PROFESSIONAL SUMMARY:

Sr. Cybersecurity Analyst with over 10 years of experience in Information Technology with more than 5 years specializing in Security Operation Center (SOC), Network Operation Center (NOC), Vulnerability Assessments, Penetration Testing, Data Loss Prevention, and Malware analysis. Experienced in managing and protecting enterprise information systems, network system and operational processes through Information Assurance.

TECHNICAL SKILLS:

Systems & Applications: Windows Server Domains, VMWare, Virtual Center, Email Exchange, Storage & Backups, Monitoring ( Confidential ) Orion, Web Server, Apache, Databases (SQL, MySQL).

Network: LAN/WAN, TCP/IP, Cisco ASA, VPN Tunnels, L2/Remote Access, VLANs, Access - Lists, Cisco 3750X/45000/4506E, Cisco Wireless Controllers, Airwatch, BlueCoat Proxy, Cisco Call Manager, Express, and Unity.

Security: DDoS Abor Peakflow, RSA Security Analytics, Q1 Radar, Splunk (SIEM), Fidelis XPS, Confidential NSM, RSA/Symantec Data Loss Prevention (DLP), FireEye (Malware Protection, Endpoint HX, Web MPS), Bit9, Confidential (ePO,IPS), Trend Micro, TippingPoint (IPS), Sophos, Cisco IronPort, Fidelis XPS, RSA Archer GRC, RSA TokenID, eCat, QualysGuard, Pablo Alto, Confidential, NetQoS, ForeScout CounterACT.

PROFESSIONAL EXPERIENCE:

Confidential, Alpharetta, GA

Senior Cyber Security Analyst

Responsibilities:

• Analyze, investigate and respond to security events and incidents from IDS/IPS, SIEM, Firewall, Splunk, Log analysis, DLP, malware analysis and forensics tools (FireEye, Bit9, Security Analytics, Fidelis XPS and Wireshark).
• Review and analyze security event logs and security appliance logs. Review and investigate incident tickets escalated from Level I & II analysts for security risk.
• Regularly work with the Tier 3 Comouter Incident Response Team (CIRT) to discuss and potentially escalate critical incidents after initial triage.
• Analyze network traffic to determine if security alerts are true positive or false positive and perform research on malware through best practices such as FireEye to track possible root and cause.
• Review and respond to InfoSec incidents and problems to collect metrics, recommend and support implementation of solutions, suggest process improvements and conducts root cause analysis.
• Monitor and analyze real-time security alert analysis and (DDoS) mitigation response attacks using tools and techniques (Arbor Peakflow, Confidential, and Dynatrace Application Monitoring).
• Monitor the security of critical systems (e-mail, database, web servers) and change to highly sensitive computer security controls to ensure appropriate system administrative actions.
• Helped to build, implement and deploy data security solutions using Confidential ePO, DLP and FireEye HX Endpoint security.

Confidential, Cincinnati, OH

Sr. Security Analyst Consultant

Responsibilities:

• Performed in-depth systems and network security analysis of intrusions to the network, applications, operating systems, firewalls, proxy servers, malware and intrusion detection/analysis using multiple tools such as Confidential ePO, FireEye HX, RSA Security Analytics (SIEM), Splunk, Data Loss Prevention (DLP), Qualys Scanner etc.
• Executed response and mitigation procedures for a myriad of potential security incidents escalated from U.S. Bank's Tier 1 SOC and create reports to reflect on our detection and mitigation strategies.
• Monitored security threats to the network and responded to major incidents including DDoS, Brute Force and various other types of malware.
• Supported daily triage of incoming incidents (phishing, email spam, malware, exploits) to identify appropriate mechanisms to contain and mitigate risk.
• Upgraded a Symantec/RSA DLP system to the latest version and pushed out new client agents.
• Worked with leadership to develop a security program that follows business objectives and helps meet PCI DSS requirements.
• Monitored, analyzed and reported (DLP) events for Confidential ’s customers and configured (DLP) program to work with RSA Envision, Archer, SIEM, and SharePoint.
• Reviewed and validated security events as positive or false positive and follow an incident response process to log incidents and begin resolution.

Confidential, Merrimack, NH

Network Security Specialist

Responsibilities:

• Researched, procured and implemented various best of breed network security tools to ensure GT can defend itself against APTs, malware, phishing, and threats against our intellectual property.
• Helped to implement and deploy data security solutions using IBM QRadar SIEM, RSA/ Confidential Data Loss Prevention, TrendMicro AV and Bit9.
• Performed vulnerability assessment and penetration tests on internal systems and external network with the use of popular penetration testing tools (Core Impact, Qualys, Nessus, NMAP and Wireshark).
• Reviewed, analyzed and correlate malware, security events and reported and performing data and risk thought various tools IBM QRadar SIEM, Splunk, Fireeye, Carbon Black (Bit9) to identify suspicious and malicious activities.
• Performed monthly server patching using Shavlik and endpoint patching using Microsoft Windows SCCM.
• Managed and configured Blue Coat ProxySG appliance used for web filtering, data loss prevention, inspection, and visibility of SSL-encrypted traffic, content caching, and bandwidth management.

Confidential, Boxborough, MA

IT Systems Administrator

Responsibilities:

• Provided remote advanced analyzing of network diagnostics and troubleshooting for 500 customers up to date.
• Monitored and verified intrusion security logs with Confidential .
• Managed and installed of anti-virus and anti-malware software including Trend Micro WFBS and Confidential .
• Installed and managed RSA TokenID clients for Windows servers and end-users.
• Managed and troubleshoot system backups and recovery using CommVault, and Symantec Backup Exec.

Confidential, Andover, MA

Systems/ Server Administrator

Responsibilities:

• Provided technical support of corporate LAN/WAN environment as well as escalated technical support issues
• Monitored network and servers with Confidential and Confidential SiteScope and helped address any issues that arose.
• Set up and performed antivirus and malware scanning with Confidential and Confidential for end-users.
• Assisted network engineer with network troubleshoots to isolate and diagnose common network problems.

Confidential, Chelmsford, MA

Desktop Support Technician

Responsibilities:

• Performed installations, configurations, upgrades, and support for systems and users on Windows OS, Windows Servers, and Mac OS.

Confidential, Nashua, NH

PC Technician

Responsibilities:

• Diagnosed, troubleshot and resolved client issues with hardware maintenance, installations and upgrades.