A result-oriented Information Security Professional with over 12 years of experience in IT/OT assurance roles. Possess strong working knowledge of Linux, and Windows platforms. Experienced deploying,configuring and supporting Enterprise EDR Solutions, and other security tools. Experienced inEnterprise Risk and Vulnerability assessment and management, Network Monitoring/Log Management, SIEM(Splunk), SNOW, Remedy, and Swimlane. Familiarity with Incident response and escalation.Excellent written, and verbal communication skills, and a team player. Over 4 years of experience in monitoring and detecting malicious activity based on the MITRE framework of adversary tactics, techniques, and procedures (TTP) in supporting organizational mission. Analytical and dynamic leader (Manage a team of 5) with experience and good understanding of company policies and integrated systems development in various aspects of cyber, analytics, optimization, information technology, and general information security. Solid understanding of cyber threats and information security in the form of Threat Actors, Campaigns, and Observables. Experience in static and dynamic malware analysis using Xcitium EDR, with strong critical thinking, communication skills, and people skills (team-player). Strong analytical and problem-solving skills, self-motivated to improve knowledge and skill in alert triage and analysis to determine the course of action. Experience in creating SOPs and Playbooks with the overall objective to ensure confidentiality, integrity and availability of the systems, network, and data. Security operation security Managed Device certificates, rekeying, modifications, and revocations through TCM using DHS-142-22 Sponsorship form.• Monitored DHS Scorecard for Scan compliance, Vulnerabilities, and Configuration management issues.• Conducted TIO scans, reviewed scan results, and collaborated with system teams for timely implementation of fixes.• Assisted with high priority ad-hoc requests and change management initiatives.• Created and managed POA&M and waivers for unresolved weaknesses.• Performed audit log and account management using Splunk OA Master Audit log and ECN Account management board.• Supported CSAM assessment and authorization activities as outlined in NIST SP 800-37.• Developed, reviewed, and updated security authorization documentation in CSAM and ECN.SIEM: Arcsight, Splunk (logger, ESM), Tenable Security Center Repositories: Archer, RiskVision, CSAM, XACTA , Confluence, eMass Cloud Security: AWS, Azure, FedRAMPDocumentation: SSP, POA&M, SAR, CMP,
