sr security specialist resume example with 9+ years of experience

Jessica Claire
  • Montgomery Street, San Francisco, CA 94105 609 Johnson Ave., 49204, Tulsa, OK
  • H: (555) 432-1000
  • C:
  • Date of Birth:
  • India:
  • :
  • single:
  • :

Knowledgeable IT security professional with 9+ years of experience designing and implementing security solutions in high-availability environments. Skilled in Vulnerability Management and Penetration Testing and adept at delivering strong risk management practices.

  • Tenable Nessus
  • Reporting and Documentation
  • Risk Mitigation
  • Technical Troubleshooting
  • Network Security
  • Testing Applications
  • SAST
  • DAST
  • Burpsuite
  • Nmap
  • Qualysguard
  • Linux
  • Windows
  • AIX
  • OWASP top 10
  • SANS 25
  • CVSS
  • NIST 800-53
  • CVE
  • Risk Rating
  • Powershell
  • IBM AppScan Static & Dynamic
  • NetSparker
  • Accunetix
Sr. Security Specialist, 03/2021 - Current
Us Government Other Agencies And Independent Organizations Hamilton, OH,
  • Performed Vulnerability scans using QualysGuard daily, weekly, and monthly
  • Organized the vulnerabilities into different categories using pivot tables and explained them to the System Owners and higher management
  • Coordinate with the development team and the system administrators to ensure closure of reported vulnerabilities
  • Provided strategic support in detecting, understanding, and resolving information security incidents and remediation
  • Provided guidance and monitoring in implementing annual goals and guidelines of the organization with application development
  • Performed Source Code review every week using CheckMarx
  • Performed False-Positive/Negative analysis and provided recommendations to the developers
  • We performed Access Review for different security tools
  • Supported team in Web-Application/Vulnerability analysis, Documented the results, engaged with system owners to discuss the vulnerabilities, and provided recommendations
  • Performed Ethical Hacking for the applications using manual and automated techniques
  • Identifying the critical, High, Medium, and Low vulnerabilities in the applications based on OWASP Top 10 and prioritizing them based on the criticality
  • Performed Web-Application/Vulnerability analysis, Documented the results, engaged with system owners to discuss the vulnerabilities, and provided recommendations
  • Performed Mitigation/Validation for the discovered security issues
  • Participated in internal security testing for Mobile & Web applications and Micro Services (APIs) using BurpSuite, Postman, and Netsparker
  • Mapped the identified vulnerabilities with the families in ISO 270001 framework and ISO-27001 Controls (Customized to Organization)
  • Environment: Windows, Linux, AIX, Qualys, Checkmarx, Jira, ServiceNow, AGP, DMT, BurpSuite, Nmap, CVSS, ISO 270001.
Vulnerability Assessor, 05/2015 - 03/2021
  • Providing consistent security to all U.S
  • Courts and their public facing and internal servers
  • Coordinating with around 600 IT staff to schedule and prepare for recurring security scans of assets physically located at the IDCs
  • Assisted business units to set up their own VSS scans and queries regarding the VSS Set up and Scan validation
  • Use client tools and websites to identify IDC servers and server locations to review the data with business unit I.T
  • Staff in preparation for recurring, Ad Hoc, and /or Emerging Threat scanning events
  • Use Tenable Security Center Continuous View (Nessus) to schedule scans according to unit staff’s day / time preferences
  • Generate and provide Basic Risk Reports (BRRs), Remediation reports and residual risks reports via email for all servers scanned during continuous, Ad Hoc, and / or Threat Scans
  • Involved in SOC mentor program and follow-up with the mentors from different court units in support of on-going process, technologies and processes of security scans using Nessus Security Center
  • Coordinating with the court units, conducting kickoff meetings, explain the Continuous Scanning Program phases and process
  • Scheduling (Continuous, Daily, Weekly, Monthly, Ad-hoc, and Threat event) O.S
  • Scans for court units using Nessus Security Center
  • Validation of scheduled scan results and the customer provided scan results
  • Preparing and delivering the Basic Risk (Vulnerability) Reports to the court units
  • Day to day coordination with System administrators to ensure remediation process is up to date and assisting system admins with any queries regarding the remediation steps
  • Performing the Ad-hoc validation scans to ensure the remediation patches were applied for all the systems and distributing the re-scan, and validation scan reports
  • Preparing and providing the Residual Risk Reports to the court and Program Office officials
  • Assisted court units when there is an Cyberattack like Ransomware
  • Identifying the systems those are still using outdated O.S
  • Or Software and providing the list to the SOC department officials
  • Involved in finding out and preparing the troubleshooting methodologies for the Windows and Linux servers with scan issues
  • Updating Splunk with Court Units, Server List, POC Information, Scan Dates, and Reporting Dates information
  • Support in detecting, understanding, and resolving information security incidents and remediation
  • Environment: Nessus Security Center, Heat Ticket Service, CyberArk, Splunk, Windows, Linux, Powershell.
Quality Analyst Associate, 04/2012 - 11/2013
Unified Softech Pvt Ltd City, STATE,
  • Understanding requirements and Functional Specifications of the application
  • Worked with the testing team in creating test plans
  • Involved in automating various test cases using WinRunner
  • Involved in installation of Oracle and creation of databases on Sun Solaris Platform
  • Tuning the Application and Database using DBA tools
  • Trouble shoot and help Testers running Test Scripts and partly assist them to review Testing Procedures
  • Actively involved with testing team in performing System Testing and requirements validation testing
  • Created SQL scripts for Database testing
  • Troubleshoot User login problems and perform Exports/Imports to implement Logical Backups
  • Extensively performed Manual Testing process to ensure the quality of the software
  • Involved in sharing the daily status report
  • Participated in identifying the required Test scenarios and Test Cases
  • Executed Test Cases as per System Requirements
  • Involved in team meetings in regular intervals of time to monitor the Quality of application
  • Created test plans, test scripts, test result reports using MS-Excel
  • Logged issues/defects encountered during test cycles and validated fixes after new deployments
  • Developed SQL Queries to perform Database testing
  • Executed SQL queries to check the integrity of data
  • Environment: QA/QTP, Jave, Oracle 10gR2, PL SQL.
Education and Training
Master of Science: Electronics and Electrical Engineering, Expected in 05/2015
Northwestern Polytechnic University - Fremont, CA,
Status -
Bachelor of Science: Electronics and Communication Engineering, Expected in 05/2012
Jawaharlal Nehru Technological University - INDIA,
Status -
  • Certified Ethical Hacker (CEH V.11)
  • Certified Network Defense Architect (CNDA)

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • Northwestern Polytechnic University
  • Jawaharlal Nehru Technological University

Job Titles Held:

  • Sr. Security Specialist
  • Vulnerability Assessor
  • Quality Analyst Associate


  • Master of Science
  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: