LiveCareer-Resume

sr security specialist resume example with 9+ years of experience

Jessica Claire
  • Montgomery Street, San Francisco, CA 94105 609 Johnson Ave., 49204, Tulsa, OK
  • H: (555) 432-1000
  • C:
  • resumesample@example.com
  • Date of Birth:
  • India:
  • :
  • single:
  • :
Summary

Knowledgeable IT security professional with 9+ years of experience designing and implementing security solutions in high-availability environments. Skilled in Vulnerability Management and Penetration Testing and adept at delivering strong risk management practices.

Skills
  • Tenable Nessus
  • Reporting and Documentation
  • Risk Mitigation
  • Technical Troubleshooting
  • Network Security
  • Testing Applications
  • SAST
  • DAST
  • Burpsuite
  • Nmap
  • Qualysguard
  • Linux
  • Windows
  • AIX
  • OWASP top 10
  • SANS 25
  • CVSS
  • NIST 800-53
  • CVE
  • Risk Rating
  • Powershell
  • IBM AppScan Static & Dynamic
  • NetSparker
  • Accunetix
Experience
Sr. Security Specialist, 03/2021 - Current
Us Government Other Agencies And Independent Organizations Hamilton, OH,
  • Performed Vulnerability scans using QualysGuard daily, weekly, and monthly
  • Organized the vulnerabilities into different categories using pivot tables and explained them to the System Owners and higher management
  • Coordinate with the development team and the system administrators to ensure closure of reported vulnerabilities
  • Provided strategic support in detecting, understanding, and resolving information security incidents and remediation
  • Provided guidance and monitoring in implementing annual goals and guidelines of the organization with application development
  • Performed Source Code review every week using CheckMarx
  • Performed False-Positive/Negative analysis and provided recommendations to the developers
  • We performed Access Review for different security tools
  • Supported team in Web-Application/Vulnerability analysis, Documented the results, engaged with system owners to discuss the vulnerabilities, and provided recommendations
  • Performed Ethical Hacking for the applications using manual and automated techniques
  • Identifying the critical, High, Medium, and Low vulnerabilities in the applications based on OWASP Top 10 and prioritizing them based on the criticality
  • Performed Web-Application/Vulnerability analysis, Documented the results, engaged with system owners to discuss the vulnerabilities, and provided recommendations
  • Performed Mitigation/Validation for the discovered security issues
  • Participated in internal security testing for Mobile & Web applications and Micro Services (APIs) using BurpSuite, Postman, and Netsparker
  • Mapped the identified vulnerabilities with the families in ISO 270001 framework and ISO-27001 Controls (Customized to Organization)
  • Environment: Windows, Linux, AIX, Qualys, Checkmarx, Jira, ServiceNow, AGP, DMT, BurpSuite, Nmap, CVSS, ISO 270001.
Vulnerability Assessor, 05/2015 - 03/2021
A.O. U.S. COURTS City, STATE,
  • Providing consistent security to all U.S
  • Courts and their public facing and internal servers
  • Coordinating with around 600 IT staff to schedule and prepare for recurring security scans of assets physically located at the IDCs
  • Assisted business units to set up their own VSS scans and queries regarding the VSS Set up and Scan validation
  • Use client tools and websites to identify IDC servers and server locations to review the data with business unit I.T
  • Staff in preparation for recurring, Ad Hoc, and /or Emerging Threat scanning events
  • Use Tenable Security Center Continuous View (Nessus) to schedule scans according to unit staff’s day / time preferences
  • Generate and provide Basic Risk Reports (BRRs), Remediation reports and residual risks reports via email for all servers scanned during continuous, Ad Hoc, and / or Threat Scans
  • Involved in SOC mentor program and follow-up with the mentors from different court units in support of on-going process, technologies and processes of security scans using Nessus Security Center
  • Coordinating with the court units, conducting kickoff meetings, explain the Continuous Scanning Program phases and process
  • Scheduling (Continuous, Daily, Weekly, Monthly, Ad-hoc, and Threat event) O.S
  • Scans for court units using Nessus Security Center
  • Validation of scheduled scan results and the customer provided scan results
  • Preparing and delivering the Basic Risk (Vulnerability) Reports to the court units
  • Day to day coordination with System administrators to ensure remediation process is up to date and assisting system admins with any queries regarding the remediation steps
  • Performing the Ad-hoc validation scans to ensure the remediation patches were applied for all the systems and distributing the re-scan, and validation scan reports
  • Preparing and providing the Residual Risk Reports to the court and Program Office officials
  • Assisted court units when there is an Cyberattack like Ransomware
  • Identifying the systems those are still using outdated O.S
  • Or Software and providing the list to the SOC department officials
  • Involved in finding out and preparing the troubleshooting methodologies for the Windows and Linux servers with scan issues
  • Updating Splunk with Court Units, Server List, POC Information, Scan Dates, and Reporting Dates information
  • Support in detecting, understanding, and resolving information security incidents and remediation
  • Environment: Nessus Security Center, Heat Ticket Service, CyberArk, Splunk, Windows, Linux, Powershell.
Quality Analyst Associate, 04/2012 - 11/2013
Unified Softech Pvt Ltd City, STATE,
  • Understanding requirements and Functional Specifications of the application
  • Worked with the testing team in creating test plans
  • Involved in automating various test cases using WinRunner
  • Involved in installation of Oracle and creation of databases on Sun Solaris Platform
  • Tuning the Application and Database using DBA tools
  • Trouble shoot and help Testers running Test Scripts and partly assist them to review Testing Procedures
  • Actively involved with testing team in performing System Testing and requirements validation testing
  • Created SQL scripts for Database testing
  • Troubleshoot User login problems and perform Exports/Imports to implement Logical Backups
  • Extensively performed Manual Testing process to ensure the quality of the software
  • Involved in sharing the daily status report
  • Participated in identifying the required Test scenarios and Test Cases
  • Executed Test Cases as per System Requirements
  • Involved in team meetings in regular intervals of time to monitor the Quality of application
  • Created test plans, test scripts, test result reports using MS-Excel
  • Logged issues/defects encountered during test cycles and validated fixes after new deployments
  • Developed SQL Queries to perform Database testing
  • Executed SQL queries to check the integrity of data
  • Environment: QA/QTP, Jave, Oracle 10gR2, PL SQL.
Education and Training
Master of Science: Electronics and Electrical Engineering, Expected in 05/2015
-
Northwestern Polytechnic University - Fremont, CA,
GPA:
Status -
Bachelor of Science: Electronics and Communication Engineering, Expected in 05/2012
-
Jawaharlal Nehru Technological University - INDIA,
GPA:
Status -
Certifications
  • Certified Ethical Hacker (CEH V.11)
  • Certified Network Defense Architect (CNDA)
,

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • Northwestern Polytechnic University
  • Jawaharlal Nehru Technological University

Job Titles Held:

  • Sr. Security Specialist
  • Vulnerability Assessor
  • Quality Analyst Associate

Degrees

  • Master of Science
  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: