PROFESSIONAL SUMMARY:

CompTIA Security+ certified cybersecurity engineer with five years of hands-on experience in threat detection, vulnerability assessment, and secure SDLC implementation. Successfully identified and mitigated risks in simulated environments using Nmap and Metasploit, delivering actionable hardening strategies with good experience in Implementation, Administration, Operation and Troubleshooting of enterprise data networks. Experience in planning, developing, implementing, monitoring and updating security programs, and advanced technical information security solutions, and sound knowledge in SOX and PCI compliance requirements and understanding of NIST and ISO standards. Hands on experience on Web Application Firewalls and attack mitigation techniques. Establish a strong GRC (Governance, Risk and Compliance) practice to ensure adherence to best practice, regulatory requirements and ISO 27001. Modernize assessment tools by researching emerging technologies and outlining their procurement to increase productivity and effectiveness. Developing and implementing risk management strategies, policies, and procedures to mitigate operational risks. This involves establishing risk appetite, tolerance levels, and controls. Strong knowledge in DNS, DHCP, IP addressing. Experience of IP Service – DNS, DHCP, IPAM and Active Directory DNS. Understanding of TCP/IP networking, IP routing, Server Load Balancing, and Network Security architecture and core technologies, Firewalls, ACLs, DNS, DHCP, IPAM, LDAP, NFS.

PROFESSIONAL EXPERIENCE:

FICO – San Jose CA

Cybersecurity Engineer                                                                              Mar 2024 – Present

• Conducted cybersecurity exercises using Nmap to scan virtual networks for open ports and services, identifying potential vulnerabilities.
• Utilized Metasploit to simulate basic exploits, gaining insight into attack vectors and defensive countermeasures aligned with Security+ principles.
• Applied OWASP Top 10 knowledge to assess application security risks, recommending mitigation strategies like input validation and secure coding practices.

• Analyzed logs in a mock SIEM environment to detect suspicious activity, enhancing skills in monitoring and incident response.
• Create automated scripts in Python to test the website and database and probe for potential security vulnerabilities.
• Documented findings and presented actionable hardening recommendations, showcasing analytical and communication skills.
• Analyze vulnerability assessment results, identify remediation strategies and provide timely reports to management for review.
• Prioritize vulnerabilities/assets that should be patched during maintenance cycles.
• Working with a team where my primary responsibility is planning, installation, configuration, performance tuning, problem determination, and administration of a Security Information and Event Management (SIEM) solution.
• Managed Cyber Security threats through prevention, detection, response, escalation and reporting in effort to protect Enterprise IT Assets through Computer Security Incident Response Team (CSIRT).

Sirius XM – Los Angeles CA

Cybersecurity Engineer                                                                              May 2023 – Jan 2024

• Improved software quality by identifying and documenting 50+ critical bugs using a self- made security vulnerability scanner during the testing phase of a major product release, contributing to a 10% reduction in post-release defects.
• Implemented security hardening measures on all Linux-based servers (Ubuntu, CentOS, RHEL) using industry standards such as CIS Benchmarks and SELinux, improving security posture by 30%.
• Implemented role-based access control (RBAC) on Linux servers, ensuring strict user permissions and limiting access to sensitive resources.
• Successfully managed a team of 3 associates, providing guidance, assigning tasks, and ensuring the timely completion of project deliverables.
• Developed and implemented a comprehensive privacy policy for the company, ensuring compliance with relevant regulations (e.g., GDPR, CCPA) and safeguarding customer data.
• Conducted security awareness training for 20+ employees, increasing their understanding of cybersecurity best practices and reducing the risk of phishing attacks by 15%.

• Building a back-end database of jobs, customers and user information using SQL, creating queries, tracking user sessions and analyzing behavioral patterns and web traffic.
• Responsible for delivering an end-to-end continuous integration – continuous delivery system for the products in an agile development approach using Chef/Ansible and Jenkins and Shell Scripts.

USAA – Phoenix, AZ

IT Security Analyst (Remote)                                                                              Aug 2022 – Feb 2023

• Assisted in conducting security risk assessments, including identifying potential vulnerabilities in IT systems, networks, and physical infrastructure.
• Supported the evaluation of security controls and recommended improvements to mitigate identified risks.
• Participated in the development of risk profiles for different systems, applications, and facilities.
• Configured and maintained VPNs (OpenVPN, IPsec) for secure remote access to internal Linux systems, ensuring secure communications over the internet.
• Troubleshoot and configured connectivity issues related to VPN, DHCP, DNS, Firewall DMZ.
• Monitored security alerts, threat intelligence feeds, and other relevant sources to identify emerging security threats as it relates to risk tracking.
• Analyzed security risks, incidents, and vulnerabilities to assess their potential impact on the organization.
• Assisted in the preparation of reports on security trends and potential risks.
• Developed approaches for industry-specific threat analyses,

application-specific penetration tests and the generation of vulnerability reports.

