Cyber Security Analyst
Current- Performed vendor evaluation and implementation of vulnerability management tools and deployed selected tool to 8,500 devices across multiple segmented networks and domains.- Developed risk assessment reports to identify threats and vulnerabilities.- Collaborated with server and endpoint engineers to define patch maintenance windows to remediate CVEs on up-to-date and end-of-life critical operating systems.- Assessed emerging threats, risks and vulnerabilities to inform action plan (e.g., Log4j).- Managed and operated multiple endpoint detection and response solutions as well as assessed Gartner-leading XDR/EDRs with IT leadership and engineers as POCs.- Created automated deployments of mission critical security software agents including XDRs, VPN clients, web filtering apps, and offline privileged access management tools.- Deployed a newly purchased XDR platform to 8,500 endpoints in a span of two weeks.- Mitigated and resolved a large-scale ransomware incident, fortifying the organization-wide security posture in response.- Conducted annual disaster recovery exercises and improved with lessons learned.- Developed annual cybersecurity awareness training program, resulting in an increase from below 80% completion rate to above 95%.- Conducted risk analysis, system certifications, auditing, security documentation and security testing using a wide suite of tools including XDR, EDR, firewalls, web filtering platforms, SIEMs, MMDR, vulnerability scanners, and Active Directory auditing tools.- Assisted with development of cybersecurity policies and procedures to prevent and defend against unauthorized access to systems, networks, and data.- Configured and managed the network access control application including: initial configuration, policy creation, and system updating.- Collaborated with the network architects and engineers to develop segmentation strategies and integrate cutting edge networking products with the NAC.