Information Security Analyst Resume Example

Love this resume?

By clicking Build Your Own Now, you agree to our Terms of Use and Privacy Policy

Jessica Claire
Montgomery Street, San Francisco, CA 94105 (555) 432-1000,
Professional Summary

Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for cloud-based software. Versed in robust network defense strategies.

  • McAfee ePolicy Orchestrator
  • Host Based Firewall
  • Vulnerability Assessment and Management
  • Rapid 7
  • Qualys
Work History
05/2019 to Current Information Security Analyst Synovus Financial Corp. | Covington, GA,
  • Implementation starting from Design, Installation, Administration, Monitoring, Upgrading ePolicy Orchestrator (ePO) and McAfee Endpoint Security Protection enterprise suite.
  • Managing on Virus Scan Enterprise (VSE), Policy Auditor (PA), Drive Encryption (MDE), Rogue System Detection (RSD), Data Loss Prevention (DLP), Threat prevention (TP) and Adaptive threat prevention (ATP), and maintaining them on multiple devices like Windows/Linux/MAC.
  • Monitored network servers, conducted workstation administration, managed workstation and server deployments, conducted backup & patch management.
  • White box test done by using Fortify, Engage with Penetration Testers validate false positives, Perform secure code review of the codebase.
  • Experience with the Splunk Phantom SOAR Proof of Value (POV) project and participate in testing the out-of-the-box use cases.
  • Hands-on experience with security devices like Firewall, IPS/IDS, Routers, Web Proxy, UTM, and Endpoint solutions of all major vendors
  • Participate in after-hours maintenance calls to coordinate patching and upgrades, document results, and communicate the results of maintenance to customers.
  • Strong knowledge and experience in Symantec DLP workflow & architecture.
  • DLP Profile deployment report for detecting servers and Update DLP policies – Incident Analysis.
  • Defined AWS Security Groups which acted as virtual firewalls that control the incoming traffic and configured the traffic allowing reaching one or more AWS EC2 instances Virtual private cloud (VPC), subnets, Internet Gateways.
  • Disaster recovery practice experience.
  • Handling Symantec Encryption Desktop-related tickets or issues.
  • Experience working with Splunk SIEM tool to monitor logs from the endpoint and Serbs for troubleshooting any open issues.
  • Worked on Endpoint firewall policies for lateral movement and conducted penetration testing.
09/2018 to 04/2019 Penetration Tester Kpmg | Salt Lake City, UT,
  • Performed Static and Dynamic Analysis and Security Testing (SAST and DAST) for various applications as per the firm's security standards (i.e., OWASP, SANS 25).
  • Executed daily vulnerability assessments, threat assessment, mitigation, and reporting activities to safeguard information assets and ensure protection has been put in place on the systems.
  • Actively monitored and responded to activity impacting various enterprise endpoints facilitating network communication and data handling (McAfee End Point Security, DLP,).
  • Gather testing tools and methodologies and perform step by step Penetration testing by enumerating information.
  • Implementation and evaluation of products for new requirements and improve current services. Websense and NetApp Netcache and Smart filters
  • Deploy network hardware technologies, especially Juniper SRX-210 and Checkpoint firewalls
  • Provided backline support for escalated cases for Websense customers, including Level 3/Tier 3 support
  • Managed and tuned Splunk Phantom SIEM, SOAR, and Cisco Firepower IPS Gateways
  • Good Experience in Metasploit Framework and Social Engineering.
  • Handling responsibilities for CSIRT included SIEM, Context Filtering, Web Security Service, Incident Tracking, IPS/IDS, and Malware Analysis.
  • Experienced in Dynamic Application Security Testing (DAST) & Static Application Security Testing (SAST)
  • Performed real-time proactive Security monitoring and reporting on various Security enforcement systems, such as McAfee NITRO (SIEM), Anti-virus, Internet content filtering/reporting, malware code prevention, Firewalls, IDS& IPS, Web Security service, Anti-spam, etc.
  • Proficient with security tools and platforms such as IDS/IPS, SIEM (Arc Sight, Splunk), A/V, ProxySG
  • Conduct Malware analysis and investigate behavioral characteristics of each incident utilizing IDS monitoring tools.
  • Experienced with McAfee ePO, Nitro, Web gateway, DLP, Bluecoat Websense, ForcePoint, Proofpoint, Trend Micro, Necrose (Rapid7), and Splunk Enterprise SIEM security tools to monitor network environment.
  • Monitor and investigate SOC incidents and alerts with McAfee EPO.
04/2018 to 08/2018 Cybersecurity Analyst Bank Of The West | Minneota, MN,
  • Designing architecture, implementation, and Troubleshooting Cyber Security solutions like McAfee, HP ARC SIGHT SIEM, IBM Q Radar, and Splunk Solution.
  • Conducted onsite penetration tests from an insider threat perspective.
  • Created IBM QRadar trend dashboards for investigations
  • Migration of Data Center and Perimeter Security technologies to Cloud security Technologies.
  • Designing architecture, implementation, and Troubleshooting Vulnerability Assessment and Penetration testing solutions using Nessus, Nmap, and Qualys.
  • Performed host, network, and web application penetration tests.
  • Maintain McAfee ePO environment in optimum performance and compliance standards.
  • Documentation regarding DLP administration, scanning, reporting, and remediation.
  • Analysis of Offenses created based on vulnerability management tools such as Rapid7
  • Developed Black Box Security test environments & conducted tests as part of the team for precautionary measures.
  • Developed approaches for industry-specific threat analyses, application-specific penetration tests, and the generation of vulnerability reports.
  • Performed Vulnerability Assessments and Data Classification and their impacts.
  • Use Splunk Enterprise Security to configure correlation search, key indicators, and risk scoring framework.
  • Performed application security and penetration testing using IBM AppScan.
01/2014 to 07/2017 Junior Security Analyst Gannett Fleming | Los Angeles, CA,
  • Testing, troubleshooting, level II support, documentation, training, and technical expertise are services provided.
  • Risk Assessment using Cyber Security Frameworks like NIST, OCTAVE, GLBA
  • Assisted Lead Auditors in Audit data collection and Documentation.
  • Create a custom reporting dashboard to show the trending.
  • Created checklists and collected audit data for compliance with SOX and PCI certifications
  • Installed, configured, and updated Linux machines, with Red Hat and CentOS. Won two quarterly awards for my willingness and ability to work outside my specialty and assist other departments.
  • Resolved security vulnerabilities by analyzing and recommending improvements in communications and network security at the component level
  • Ensured business continuity by designing, implementing, and testing disaster recovery systems
  • Created checklists and collected audit data for compliance with SOX and PCI certifications
  • Developed, implemented, and verified security policy and access management compliance
  • Monitored system performance and prevented resource exhaustion using SSH, sar, vmstat, iostat, netstat, and nmon.
  • Managed, monitored, and tested individual and group user access privileges and security
  • Reviewed LAD configuration and Managed daily activities to include user support and system administration tasks
  • Analyze Pre-Implementation network documents for Firewall requests, SEC- ACLs, and AppSense requests.
  • Given Information Security oversight and guidance to businesses needing 3rd party connectivity as it relates to the company's Information Security Standards and IS Policies.
  • Recommend improvements in security systems and procedures.
  • Monitored use of data files and regulated access to protect secure information.
  • Reviewed violations of computer security procedures and developed mitigation plans.
  • Conducted security audits to identify vulnerabilities.
  • Performed risk analyses to identify appropriate security countermeasures.
Expected in 12/2018 Master of Science | Cybersecurity And Forensic Sacred Heart University, Fairfield, CT GPA:
Expected in 07/2017 Bachelor of Science | Computer Science And Engineering Manav Rachna International University, New Delhi, GPA:

By clicking Build Your Own Now, you agree to our Terms of Use and Privacy Policy

Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.

How this resume score could be improved?

Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:


Resume Strength

  • Formatting
  • Length
  • Measurable Results
  • Personalization
  • Strong Summary
  • Target Job

Resume Overview

School Attended
  • Sacred Heart University
  • Manav Rachna International University
Job Titles Held:
  • Information Security Analyst
  • Penetration Tester
  • Cybersecurity Analyst
  • Junior Security Analyst
  • Master of Science
  • Bachelor of Science

Similar Resume

View All
Information Security Analyst
Information security analyst
Information Security Analyst