SUMMARY:

• Cybersecurity / Identity & Access Management Specialist/Computer Forensics / Network Administration/ IT Specialist/ Data Loss Prevention Certified Highly analytical IT professional Skilled with expertise in risk management unauthorized access viruses and a wide range of vulnerabilities and threats.
• Well - versed in direct and remote analysis with strong critical thinking communication and people skills.
• Able to thrive in fast-paced and challenging environments where accuracy and efficiency matter with 15+ years of cross-platform experience in systems administration, network operations, and technical troubleshooting.
• Supply outstanding technical, operational, and training support for hardware and software systems. Detailed understanding of network connectivity, migrations, security, and database applications.
• Detected and mitigated of DDOS attacks.
• Monitors and responds to complex technical control facility hardware and software problems utilizing a variety of hardware and software testing tools and techniques. Provides primary interface with contractor support service groups or provides internal analysis and support to ensure proper escalation during outages or periods of degraded system performance. Provide network server support. DLP and NAC implementation and configuration, Cisco ACE Web Application Firewalls.
• Strong interpersonal and communication skills; capable of writing purchase justifications, training in complex topics, making presentations to an internal audience, fostering teamwork, develop informal project plans.
• Detect attackers’ reconnaissance activities in real time. Heighten the intelligence of Organization existing security infrastructure to find hidden patterns and relationships suggesting malicious activity to better business decisions about organization cyber risks and arms the business with an essential layer of business - relevant cyber protections plan that enhances the business existing security defenses .
• Strong knowledge and demonstrable experience of information security technologies and methods.
• Under general direction, responsible for the acquisition, installation, maintenance and usage of the wide and local area network, Manages network performance and maintains network security, DLP Security, Ensures that security procedures are implemented and enforced, installs all network software, evaluates, develops and maintains telecommunications systems, troubleshoots network problems, establishes and implements network policies, procedures and standards and ensures their conformance with information systems and company’s objectives.
• Ability to perform and interpret vulnerability assessments.
• Ability to administer the operations of a security infrastructure.
• Talented in information security management and IT auditing, providing risk management/analysis, computer forensics, and cybersecurity. Experience in providing support to end users in a help desk setting. Document and track user issues to ensure timely resolution of problems.
• Execute project and program management, leading teams, designing workflows, and providing excellent customer service. Strong verbal and written communication skills.
• Strong background working with clients, designers, and programmers to identify requirements, provide cost analysis, assist with creating user interfaces, and develop implementation timelines.
• In-depth understanding of project lifecycle, including all phases of system and software development.
• Proven track record in testing, quality assurance, and networking.
• Superior communication, presentation, and interpersonal skills.
• Experienced in penetration testing, as well as network, Active Directory (AD), and SharePoint administration. Use business analysis skills to solve complex problems.
• Exercising Judgment and Decision Making: Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that is consistent with available facts, constraints and probable consequences.

TECHNICAL PROFICIENCIES:

Network Security Monitoring Tools: Windows, Macintosh, Linux, Project management, Identity and Access Management, Risk Management, System Analyst, SLA implementation, Business Continuity and Disaster Recovery, Cyber Security, Network Administration, Business process Improvement, SOX Compliance, Data loss Prevention, Technical Infrastructure (LAN/WAN/VPN/NOC), Workstation Installation/Configuration., MS-DOS, PowerPoint, Microsoft Windows 7 and 10, Microsoft Office 2007, 2010, Microsoft Outlook, Microsoft 365, Microsoft Office Suite, Visio, MS Project, SAP, ExcelSymantec DLP, Teramind DLP, Clearswift Adaptive DLP, SecureTrust DLPCheck Point DLP, Digital Guardian Endpoint DLP, Code42, CA Data Protection, Comodo MyDLP, SolarWinds Data Loss Prevention with ARM, Argus, Nagios, Splunk, OSSEC, Nmap, Nessus, Metasploit, Kali Linux, John the Ripper, Cain and Abel, Tcpdump, Wireshark, Aircrack, Netstumbler, Snort, Forcepoint, Acunetix, Tor, KeePass, and TrueCrypt, SailPoint, CyberArk, Forefront Identity Manager, Zoho Vault, LogMen Pro, Okta Identity Management, OneLogin, Data Security Platform, Azure Active Directory, VMware Identity Manager.

Forensics/ Security tools: EnCase, FTK Imager, Sleuth Kit/Autopsy, Splunk, Aircrack, Cain and Abel, Tcpdump, Wireshark.

Antivirus: Total AV, McAfee, Norton, Avira, Avast, Bitdefender, AVG, Kaspersky.

Technical skills: Security and Risk Management, Project Management, Access Control, Cyber Forensics, Disaster Recovery Planning, Data Security, Security Policies, Mobile Device Security, Treat Detection, Security Configuration, COOP, BCP, DLP,DNS, DHCP, TCP/IP, BYOD, SOC, Identity and Access Management, CIRT, Security Architecture and Engineering, Asset Security, CERT, Communication and Network Security, Security Assessment and Testing , Data Privacy, Application Security, Security Control, Vulnerability, Computer Networking, Security Information and Event Management (SIEM).

PROFESSIONAL EXPERIENCE:

Cyber Security Analyst

Confidential, Alexandria, Virginia

Responsibilities:

• Provide high level of customer service, maintaining 98% satisfaction rating for the past three years.
• Develop incident response workflow for DLP incidents as raised through DLP tool.
• Define policy/rules for the DLP solution and refine them as DLP strategy matures. Analyze reports from DLP tool and provide metrics to management.
• Examined and evaluated computer software and hardware to uncover access attempts.
• Performed risk assessments to help create optimal prevention and management plans.
• Develop/Monitor basic IDS/IPS rules to identify and/or prevent malicious activity.
• Deliver DLP implementation project including full PLM deliverables: requirements
• Created help desk documentation with step-by-step instructions on problem solving and troubleshooting techniques.
• Manage operations within the IAM environment at the client, including application patching and upgrades and certificate management.
• Integrated SailPoint Identity IQ with multiple external databases and applications for provisioning and de-provisioning using Active Directory and LDAP.
• Configured and Deployed SailPoint Identity IQ for use in a multi-tenant network and security environment.
• Configuration & customization of Business Processes/Workflows for Provisioning and de-provisioning accounts across various internal and external systems in SailPoint IdentityIQ.
• Configured Account Aggregation and Account Group Aggregation in SailPointIdentityIQ.
• Execute and track security process related activities including User ID management.
• Updating existing access management and provisioning workflows.
• Establishes and maintains good working relationships with all IAM customers.
• Observe security solutions; SIEMs, firewall appliances, intrusion prevention systems, data loss prevention systems, analysis tools, log aggregation tools
• Document all activities during an incident and provide support with status updates during the life cycle of the incident.
• Provide information regarding intrusion events, security incidents, and other threat indications and warning information.
• Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.
• Analyze network flow data for anomalies and detect malicious network activity.
• Providing risk-based surveillance of organization information assurance programs to ensure compliance with stings and protection of information.
• Evaluate, assess and certify hardware, and software products prior to use on any accredited information system or network.
• Developing standard operating procedures (sops) for network system security operations and incident response.
• Identify and mitigate is incidents, threats, compromises, and vulnerabilities.
• Assisted with selection and implementation of controls that apply security protections to systems, processes and information resources using the Nist family of security controls.
• Work with developers, system/network administrators, and other associates to ensure secure design, development, and implementation of applications and networks.
• Works with clients to implement system security measures, assists with computer security plans and documentation and provides technical guidance and training.
• Assists with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.
• Provide technical and operational leadership for cyber-security incident response.
• Continuously improve maturity and operational efficiency of the team - including methodologies, processes, detection use cases and response playbooks.
• Provides incident remediation and prevention documentation.
• Implemented solutions reducing single points of failure and improving system uptime to 99.9% availability.
• Identified and patched hundreds of security vulnerabilities in production servers and network hardware.
• Assisted in development of enterprise-wide SharePoint strategy and educated management on the platform.

Confidential, Washington, District of Columbia

Active Directory Administrator/ Identity & Access Management

Responsibilities:

• Effectively led 40+ team members, including presentation of quarterly training to staff.
• Perform Identity and access management activities.
• Oversee the monitoring of system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and work with other IT functions on remediation Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.
• Creation of DLP policy, Data at rest scanning.
• RSA /Symantec DLP, Cyber Ark PIM.
• Execute and track security process related activities including User ID management.
• Manage operations within the IAM environment at the client, including application patching and upgrades and certificate management.
• Provide real-time guidance to clients on network configuration, security settings and policies, and attack mitigation procedures.
• Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics.
• Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.
• Updating existing access management and provisioning workflows.
• Manages the strategy and roadmap implementation for Identity and Access Management Platform Tools.
• Participate in development of roadmaps and participate in the standards process for Identity and Access Management (IAM) solutions.
• Hands-on architect and developer of a comprehensive IAM system that addresses the challenges of a very complex development and production environment.
• Initiated strategic processes for maintenance of software upgrades and server patches.
• Research and evaluate technology solutions and present recommendations for improved system operations.
• Maintain and support systems for data warehouse and business intelligence (BI) initiatives, including software, servers, and networks.
• Research and evaluate technology solutions and present recommendations for improved system operations.
• Created and maintained user account profiles and passwords, ensuring company-wide security.
• Conducted feasibility studies of Web-based applications and systems.
• Liaised with clients and vendors to resolve day-to-day problems and make process changes.
• Create data verification methods and comply with standard system procedures.
• Create data verification methods and comply with standard system procedures.
• Configured Group Policy Objects to create a secure Windows infrastructure and prepared detailed technical documentation for all elements of Windows infrastructure.
• Contributed third-level help desk support for problems related to Active Directory.
• Planned and executed Active Directory computer migration to new forest.
• Developed organizational units in Active Directory and managed user security with group policies.

Confidential

System Administrator

Responsibilities:

• Managed 75+ devices in a mixed-server environment, performing cross-platform audits of Active Directory objects and user permissions.
• Increased security and performance of systems, implementing anti-virus software and critical system updates.
• Trained employees on network operations, including log-in procedures, permissions, software, printing, and security.
• Consistently earned 100% issue resolution scores by providing excellent service to internal and external customers.
• Implement, Configure, Maintain, Fine Tune & Troubleshoot Symantec Data Leak Prevention (DLP) Solution.
• Understand and refine a Role Based Security framework. Produce schema designs and operational plans to enforce and maintain identity management workflows.
• Participate in development of roadmaps and participate in the standards process for Identity and Access Management (IAM) solutions.
• Hands-on architect and developer of a comprehensive IAM system that addresses the challenges of a very complex development and production environment.
• Work with the project teams on implementing the defined Policies within Access & Identity Management (AIM) solution.
• Created user training hub, cutting trouble tickets by 45%.
• Reduced workstation setup time by 45% by streamlining operation systems implementation and security properties configuration through development of disk-cloning procedure.
• Revamped NetBackup schedule and optimized system availability, averaging 99.9% uptime.
• Replaced major manufacturer’s vulnerable network with robust security through joint architecture of firewall and DHCP.
• Ensured all server hardware, operating systems, software, and procedures aligned with organizational standards and strategic business plan.