Network Security Analyst (IDS Device Management) provides support, maintenance, and troubleshooting of IDS/IPS and endpoint security devices.
• 24x7x365 support of Secureworks' 3600+ MSS client base.
• Responsible for providing specialized support for industry leading IDS/IPS, advanced malware, and endpoint security platforms.
• Manage Cisco, Sourcefire, FirePower, FireEye, Lastline, Carbon Black, and Tipping Point.
• Handle platform upgrades, apply signature updates, perform policy tuning, as well as maintenance and troubleshooting.
• Collaborate with members of the Security Analysis, Health Monitoring, Counter Attack, and Client Services teams.
- Network Security Analyst at Dell Secureworks
- RMS ITOC Analyst at Boeing/CSC
- IT Recruiter at Matrix Resource
- ITO Service Delivery Consultant III at Hewlett Packard
3 years at this Job
Working as part of the network security team as an analyst, I provide tier 1, 2 and 3 support being on the afterhours shift as well an escalation of issues to our on call engineers when needed. In this position daily tasks interaction are on the following devices, Checkpoint R77.30 and R80, Cisco ASA 5500 series And Akamai Platform as well as utilization of such systems as Service Now, Splunk and analysis tools such as wireshark . · Device Reports · Network Monitoring (Security) · Analysis of Network Traffic (WireShark and Splunk) · Ticketing System – Service Now · Assisting other departments in Troubleshooting Connection issues, access etc. · Implementation of policies on Checkpoint R77.30 · Implementation and Removal of IWAN links and Network links (Configuration) · Updating of devices (Checkpoint R77.30,R80 and Cisco ASA) · Joint team Solution Bridges (Web meetings)
Working as part of the network security team as an analyst, I provide tier 1, 2 and 3 support being on the afterhours shift as well an escalation of issues to our on call engineers when needed. In this position daily tasks interaction are on the following devices, Checkpoint R77.30 and R80, Cisco ASA 5500 series And Akamai Platform as well as utilization of such systems as Service Now, Splunk and analysis tools such as wireshark .
· Device Reports
· Network Monitoring (Security)
· Analysis of Network Traffic (WireShark and Splunk)
· Ticketing System – Service Now
· Assisting other departments in Troubleshooting Connection issues, access etc.
· Implementation of policies on Checkpoint R77.30
· Implementation and Removal of IWAN links and Network links (Configuration)
· Updating of devices (Checkpoint R77.30,R80 and Cisco ASA)
· Joint team Solution Bridges (Web meetings)
- Network Security Analyst at BB&T
- Network Operation Administrator at Telecommunication Services of Trinidad and Tobago
- Business System Technician at Telecommunication Services of Trinidad and Tobago
- Central Office Technician at Record Keeping and Maintenance
8 months at this Job
- CISCO (CCNA)Certified - Routing and Switching
- Masters of Science - Network Security
- Bachelor of Engineering - Applied Information Systems Technology
* Serve as the "Hub" for all Cyber Incidents and report issues directly to US-CERT; field and forward cyber incident reports and additional documentation from multiple end-users across the organization. * Collaborate with 15 members of the network security team and assist with PCAP and Netflow analysis as needed. * Monitor the duty mailbox for event alerts throughout the Enterprise, responding to and resolving hundreds of alerts daily. * Track incident and investigations of Cyber events, overseeing the completion and delivery of multiple reports weekly. Network Security Analyst - Contractor ) * Complete and deliver extensive incident write-ups and technical reports on major Cyber events throughout the Enterprise, identifying potential security shortcomings to enhance risk management and mitigation. * Manage the announcement of known Indicators of Compromise (IOC) through the customer Cyber community, providing critical communications to more than thousand customers across the state. * Compile weekly and monthly advanced analytics of attempted intrusion and cyber incidents throughout clients' enterprise environment; implement system enhancements to ensure continued security and prevent intrusion.
- Network Security Analyst - Contractor at DEPARTMENT OF ENERGY
- Tier 3 IT Service Desk Specialist - Contractor at NATIONAL INSTITUTE OF HEALTH
- Systems Engineer at MATCH.COM
- Tier 2 IT Service Desk Specialist - Contractor at NATIONAL INSTITUTE OF HEALTH
4 years, 8 months at this Job
- Associate of Arts - Liberal Arts
Provided administration and support for a wide area network consisting of 5 domains and over 90K users.
Implemented group policies to improve information security, administered active directory and maintained
• Defined and created Roles and generated Authorization profiles and Authorizations based on Role Matrix.
• Worked on Central User Administration (CUA)
• Transported Roles, Authorization Profiles across QAS and Production Systems.
• Successfully built highly flexible, diligent, collaborative problem solving teams from every department within the enterprise.
• Processed SAP user access requests, and supported everyday troubleshooting of access problems
• Administered corporate security standards and policies across a wide variety of Novell Directory, Active Directory, Mainframe RACF, Windows Servers and Lotus Notes.
• Participated in PMO activities, including demand and project portfolio management, facilitated prioritization workshops and communicated with senior management and stake holders
• Conducted analysis of network traffic and event management on average of 15 incidents per hour.
• Coordinate extensively with networking teams to maintain and establish communication to remote QRadar Collectors/Processors.
• Communicated with the company's external auditors on general computer control related matters and SOX test procedures.
- Network Security Analyst at NTT DATA
- Supervisor at OWENS AND MINOR
- Logistics/Distribution Supervisor at UNITED STATES ARMY
- Logistics Coordinator at UNITED STATES ARMY
3 years, 8 months at this Job
- Bachelors - Information Technology
Project: PCI DSS SECURITY COMPLIANCE Responsibilities:
● Solid knowledge of network and security concepts, best practices, and technologies including IPSec, SSL, DNS, DHCP, routing and switch, IPAM, NAT, etc.
● Redesign OSPF from single area to multi-area network designs.
● Configure Cisco 4500, 3750, 3850, 9300 series switches, including different switching technologies for ex. VLAN, Inter VLAN routing, VLAN Access control list, STP, PVST+, Vlan Trunking protocols, gateway redundancy with HSRP.
● Implement L2/L3 high availability network technology based on the Cisco Data Center design (NEXUS 7K and 9K).
● Create, oversee and test security measures (e.g. access authentication and disaster recovery)
● Perform network assessments and security audits - PCI DSS, SOC, NIST, HIPAA.
● Responsible for the Global design, engineering, and level 2/3 support of existing network technologies services and the integration of new network technologies / services.
● Perform PCI gap analyses, remediation consulting services, and conducting PCI certification assessments.
● Key contributions include troubleshooting of complex LAN /WAN infrastructure, performing pentests, vulnerability scans and remediation, Firewall Ruleset Remediation, creating and maintaining network diagram/inventories.
● Interact with business, customer, PCI chalk leads, local IT teams on a daily basis in order to drive the PCI audit to completion on time.
● Preparing/Updating network diagrams (MS VISIO) and device inventories including cardholder data environment and PCI in-scope systems.
● Ensuring that all network devices are logging incidents to a secure server in order to track logs and configuration changes to devices.
● Remediating any and all critical and high vulnerabilities in the network that show up in the Tenable vulnerability scans and Cadence penetration tests.
● Install and maintain firewall configuration and access control rules in order to protect cardholder data.
● Review firewall rule sets, IDS and web proxy configurations and access control lists for accuracy.
● Maintain a high security authentication procedure for people logging in at various levels of privilege - TACACS, Active Directory, RADIUS, Cisco ACS.
● Firewall Remediation / ACL cleanup - In order to meet PCI DSS standards, I was responsible for remediating firewall ACL rules. Performed with the help of captures on CLI and LiveNX/Wireshark.
● Responsible for implementing Firewall connectivity requests, based on the needs of the customer, while maintaining the security standards.
● Responsible for any hardware refresh tasks arising due to PCI non-compliance - OS Upgrades on Cisco devices, device replacement, migrations.
● Responsible for on-call troubleshooting of issues at the local data center.
● Involved in migration of around 1200 devices to new management- Involved updating usernames, TACACS/RADIUS, SNMP monitoring, logging, NTP to name a few.
● Involved in standardizing devices across the organization to meet the new Baseline Configuration Document requirements.
● Provided application level redundancy and availability by deploying F5 load balancers LTM.
● Administration on Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
● Configured and implemented F5 features, applications, access control including packet filters and iRules.
● Deployment of Palo Alto firewall into the network.
● Successfully installed Palo Alto PA 3060 firewalls to protect Data Center and provided L3 support.
● Configured Zones, Virtual routers, Security Policies and interfaces on Palo Alto Firewall. monitoring and troubleshooting Palo Alto and managed them with Panorama M-500 Device
● Configured and wrote Access-list policies on protocol-based services
● Troubleshooting of protocol-based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow
● Responsible for setting up proxy servers and corresponding forwarding on firewalls.
● Responsible for preventing data loss and service interruptions by researching new technologies that will effectively protect a network. Environment: SNMP. OSPF, BGP, TFTP SERVERS, TCP, UDP, SMTP, EIGRP, OSPF, BGP, RADIUS, TACACS+, CISCO 6500, F5 LTMs, VLAN TRUNKING 802.1Q, NEXUS 2K, 5K, 7K
- Network Security Analyst at Conduent Inc
- Network Engineer at ExxonMobil
- Network Engineer at American Society of Clinical Oncology
- Network Engineer at EA Markets
1 year, 8 months at this Job
- MS - Engg
- B.Tech - Electronics and Communication
Monitoring of security events in the SIEM, as well as other security feeds, and CTU communications (email, phone, chat, and other communications) Triage of incoming security events, perform preliminary and secondary analysis, validate events, and escalate to management if events deem additional response action Documenting event analysis using ITIL processes Reverse engineering of malware in some cases Memory analysis of infected devices Forensic acquisition and analysis of potentially infected devices Some on-call work and shift flexibility Other information security work as requested by management Sports Authority 1959 West Hampton Ave. Englewood, CO 80110 November 2007 -July 2016 Computer operator Monitors and controls a computer by operating the central console or on-line terminals. Operates auxiliary equipment directly associated with the computer. Maintains records regarding output units and supply inventories. Assists in manipulating controls to rearrange sequence of job steps to continue operations when individual units of the system malfunction. Carries out defined ad hoc and routine tasks. Having a familiarity with project dynamics, organizes logistics and information according to instruction in support of the team's efforts. May sustain a minor role in a variety of defined business processes. References documented processes, previous instruction and established guidelines to address challenges. Escalates more complex challenges or challenges outside the scope of defined practice. Independent decisions are based on limited experience and familiarity with challenges and prescribed guidelines and practices with little or no deviation. Has a general understanding of task importance and its supportive relevance. Requires communicated project and/or procedural guidelines. Reacts immediately to frequent changes in project, process or administrative needs Jeppesen 55 Inverness way East Englewood, CO 80112 December 2005 to November 2007 Network Operations Center Technician Responsible for severity 1 server/network issues. Providing incident reports, and root cause analyst reports as required. Providing technical support to all dependent groups and/or organizations. Responsible for being a point of technical escalation to internal employees. Requirements of the job include but are not limited to Account Maintenance in regards to UNIX, Lotus Notes, and other network systems. Monitoring all Data Center equipment with little or no technical assistance. Escalating issues to tier 2 and 3 support as needed including network, UNIX, VAX and Client/server systems. Responsible for IBM mainframe batch processing, backup and recovery. Ticket tracking system used is currently Peoplesoft. November 1999 - December 2005 Computer operator, Senior Operator/Help Desk Agent Operator in a multiple platform shop which includes MVS, VAX /DCL, UCC7, UNIX, NOVELL, Windows Active Directory, Windows (XP, 2000 and NT), CONTROL D Client/server systems. Software includes TSO/ISPF, CA-7, Lotus Notes, CA-dispatch. Windows 3.1,95, 2000 Peripherals include Xerox, IBM and DEC printers, STC and DEC, Hitachi tape drives. Responsibilities include running daily production, reports, and schedules on all systems, monitoring systems for system software and hardware errors and abends. Contact system supports staff and appropriate hardware technicians as necessary. Assist lead of the department in training of other data center, help desk operators. Help Desk duties include Assisting and tracking all problems for internal customers using Vantive tracking application. Assist site-engineers in the building, trouble shooting, P.C.s and workstations. Implementation of, various software applications M S, Visio, and internal software. Distribution of new equipment as necessary. Maintenance of various printer / copiers including, Xerox, Hewlett-Packard and, QMS printers. Work with outside vendors. Information Handling Services 15 Inverness Way East Englewood, CO 80150 (303) 790-0600 September 1997 - October 1999 Computer Operator I, II Operator in a multiple platform shop which includes MVS/ESA, VAX /DCL, Data General, UNIX and Client/server systems. Software includes TSO/ISPF, CA-1, Omegamon, Lotus Notes, CA-dispatch. Windows 3.1 and '95. Peripherals include Xerox, IBM and DEC printers, STC and DEC, Hitachi tape drives. Responsibilities include running daily production schedules on all systems, monitoring systems for system software and hardware errors and abends. Contact system supports staff and appropriate hardware technicians as necessary. August 1995- August 1997 Supervisor Manufacturing Responsibilities included supervising a staff of 15, which included multiple areas. This included product inspection, film