information security analyst resume example with 6+ years of experience

Jessica Claire
  • Montgomery Street, San Francisco, CA 94105 609 Johnson Ave., 49204, Tulsa, OK
  • H: (555) 432-1000
  • C:
  • Date of Birth:
  • India:
  • :
  • single:
Professional Summary

Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for cloud-based software. Versed in robust network defense strategies.

  • McAfee ePolicy Orchestrator
  • Host Based Firewall
  • Vulnerability Assessment and Management
  • Rapid 7
  • Qualys
Work History
Information Security Analyst, 05/2019 - Current
Synovus Financial Corp. Covington, GA,
  • Implementation starting from Design, Installation, Administration, Monitoring, Upgrading ePolicy Orchestrator (ePO) and McAfee Endpoint Security Protection enterprise suite.
  • Managing on Virus Scan Enterprise (VSE), Policy Auditor (PA), Drive Encryption (MDE), Rogue System Detection (RSD), Data Loss Prevention (DLP), Threat prevention (TP) and Adaptive threat prevention (ATP), and maintaining them on multiple devices like Windows/Linux/MAC.
  • Monitored network servers, conducted workstation administration, managed workstation and server deployments, conducted backup & patch management.
  • White box test done by using Fortify, Engage with Penetration Testers validate false positives, Perform secure code review of the codebase.
  • Experience with the Splunk Phantom SOAR Proof of Value (POV) project and participate in testing the out-of-the-box use cases.
  • Hands-on experience with security devices like Firewall, IPS/IDS, Routers, Web Proxy, UTM, and Endpoint solutions of all major vendors
  • Participate in after-hours maintenance calls to coordinate patching and upgrades, document results, and communicate the results of maintenance to customers.
  • Strong knowledge and experience in Symantec DLP workflow & architecture.
  • DLP Profile deployment report for detecting servers and Update DLP policies – Incident Analysis.
  • Defined AWS Security Groups which acted as virtual firewalls that control the incoming traffic and configured the traffic allowing reaching one or more AWS EC2 instances Virtual private cloud (VPC), subnets, Internet Gateways.
  • Disaster recovery practice experience.
  • Handling Symantec Encryption Desktop-related tickets or issues.
  • Experience working with Splunk SIEM tool to monitor logs from the endpoint and Serbs for troubleshooting any open issues.
  • Worked on Endpoint firewall policies for lateral movement and conducted penetration testing.
Penetration Tester, 09/2018 - 04/2019
Kpmg Salt Lake City, UT,
  • Performed Static and Dynamic Analysis and Security Testing (SAST and DAST) for various applications as per the firm's security standards (i.e., OWASP, SANS 25).
  • Executed daily vulnerability assessments, threat assessment, mitigation, and reporting activities to safeguard information assets and ensure protection has been put in place on the systems.
  • Actively monitored and responded to activity impacting various enterprise endpoints facilitating network communication and data handling (McAfee End Point Security, DLP,).
  • Gather testing tools and methodologies and perform step by step Penetration testing by enumerating information.
  • Implementation and evaluation of products for new requirements and improve current services. Websense and NetApp Netcache and Smart filters
  • Deploy network hardware technologies, especially Juniper SRX-210 and Checkpoint firewalls
  • Provided backline support for escalated cases for Websense customers, including Level 3/Tier 3 support
  • Managed and tuned Splunk Phantom SIEM, SOAR, and Cisco Firepower IPS Gateways
  • Good Experience in Metasploit Framework and Social Engineering.
  • Handling responsibilities for CSIRT included SIEM, Context Filtering, Web Security Service, Incident Tracking, IPS/IDS, and Malware Analysis.
  • Experienced in Dynamic Application Security Testing (DAST) & Static Application Security Testing (SAST)
  • Performed real-time proactive Security monitoring and reporting on various Security enforcement systems, such as McAfee NITRO (SIEM), Anti-virus, Internet content filtering/reporting, malware code prevention, Firewalls, IDS& IPS, Web Security service, Anti-spam, etc.
  • Proficient with security tools and platforms such as IDS/IPS, SIEM (Arc Sight, Splunk), A/V, ProxySG
  • Conduct Malware analysis and investigate behavioral characteristics of each incident utilizing IDS monitoring tools.
  • Experienced with McAfee ePO, Nitro, Web gateway, DLP, Bluecoat Websense, ForcePoint, Proofpoint, Trend Micro, Necrose (Rapid7), and Splunk Enterprise SIEM security tools to monitor network environment.
  • Monitor and investigate SOC incidents and alerts with McAfee EPO.
Cybersecurity Analyst, 04/2018 - 08/2018
Bank Of The West Minneota, MN,
  • Designing architecture, implementation, and Troubleshooting Cyber Security solutions like McAfee, HP ARC SIGHT SIEM, IBM Q Radar, and Splunk Solution.
  • Conducted onsite penetration tests from an insider threat perspective.
  • Created IBM QRadar trend dashboards for investigations
  • Migration of Data Center and Perimeter Security technologies to Cloud security Technologies.
  • Designing architecture, implementation, and Troubleshooting Vulnerability Assessment and Penetration testing solutions using Nessus, Nmap, and Qualys.
  • Performed host, network, and web application penetration tests.
  • Maintain McAfee ePO environment in optimum performance and compliance standards.
  • Documentation regarding DLP administration, scanning, reporting, and remediation.
  • Analysis of Offenses created based on vulnerability management tools such as Rapid7
  • Developed Black Box Security test environments & conducted tests as part of the team for precautionary measures.
  • Developed approaches for industry-specific threat analyses, application-specific penetration tests, and the generation of vulnerability reports.
  • Performed Vulnerability Assessments and Data Classification and their impacts.
  • Use Splunk Enterprise Security to configure correlation search, key indicators, and risk scoring framework.
  • Performed application security and penetration testing using IBM AppScan.
Junior Security Analyst, 01/2014 - 07/2017
Gannett Fleming Los Angeles, CA,
  • Testing, troubleshooting, level II support, documentation, training, and technical expertise are services provided.
  • Risk Assessment using Cyber Security Frameworks like NIST, OCTAVE, GLBA
  • Assisted Lead Auditors in Audit data collection and Documentation.
  • Create a custom reporting dashboard to show the trending.
  • Created checklists and collected audit data for compliance with SOX and PCI certifications
  • Installed, configured, and updated Linux machines, with Red Hat and CentOS. Won two quarterly awards for my willingness and ability to work outside my specialty and assist other departments.
  • Resolved security vulnerabilities by analyzing and recommending improvements in communications and network security at the component level
  • Ensured business continuity by designing, implementing, and testing disaster recovery systems
  • Created checklists and collected audit data for compliance with SOX and PCI certifications
  • Developed, implemented, and verified security policy and access management compliance
  • Monitored system performance and prevented resource exhaustion using SSH, sar, vmstat, iostat, netstat, and nmon.
  • Managed, monitored, and tested individual and group user access privileges and security
  • Reviewed LAD configuration and Managed daily activities to include user support and system administration tasks
  • Analyze Pre-Implementation network documents for Firewall requests, SEC- ACLs, and AppSense requests.
  • Given Information Security oversight and guidance to businesses needing 3rd party connectivity as it relates to the company's Information Security Standards and IS Policies.
  • Recommend improvements in security systems and procedures.
  • Monitored use of data files and regulated access to protect secure information.
  • Reviewed violations of computer security procedures and developed mitigation plans.
  • Conducted security audits to identify vulnerabilities.
  • Performed risk analyses to identify appropriate security countermeasures.
Master of Science: Cybersecurity And Forensic, Expected in 12/2018
Sacred Heart University - Fairfield, CT
Status -
Bachelor of Science: Computer Science And Engineering, Expected in 07/2017
Manav Rachna International University - New Delhi,
Status -

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • Sacred Heart University
  • Manav Rachna International University

Job Titles Held:

  • Information Security Analyst
  • Penetration Tester
  • Cybersecurity Analyst
  • Junior Security Analyst


  • Master of Science
  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: