As an Information Technology Security Specialist, I specialize in: Security Policy Development: Creating and enforcing comprehensive information security policies to protect organizational data and comply with regulations. Risk Assessment & Mitigation: Conducting thorough risk assessments to identify vulnerabilities and implementing effective strategies to mitigate potential threats.Assist in managing vendor relationships, overseeing IT contracts and renewals to ensure compliance and value delivery.Lead Quarterly Business Reviews (QBRs) with vendors, facilitating discussions around performance, surveys, and action items.Provide guidance on vendor management processes, implementing best practices to enhance operational efficiency. Incident Response & Monitoring: Actively monitoring security incidents and alerts, leading response efforts to contain and remediate breaches effectively. Network Security & Access Control: Designing and implementing robust security measures for network infrastructure and managing user access controls to ensure data integrity. Training & Awareness: Developing and delivering engaging training programs to foster a culture of security awareness among employees.

Network Monitoring & Incident Response: Monitored networks and systems for signs of attack, utilizing Forti-Analyzer to effectively review security alerts and logs. Investigated security incidents to determine root causes, containing threats while collaborating with cross-functional teams for rapid remediation.Security Architecture Implementation: Successfully set up and configured the organization’s security landscape, including FortiGate Firewall, Bitdefender GravityZone, and Zecurion Data Loss Prevention (DLP) system. Defined security policies, optimized threat detection capabilities, and ensured robust data protection to safeguard sensitive information.Proactive Monitoring: Proactively monitored security alerts through Forti Analyzer, significantly reducing incident response times by implementing streamlined management processes that enhanced overall security posture.Incident Response Development: Developed and implemented comprehensive incident response policies, establishing clear protocols for identifying, reporting, and mitigating security incidents, which improved organizational readiness and compliance with industry standards.ISMS & Risk Management: Spearheaded the development and implementation of an Information Security Management System (ISMS) and a robust enterprise security risk management framework. These initiatives fortified the organization’s cybersecurity posture, enhanced risk mitigation strategies, and fostered a culture of security awareness.Collaboration for Security Controls: Collaborated closely with IT teams to design and implement effective security controls and policies, ensuring alignment with organizational goals and regulatory requirements, thereby enhancing system integrity and resilience.Research & Threat Awareness: Conducted in-depth research on emerging cyber threats and trends, leveraging insights to continuously improve the organization’s security measures and minimize incidents.

Security Monitoring: Assisted in monitoring security systems and alerts to identify anomalies, proactively escalating findings to senior analysts for further investigation and prompt action.Event Log Analysis: Engaged in monitoring event logs to detect anomalous activities, documenting incidents for thorough root cause analysis and suggesting improvements to enhance current processes.Continuous Education: Participated in continuous education initiatives to stay informed about the latest cyber threats and security technologies, ensuring I remain up-to-date with industry trends.Policy Enforcement: Helped enforce security policies and procedures, ensuring strict adherence to organizational standards and regulatory requirements to mitigate risks.Security Assessments: Participated in conducting security assessments and audits, evaluating the effectiveness of current security measures and identifying areas for improvement.User Access Management: Assisted in managing user access controls, including the creation, modification, and disabling of accounts in accordance with established security protocols.Security Awareness Training: Supported the development and delivery of security awareness training programs, promoting a culture of security across the organization and empowering employees to recognize potential threats.Threat Awareness: Stayed informed about emerging security threats, vulnerabilities, and trends, providing valuable insights into potential risks and enhancing overall security strategies.Documentation Maintenance: Maintained accurate documentation of security incidents, assessments, and policy updates for compliance and review purposes.Incident Response Support: Assisted in the development and execution of incident response plans and disaster recovery procedures, ensuring organizational readiness for potential security incidents.

As a Network Security Administrator, I specialized in:Network Monitoring & Threat Detection: Proactively monitoring network traffic and security alerts to identify and respond to potential threats in real time.Firewall and Intrusion Prevention Management: Configuring and maintaining firewalls and intrusion prevention systems to safeguard the network from unauthorized access and breaches.Access Control & Policy Compliance: Developing and enforcing access control policies and network security procedures to ensure compliance with industry standards and protect sensitive data.Incident Response & Recovery: Leading incident response efforts to contain and remediate security incidents, continuously improving response strategies based on documented findings.Security Assessments & Training: Conducting regular security assessments and providing training on security best practices to foster a culture of awareness within the organization.Managed Google Workspace (G-Suite) user accounts, resolving access issues and permissions for Drive, Gmail, Calendar, and other tools, ensuring smooth operational workflows.Configured and managed company-owned devices using MDM tools enforcing security policies and ensuring compliance with organizational standards.Provided remote troubleshooting and technical support for employees across various locations, addressing hardware and software issues in a timely manner.Administered macOS and Windows workstations, ensuring they were up to date with software patches, system updates, and security measures.