SUMMARY:

Always looking to advance my skills and learn more as well as teach what I know to help others grow. I love what I do and knowing that the possibilities are endless makes it more exciting …. “Cyber security, Project/Risk Management, Compliance, Penetration testing, Financial Acumen”

COMPUTER SKILLS:

• Python, Bash, PowerShell, SQL
• C#, Microsoft Visual Basic®, Java
• Acunetix, Microsoft Project, Tripwire/IP360, Tenable, Project Libre, Visio, Pac2000, SharePoint, Peoplesoft & Nexus, Continuous monitoring, GIS Ware, cloudera, Hadoop, Apache, Miscrosoft application, endpoint, Security API’s, shodan API + Nmap and others.
• Hacking (Blackhat/White hat), Risk management, compliance, project management, hardware engineering, software DAST/SAST Testing, vulnerability management/Remediation, Global information analyst, Data processing, Auditing, Cyber security operations and management. Programing, Hadoop,
• Windows & Linux platforms, Servers, Web applications, proxy tools, log tools familiar with R.U.P Rational Unit Processing Tool. DSDM Method Dynamic systems development, others as well.
• Peoplesoft, Microsoft suit, Alchemy works projects., Quire, TW project. Unifi. Other project management software. Ant charts, project charter, scope, deliverables using Office suites and other. Other tools not listed. Pick up on new tools very fast 24 - hour expert turn around on new tools. Smartsheet to manage projects.
• NERC CIP, sox 404, PCI-DSS, NIST 800- Confidential, COBIT, ISO, AND OTHERS. CCM. XPM, Lean, Scrum, Waterfall, Scrum, ERM, FISM, Study and research of other Frameworks as well.

EXPERIENCE

Lead Cyber Security Analyst/Project Manager

Confidential, Charlotte, NC

Responsibilities:

• Managed Risk assessment projects dealing with Confidential, Asia and online banking.
• Present findings and correlated to Stake holders and remote communication with others. Business Acumen, Business process flow using Visio, eliminating ambiguity, ERP Enterprise resource planning. Business acumen. Conflict resolution. Confidential . continuous monitoring portal.
• Vulnerabilities that effect the business process.
• Hadoop, Cloud AWS, Enterprise Risk Management, sox2, 404, pci, NIST, cobit, others.
• Would wear multiple hats to correlate with the engineers, risk accessors, auditors, cloud, and GIS Team, not just relay what needs to be done or missing, but also hamds on as needed with each team. In person and remote communications.
• Scan for vulnerabilities using tripwaire, nexus, qualsys, burp suit, Beef, Acunetix and others, research vulnerability, report potential hazards cause, find exploits for vulnerability, give how exploits works, write a fix for vulnerabilities and load information to in house database for others to look up. Also initiate fixes for vulnerabilities and escalate if no fix is found.
• Continuous monitoring, finding higher risk with in assessments across an enterprise structure that disputed the business process. Setting scope. Creating documents. Main was Cash pro, Asia payments and online banking, business & Financial Acumen.
• Project managed Project, Gantt charts, risk registries, Creation of templates. Guided and trained 8 analysts in Risk and compliance in NIST 800, PCI-DSS and other Frameworks. Work flow charts Change management. Risk management.
• Manage Project Scope, Timeline and Budget/Expenses, project charter, audit forms.
• Obtain and align resources to key project roles; establish clearly defined responsibilities and accountabilities. Collaborate, contribute, consume and create knowledge around topics such as data extraction and analysis tools (MS Access, MS Excel, CAATs, etc.), audit sampling methodologies & techniques, report writing, and resource planning. Little time with vendors but only as needed as there is a specific team for that.
• Oversight/Manage/Lead project execution, integration and implementation, Project stakeholder, procurement, Risk, Communications, Human resources, Quality, Cost, scope, integration and Time Management areas of PM.
• Readiness/Change Adoption/Stakeholder Management, present and review finding and mediation with stake holders. Create scripts to coordinate upgrades and patches to enterprise systems company wide.
• Release Deployment Planning. work flow charts, waterfall, agile and other methods for life cycle and planning. Creat excel spread sheets with automation for vulnerability management and mitigation.
• User Acceptance Testing in software development team, assuring risk involved are mitigated, resolved and standards are in place, firewall rule writing and implementation on IDS/IPS
• Quality Assurance ensure that all applicable change requirements are satisfied
• Acts as the primary point of contact and integration for the project. Worked unsupervised by Sr VP. Priority decision making.

Project manager / Security Analyst / Systems engineer

Confidential

Responsibilities:

• Partner with business and technology to complete their IT risk control agenda, leveraging internal resources and processes as appropriate. Partner with the rest of the cybersecurity organization to ensure program consistency, develop information security risk strategies, implement action plans, and recommend policy and procedural changes for risk avoidance and mitigation. Provide subject matter expertise, guidance and direction into Information Technology policy, standards and controls and IT Risk programs. Provide subject matter consulting for ad hoc guidance requests involving IT risk. Communicate the practical implications of IT risk treatment decisions to business and technology individuals. Track risk mitigation activities to ensure accurate and appropriate reporting to ensure that leadership is informed in a timely manner. NIST) Determine current security capabilities, set individual goals for a target state and establish a plan for improving and maintaining security programs. Implement NIST framework for Improving Critical Infrastructure Cybersecurity. Cybersecurity framework.
• Change management, work flow chart, risk, vulnerability, Threat Assessments. Collaborate, contribute, consume and create knowledge around topics such as data extraction and analysis tools (MS Access, MS Excel, CAATs, etc.), audit sampling methodologies & techniques, report writing, and resource planning
• Microsoft Project to work Gantt charts and managing risk and information security, scoping assessments. SAP Systems Application Product, use of Ariba cloud to search and purchase orders from venders, use of Ariba to also Maintain products and sells.
• Penetration testing, Network Architecture design and implementation of new networks. Designed Templates to insert assessment findings project information. WebEx for meetings and presentations.

Cyber Security, Communications Specialist/ Hacker

Confidential

Responsibilities:

• Top secret clearance. Combat operations IN Signals and info sec operations. Worked with NERC CIP, Tripwire, Tenable and IP360 Enterprise 8.6..
• Penetrate, Infiltrate networks, Firewalls, Mobile devices and Web applications using various tools: Burp suit, Metasploit, python, Bash, Proxy attack tools
• Confidential Cyber security Compliance Standards Confidential .
• Confidential, Kill Chains, red team and blue teaming. DLP, top 20 sec standards, owasp top 10, constant research on the newest exploits. How, when, where, reverse engineering attacks to understand how and where they originated.
• Perform duties as subject matter expert to address requirements listed in National Industrial Security Program Operating Manual (NISPOM), Intelligence Community Directives (ICD) and the Office of Designated Approving Authority ( Confidential ) Process Manual

Project Manager

Confidential

Responsibilities:

• Gantt chart, Logic Network, Confidential chart, Product Breakdown Structure and Work Breakdown Structure standard tools used in project planning of million-dollar construction profiles. Interpret Blue prints, also able to auto cad drawings on Confidential 2000. Can read and understand blue prints in expert level, field and shop
• Dealt with welders and iron workers, continual safety meetings, train and log employs hours to send to accounting. Hired new talent, change management, scoping project. Scrum/Agile.
• Budgeting, financial scope, used people soft Program management to plan the work, assign resources, forecast to completion Communicate with stakeholders more easily, enable team members to collaborate in their efforts to review and complete project work.

Vulnerability Management & App support

Confidential, Charlotte, NC

Responsibilities:

• Using Tenable and IP360, Tripwire to control vulnerabilities and mitigate them by severity.
• Application support for tripwire, research and understand all aspects up tripwire and trouble shooting as well as find other ways to automate practices. Would help other teams with in cyber security as well for any projects dealing with Nessus tools vulnerability management, risk and compliance in NERC standards.
• Confidential . Read understand and implement nerc standards in daily task with in cyber security.