Cybersecurity professional with a passion for aligning security architecture plans and processes with security standards and business goals. Versed in robust network defense strategies. Self-motivated and deadline-oriented with a proven track record of on-time deliverables. Trained in DOD cyber threat and cyber defense practices with active DoD security clearance.
Education
Expected in 09/2021
Master of Science: Cybersecurity Technology University Of Maryland - Largo, MD, GPA:
Expected in
Bachelor of Science: Computer Networks And Cybersecurity University Of Maryland - Largo, MD, GPA:
Honors: Summa Cum Laude
Certifications
CompTIA Security+ (11/2020)
CompTIA Network+ (7/2020)
DoD Cyber Crime Center - Digital Forensics Examiner (8/2020)
DoD Cyber Crime Center - Digital Media Collector (8/2020)
Work History
06/2021 to Current
Information Security AnalystActionet, Inc. – Fort Belvoir, VA,
Overhauled enterprise security by adding more security tools to the environment, such as: Carbon Black App Control, Carbon Black EDR, and replaced Symantec with Windows Defender ATP.
Configured and deployed Carbon Black EDR - hosted, enterprise-wide, to laptops, desktops, servers, and persistent and non-persistent VDI to improve the visibility into the activities on devices; which led to the discovery of malicious actors laterally moving across the network, performing reconnaissance, leveraging service accounts, and stealing domain administrators credentials.
Key member of a 90-day incident response team to contain, eradicate, and recover from security breaches. Actively drafting and compiling materials for the lessons learned phase.
Configured and deployed Carbon Black App Control; and continuously monitor, maintain, and respond to alerts in regards to detection of malicious files and/or processes.
Conducted thorough testing of Symantec and Windows Defender ATP before recommending to fully replace Symantec with the latter. Configured Endpoint Protection, Antivirus, and Configuration Profiles within the Microsoft Endpoint Manager; ensured proper user Intune licensing in Azure AD, trained 75+ SOC tier 1 and 2 help desk professionals to utilize Windows Defender, and continuously monitor health of devices and respond to alerts escalated to SOC tier 3.
Respond to imposter, phishing, and suspicious email attachments and links that bypass Proofpoint EFD. Review, analyze, and block email senders and/or domains attempting to send malicious emails to the organization's end users.
In informal oversight role- advised, directly engineered, and oversaw the deployment of LAPS to laptops and desktops via GPO.
Created and configured Cisco Umbrella and Zscaler policies to implement proper web content filtering, including adding suspicious and malicious domains to the organizational blacklist.
Review SIEM logs in Alert Logic for the purposes of detecting anomalies, or in support of an ongoing investigation, for additional context and/or visibility.
Lead Tier3 Cybersecurity Analyst responding to the user logons from suspicious and infrequent locations, such as foreign countries, leveraging Microsoft Cloud App Security.
Continuously perform vulnerability scanning via Nessus/Tenable, review scanned subnets to ensure 100% coverage, and evaluate, assess, and remediate detected vulnerabilities.
Implement Duo MFA for all accounts; including the service accounts utilized for RDP sessions and external vendor accounts. Continuously audit users in the bypass groups and authorized networks within Duo console, as well as ensure proper Duo and AD synchronization.
Ongoing audit of AD to ensure the best security practices are followed, all necessary forms of logging are enabled, over-privileged accounts are identified and corrected, and ensure unused accounts are disabled in a timely manner.
Regular collaboration with SCCM engineers to ensure security tools are configured to track, detect, and alert any suspicious modifications of registry entries.
05/2020 to 05/2021
Information Security AnalystActionet, Inc. – Greenbelt, MD,
Conducted security audits to identify vulnerabilities.
Recommended improvements in security systems and procedures.
Performed risk analyses to identify appropriate security countermeasures.
Reviewed violations of computer security procedures and developed mitigation plans.
Active Directory user and group provisioning, transfered FSMO roles, monitored synchronization and replication, joined non-windows OS devices to the domain, and performed Active Directory Services administration and management to include design, cleanup, and routine maintenance and configuration.
Researched, developed, implemented, updated, and maintained Group Policy Infrastructure and Objects, such as: disabling SMB1, SSLv2 and v3, organizing OU structure, and leveraging GPOs to apply changes enterprise-wide.
Managed organization's Sophos antivirus solution, monitored suspicious activity in the console, reviewed and responded to alerts, configured and ensured daily signature updates, and applied requested and necessary exclusions/exceptions.
Implemented Sophos DLP solution to ensure compliance with PCI-DSS and prevented the misuse or loss of sensitive data. Initial configuration was in audit-mode only for 90 day after which granular policies were built to fully customize the solution to the needs of the company.
Worked daily on PKI infrastructure; generated and purchased wildcard and SAN certificates; obtained, renewed, and managed global CA LE (Let's Encrypt) SSL/TLS certificates for 2500+ websites.
DNS Management via DNS Made Easy by creating and modifying A, AAAA, CNAME, TXT, and MX records for the purposes of ensuring proper site pointing, and utilized DNS failover feature to comply with the SLA 99.99% availability guarantees to the customers
Served as a key member of the company’s Information Security Compliance Program by supporting evidence collection, working with external auditors, conducting internal audits, and monitoring company’s records and data in order to ensure compliance with PCI-DSS requirements.
Coordinated all incident response team activity, kept the team focused on minimizing damage and recovering quickly, collected and analyzed all evidence, determined the root cause, and implemented rapid system and service recovery during DoS, Ping-of-Death, and illegitimate website crawling.
Maintained hardware equipment at the office and data center, actively participated in data center reconstruction with introduction of new Ubiquity switches and Pfsense firewalls, and maintained 100+ laptops with RAM and OS upgrades.
IT Operational Security activities: patching, vulnerability management, monitor production servers health, update the system inventory and network diagram for 125+ servers.
Created a security baseline for servers, ordered server parts, built servers from scratch, performed clean installation of Windows OS, and ensured proper initial configuration of servers.
Created 25+ Hyper-V virtual machines for: jump box between the DMZ and production environment, QA testing, and patch deployment validation.
Drafted 50+ technical and installation manuals, procedures, policies, and incident response plans in a bid to enhance system security documentation and created required system compliance reports in accordance with PCI-DSS requirements.
Experience with IIS 8.5 activities: adding, removing, and modifying bindings, maintaining and managing centralized and server certificate stores, and blocking malicious bots via URL rewrite feature.
Improved security posture by extensively configuring SNORT to ensure it was fully customized to block malicious actors while permitting access for legitimate bots that significantly increase the revenue, such as Google, Microsoft, and Amazon bots, by analyzing ruleset false positive blocks with associated legitimate IPs followed by ruleset re-configuration.
07/2015 to Current
Petty Officer Second ClassUnited States Navy - Reserves – City, STATE,
LCS SUW Atlanta - Unit’s cybersecurity representative
Troubleshooted security and network issues during drill weekends
Participated in an annual anti-terrorism and cybersecurity military training for six consecutive years
Drafted messages and reports ensure mandated PII requirements are followed and adhered to.
Completed the US Navy SRF-B, Security Reaction Force, Training
Mentored and supervised 25+ personnel within unit, providing positive guidance for professional and personal development.
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.
How this resume score could be improved?
Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:
