliant on JAMMS Toughbook LaptopsImplementing SCAP scans on laptops to make sure they are at 98% or higher for DISA requirementsPatching IAVA and local environment on Server 2012 R2Building out VM 2008 and 2012 R2 windows serversMaking updates available in WSUS to deploy to servers and workstationsBuilding out network diagrams for new SCCM and WSUS server build.Supporting any JAMMS TOPPS and SPOT applications.Creating report in ACAS for any updated scans on the production serversFailover clusteringCreating user account for Cisco VPN and granting permission to users in Active DirectoryNIST 800-60 of providing appropriate Standards to be used by federal agencies to categorized information systems collect or maintained by an agency based on objectives level of information security according to range of risk levels.Tower Federal Credit Union-Laurel, MDSecurity Analyst September 2016 to January 2017Network Monitoring and security scanning utilizing Nessus Vulnerability scanning.Security Center - keeps track of all critical and high vulnerabilities and reporting. (ACAS)Event Tracker SIEM- keeping track of security logs, tracked security logs and security reports in secure works.Patched workstations to meet required standards. Audited VPN and OTT serverscreating synopsis and escalating issues to network team Stig updates andRunning nightly AD hoc ScansRTGX (Department of State), Catonsville, MDCyber Security Analyst/ Senior Shift lead CIRT Team November 2015 to October 2016Monitored and analyzed network traffic Using SIEM alert toolsIDS alerts, network and system logs, and available open source information to detect and report threats to customer networks.Designed and Set-Up the Splunk Architecture in the organizationRan HTTP reports on Linux platform and sending out duties and responsibilities to another analystPerformed CERT/SOC operations to include IDS event monitoring and analysis, vulnerabilities, security incident handling, incident reporting, and threat analysis.Configured Indexers, Forwarders (Universal and Heavy), Search Heads, Deployment/Management ServersCreated Dashboards according to the business needs using Advance XMLVarious sources of data log analystAssisted writing Splunk QueriesIncident response procedurespackaging CSV files with Long header information short header MD5 hash and PCAP.Performing analysis on bro logs and captured IDS eventMonitoring and threat hunting.GINIA Inc, Alexandria, VAIT Security Administrator February 2013 to November 2015Worked with Active Directory creating user account, password resets/lockouts, in addition to updating and managing GPO updatesImaged computer (DSM Client), SCCM/ DSM- creating images, STIGS and software pushes and HipsResponsible for managing 25 VM servers and 3 physical servers.Patch management/ and failover clustering for VM servers.Update and software Packaging for workstation / SCCM /WSUS.Conducted HBSS and ACAS vulnerability scansInitiated Windows 7 deployment upgradeResponsible for managing Blackberry serverSpecial project- (FMTS) - VM Production Server Creation. (migration of server 2008 R2 to Server 2012)Cleared customer's security logs /Enterprise email Migrating.Network monitoring using (Wireshark) Packet analysisApex Systems (Lockheed Martin) Bolling Air Force Base (Supporting 844th air force brigade)Desktop Support/System Administrator March 2012 to February 2013Worked with Active Directory setting up user accounts and domains, creating user accounts, password resets/lockouts /DRA/ SharePoint.Microsoft Exchange 2003/2007/ 2010.Documented all reporting issues into Remedy- for Incident request/ Change requests providing great response time and customer service (phone support)Administered network TCP/IP configurations,Troubleshoot hardware and software issues, running patches and updates on physical servers (server 2003/2008)Ran patches and updates, STIGS on laptopsConducted network monitoring and security scanning utilizing Nessus vulnerability scanningManaged web servers making sure they are patched and updatedReset spooler for printer issues.Set up customers Blackberries.Responsible for expired account in RSS mailbox.GPO UpdatesACAS Vulnerability scansWSUSVMware ESXI configurationsSystems AdministratorTierII/ TierIII Support April 2011 to March 2012Utilized Active Directory /DRA/ SharePoint. Group policy / Attendance of meetings about network efficiencies, setting up user accounts and domains/ creating user accounts.Worked Microsoft Exchange 2003/2007/ 2010, and MS server 2003/2008/ familiar with python scripting.Vulnerability scanning using Nessus scanning tool Responsible for cleaning and reformats of the systems.Used Remedy ticketing system for - Incident request/ Change requestsConfigured the telecommunications systems and networks for DOD.Windows / XP/Vista/ Windows 7/ Server patching and updatingProvisioned CAC cards/ system center configuration manager / managing customer's devices. Patched physical servers (Server 2003/2008)Used Dame Ware remote access to install software.Responsible for VPN and Citrix setup on customer LaptopsTroubleshoot any software or hardware related issues Setup SIPR (secret) and NIPR (not secret) accounts for the ArmyVT AepcoProgrammer/ IT support May 2010 to June 2011Wrote in XML, HTML coding using Architect software for cargo helicopter manuals. Used JavascriptInstalled and troubleshoot any PDA or blackberry issues.Troubleshot, install, document, and configure software applicationsPerformed desktop support for all remote access systems.Evaluated any hardware or firmware related issues.Took XML and HTML training coursesVirginia CollegeJunior Network Admin/Network Engineer September 2008 to May 2010Responsible for updating latest software on personal computers. Reformatted and cleaned out any personal computers that are infected.Assisted the IT Administrator with any duties that need to be fulfilled.Troubleshot, installed, documented, and configured software applicationNetwork Protocols OSPF, EIGRP, and configured ASA firewalls and bash Scripting.Patch management and daily health checks.Elegant at HomesJunior Network Technician May 2004 to April 2007Managed the IT infrastructure. setup firewall, run patches and updatesResponsible for over 100 user accounts. Ensured safe Ethernet connectivity on wired network.Made sure that printers where mapped correctly.Strong in Active Directory, Group policy / creating user accounts/ patching exchange Server 2003Set up user accounts and domains/ running updates and patches. / DRA/ very proficient in Remedy.EDUCATIONVirginia CollegeBA Network Engineering (Still in progress)CERTIFICATIONSCompTIA Security+ CE Certification Network+ Certification. CYSA+ (Cyber Security Analyst Plus), Assured Compliance Assessment Solution (ACAS) Certificate, Splunk Certified User Certificate, HBSS (Host based Security Systems (DISA), Metasploit certified Professional- (Splunk Certified Power User (Pending October 17,2018) |