• Provide IT Governance, Risk, and Compliance (GRC) service to fulfil client requirements.

Bunchful – New York NY

Cyber Security Analyst                                                                               Jan 2022 – Jun 2022

• Conducted penetration testing on 5+ websites, identifying and documenting vulnerabilities to improve overall security posture.

• Developed 10 detailed technical reports outlining vulnerabilities, remediation steps, and best practices, contributing to a 10% reduction in vulnerabilities.
• Evaluating the potential impact and likelihood of operational risks through quantitative and qualitative analysis. This includes using risk indicators, key risk indicators (KRIs), and risk assessment frameworks.
• Optimized 5+ cybersecurity protocols, enhancing the efficiency and effectiveness of security measures.
• Perform daily DLP Incident monitoring, analysis and reporting, solution checks, client interaction, and day-to-day DLP operations.
• Create and run routine reports and data analytics in Excel and Tableau.
• Monitor, analyze and respond to network incidents and events. Participate in disaster recovery implementation and testing under NIST framework, HIPAA, & HITECH standards.
• Consulted with business and technology partners to create and provide security recommendations and best practices.
• Conduct internal and external security audits based on standard cybersecurity frameworks from ISO 27002, COBIT, NIST, OWASP and Cloud Security Alliance
• Increased productivity by fine-tuning their IPS security policies allowing analysts to quickly identify threats on the network. Tune HIPS and VirusScan policies to support mission requirements as needed.

GAOTek – New York NY

IT Security Analyst                                                                              Aug 2021 – Nov 2021

• Researched potential vulnerabilities in 10+ product pages daily, contributing to the development of comprehensive security assessments.
• Improved troubleshooting support through enhanced technical documentation and recommendations, leading to a 20% reduction in support tickets.
• Collaborated with peers and managers to develop and update 5+ technical documents for IT audit each week, ensuring compliance with industry standards.
• Used virtualization tools such as VMWARE and VIRTUAL BOX to build server infrastructure for ArcSight security solutions.
• Knowledge and experience in IT risk or compliance disciplines including risk assessment.

• Maintain serviceability of assessment tools with latest software and firmware resulting in zero equipment failure during assessment.
• Identifying flaws and weaknesses in information systems that may be exploited to impact on the confidentiality, integrity and availability of a system.
• Proactively implemented updates, maintained, managed, monitored, and supported enterprise network and systems security operations infrastructure throughout the shared services environment.

Deloitte – Akron, OH

Jr Cyber Security Engineer (Remote)                                                                              May 2020 – Apr 2021

• Implemented and managed Cisco firewalls, ensuring compliance with PCI DSS standards and enhancing web infrastructure security.
• Worked as a PCI-DSS consultant to perform a 3rd party audit.
• Collaborate with cross-functional teams to educate employees on data security best practices and the importance of DLP
• Worked with a fellow security specialist to create scripts in Python to automate testing of client websites built by our web development team, utilizing brute force attacks and testing the strength of firewalls implemented. Conducted database security assessments using SQL to detect SQL injection vulnerabilities.
• Involved in DLP data encryption, monitoring/reporting and remediation of internal and external threats/vulnerabilities.
• Configured access control lists (ACLs) using cPanel to restrict unauthorized access, protecting sensitive data and systems.
• Deployed CrowdStrike/Falcon for endpoint protection and BitLocker for data encryption, reducing security incidents by 25%.
• Performed host, network, and web application penetration tests.
• Conducted onsite penetration tests from an insider threat perspective.
• Worked with Security Operations Center (SOC) web application security log analysis and Malware Analysis, Phishing / Spam email Investigation, EDR tool (Titanium / Crowd Strike/Carbon black and other relevant tools).

PROFESSIONAL SKILLS:

Cybersecurity:

• CompTIA Security+ certified, Threat Detection, Vulnerability Assessment & Management, OWASP Top 10 principles, SIEM, Incident Response, Risk Assessment