Senior Information Security Analyst resume example with 13+ years of experience
JessicaClaire
Montgomery Street, San Francisco, CA94105(555) 432-1000, resumesample@example.com
Professional Summary
To pursue my interest and make my own mark in the field of Information Security/ Information Systems Audit
Core Qualifications
ISO 27001 Audits, Application Security, Cyber Forensics, Incident Response & Vulnerability Assessment Operating Systems: Workable knowledge of Linux Operating system, Windows 2012 Server
Network Scanners: Nmap, Wireshark, Vulnerability Scanners: McAfee Foundstone, Nessus, Retina Wireless Scanners: Netstumbler Application Security Tools: Burp, Fiddler, ZAP, SwfInvestigator, DirBuster Cyber Forensics Skills: S-Tools, WinHex, PC Inspector, PGP Systems Applications: Windows Active Directory, McAfee Antivirus, McAfee Host Intrusion Prevention System (HIPS), McAfee E-Policy Orchestrator (Anti-Virus Management Console)
Microsoft Applications: Word, Excel, PowerPoint, Outlook.
PROFESSIONAL STRENGTHS:
Event Management, Team Player, Honesty, Hard work, Patience
Accomplishments
Cyber Crime Investigation Course Solved various Cyber Crime cases consisting of online fraud, terrorist cases, e-mail threats PGP encryption & decryption, steganography, password recovery, data recovery, social engineering etc Traced, tracked and analyzed emails Familiarized with various sections under the Indian Penal Code & the Information Technology Act 2000.
Experience
06/2011 to PresentSenior Information Security AnalystIron Mountain Incorporated | , ,
Managed Internal Security Compliance Assessments based on ISO 27001 Security Framework for Servers, Network devices, Workstations and Physical Security domains, across India and other global locations Involved in system configuration review of servers, network devices (switches, routers, firewalls, VPN devices etc.) etc.
ensuring that the same adheres to company policy and standards Conducted Firewall Rule base checks for compliance Reviewed Server and Workstation Security configurations for compliance Involved in Application Security Assessments for internally developed applications/ third party applications etc., for testing of CSRF attacks, XSS attacks, SQL Injection attacks, Session Management, Authorization, and Authentication etc.
Ensured Non Compliance findings are remediated within the defined timelines with negligible escalation.
Worked as Information Security location SPOC, ensuring that the operation, design, and management of information systems adhere to the organizational policies & standards Involved in risk assessment of Airtight Wireless Intrusion Prevention System, for checking various scenarios with respect to wireless attack attempts Instigated vulnerability assessment scans on workstations and servers on quarterly basis Involved in review of network design document for Accenture projects and security exceptions Received Accenture Celebrates Excellence (ACE) Award for excellence in business operations.
07/2010 to 06/2011Information Security SpecialistApex Systems | , ,
Handled Security Incident Response Management for issues comprising of unauthorized changes, unauthorized money transfer, virus attacks, application malfunction etc.
Managed Vulnerability Assessment Scan (VA Scan) process, in coordination with the respective support teams for remediation of the found vulnerabilities.
10/2007 to 07/2010IT-Technical AssociateParker-Hannifin, Corporation | , ,
Implemented Vulnerability Assessment Scan (VA Scan), on Unix and Windows Systems and providing appropriate recommendations for open ports and vulnerabilities followed by compliance and co-ordination for patch management Familiarized with risk management framework, such as ISO 27001 Handled Incident Response Management for suspected alerts generated from IDS Provided informational assistance for security policy violations and objectionable requests for allowing URL's being accessed on the corporate network McAfee Antivirus issues, Host Intrusion Prevention System issues, patch management and running compliance tests for patched machines Created exceptional policies in McAfee E Policy Orchestrator (EPO) based on business justification and access issues.
Maintained McAfee E-Policy Orchestrator (security management platform to centrally manage systems) Handled User Access Administration (Creation of user & service accounts, terminating user access, account renewals, home directory creation etc) Handled RSA SecurID access & authentication issues for SSL-VPN (remote connectivity) Verified 3rd Party VPN access request forms for accessing resources on the corporate network & risk analysis McAfee Safe boot encryption troubleshooting issues Troubleshooting of account lockout issues and handled password management Generated Weekly Metrics Report for Host Intrusion Prevention System, Anti Spyware & Virus Scan Handled weekly audit of System Access Termination Reports in compliance with SOX Controls GCC 2023.
01/2007 to 04/2007Intern Hardware EngineerNorthrop Grumman | , ,
Windows Installation, Antivirus Installation and Troubleshooting.
Education
Expected in 06Postgraduate Diploma | Mass CommunicationPGDMC, , GPA: Mass Communication
Expected in 04B.Sc | ElectronicsIndira School of Communication University of Pune, Pune, GPA: Electronics
Expected in | Fergusson College, Pune, GPA:
Professional Affiliations
Certifications
Certified Information Systems Auditor (CISA) ISACA IBM-Cloud Computing Infrastructure Architect V1 IBM ISO 27001 Lead Auditor Certification IRCA, UK Certified Ethical Hacker (C | EH) v6 EC-Council ITIL Version 3 Certification Certified Cyber Crime Investigator Asian School of Cyber Laws, Pune
Languages
English, Marathi, Hindi (Proficient)
Skills
Active Directory, Anti-Virus, Antivirus, Microsoft Applications, Architect, business operations, C, CISA, Council, encryption, English, Event Management, firewalls, Firewall, forms, Hindi, IBM, IDS, Information Security, Information Systems, Inspector, ISO, ITIL, Linux, McAfee, Access, Excel, money, Outlook, PowerPoint, Windows, Word, network design, Network, Operating Systems, Operating system, organizational, policies, risk analysis, risk assessment, risk management, routers, Scanners, Servers, SQL, SSL, switches, system configuration, Team Player, Troubleshooting, Unix, VPN
Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.