duplication, film processing and electronic publishing systems. Responsibilities included writing of performance reviews, employee counseling. Additional documentation included monthly production reporting using Lotus, MS Excel, Word, Quattro, Lotus notes. Responsible for hiring, and handling of disciplinary actions. Interacted with Human Resources as well as other management to resolve personnel problems and interdepartmental problems. Responsible for training of employees in all areas of there jobs responsibilities. Writing of procedures for all of the above mentioned areas to meet ISO 9001 certification standards. August 1990- August 1995 Lead Inspector - Image Inspection Duties included inspection of all CD-ROM products as well as film and online data. Using company quality standards. Training of all inspectors on all system upgrades and production schedules and procedure. Assisted supervisor in overseeing of department and staff. Wrote department procedures using MS Word, Excel, Word Perfect. Documentation of all inspections performed. Acted as interdepartmental liaison to ensure the quality of all production products. August 1983- August 1990 Inspector I, II, III Image Inspection Duties included inspection of all CD-ROM products as well as film and online data. Using company quality standards Classes Classes include many workshops geared toward management. Entry Level and Advanced Supervisor Training - Mountain States Employment Council Managing the Troubled Employee - Employee Assistance Programs Inc. Violence in the Work place - Employee Assistance Programs Inc Intro and Advanced DOS classes Lead Worker Training - MSEC Communication Skills for the Lead Worker -MSEC How to Discipline Employees and Correct Performance -CareerTrack
- Network security analyst at CenturyLink
- Computer operator at Sports Authority
- Network Operations Center Technician at Jeppesen
- Computer operator, Senior Operator/Help Desk Agent at NOVELL
2 years, 2 months at this Job
ITC Service Group (ITC), is a leading provider of broadband installation, planning, wireless, design and staffing solutions to the telecommunications industry. With over 40 years' experience in the telecom business Job Duties: ✓ Monitor computer networks for security issues. ✓ Investigate security breaches and other cyber security incidents. ✓ Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs. ✓ Document security breaches and assess the damage they cause. ✓ Work with security team to perform tests and uncover network vulnerabilities. ✓ Fix detected vulnerabilities to maintain a high-security standard. ✓ Perform penetration testing Nmap and Wireshark. ✓ Help colleagues install security software and understand information security management.
- Network Security Analyst at ITC Services Group - Citrus Heights - CA
- Network Help Desk at Informatics Services Cooperation
11 months at this Job
- Master of Science In Artificial Intelligence - Artificial Intelligence
- Bachelor of Science
Provide network security operations and support. Use automated network security management tools to perform daily monitoring and control of network security managed elements in accordance with established procedures. Open, update and close required incident tickets. Configure, test and manage network security devices. Operate and maintain wide-area networking (WAN) equipment. Use Network Security Operation Center components such as trouble-ticket systems, client databases, networking and security equipment (firewalls, sniffers, scanners, etc.). Familiar with Windows/Linux working environments.
- Network Security Analyst at Xapiens International Group
- Network/Telecommunications Technician at Comisión Estatal de Elecciones
10 years, 9 months at this Job
- Bachelor's degree in Information Systems - Information Systems
- Associate's Degree in Electronic Engineering - Customer Service
information of device and or connected device(s)
● Intake and assessing of alerts including determining priority of alerts
● Responding to alerts of networking, operational and security events
● Remote into firewalls and managed switches to preform maintenance, probe for
● Change or update policy's on firewalls
● EDR/MDR of devices with Sentinal One
● Reviewing log data through SIEM and raw logs
● Pushing and reviewing firmware updates
information of device and or connected device(s)
- Network Security Analyst at Nuspire Networks
- Level 1 IT Service Desk at HEWLETT PACKARD ENTERPRISE (DXC)
- Sales Associate at THE HOME DEPOT
2 years at this Job
- High School Diploma
• Monitoring system logs through a dashboard interface and formally investigate any abnormalities within the Space Based Infrared System (SBIRS) network
• Consistently reading INTEL reports to further protect or mitigate network intrusions
• Maintained databases of network layout matching hosts to IP addresses, past and current forensic investigations and any network error logging information Achievements:
• Graduated in the first cyber defense course of Buckley Air Force Base and of the first cyber defense courses in the entire Air Force
- Network Security Analyst at Buckely Air Force Base
- Satellite Communication Technician at Buckely Air Force Base
5 months at this Job
- Bachelor's - Cyber security
- - Electronics And Telecommunications