8480beac-f173-4859-bad9-c086f749ac42

Andrew Smith


Phone:

(000) 000-0000

Email:

[email protected]

Address:

287 Custer Street, Hopewell, PA 00000

Professional Summary

 Cyber security analysts with Experience of more 3 years and the role is to assess, plan, and enact security measures to help protect an organization from security breaches and attacks on its computer networks and systems. This job involves simulating attacks to identify vulnerabilities, testing new software to help protect the company’s data, and helping users adhere to new regulations and processes to ensure the network stays safe 

Education

Apr. 2015
Master of Science: Instrumentations

  • Upton Academy – Kuvalisfort, Connecticut

Mar. 2013
Bachelor of Science: Electronics

  • Weber College – Shermanchester, Maine

Apr. 2009
HSC

  • Dare Academy – Bobbyhaven, Indiana

Nov. 2007
SSC

  • South Grant University – Murphyton, Massachusetts

Employment history

Apr. 2020 – Present
Twandashire, Oregon
Senior Cyber Security Analyst, Brekke-Klocko

The job is to build a bridge in between Offensive part and Forensics part. In this, I have done IT audit and network audit. Study Server utilization, Log Analysis of Server, Firewall and other Event logs. To do Web VAPT for client website. Also did Cyber investigation and Digital Forensics for private clients as well as for Law Enforcement Agencies 

Dec. 2017 – Mar. 2018
Lavonnefurt, Oregon
Cyber Crime Investigator, Farrell, Rolfson and Bernier

The task in this was to study, analyze, recognize and seized necessary digital evidence and maintain its integrity throughout the case. To maintain chain of custody for evidence, the investigate as per the best reasonable practice of court of law. Use of forensics tools to investigate dead forensics.

Technical Skills

Burpsuite Proffesional

Nmap

Nessus

OS Forensics

USB Deview

WinHex

Tableau Forensic Duplicator TD2, TD3

Autopsy

Access Data FTK.

Encase Version 7.12

Accomplishments

Declaration

2c342af0-cbed-4534-8da0-15f8aa81ed56

Andrew Smith


Phone:

(000) 000-0000

Email:

[email protected]

Address:

287 Custer Street, Hopewell, PA 00000

Professional Summary

Innovative, passionate, and professional Cyber Security Analyst with experience in multifaceted roles collaborating business development, security concepts, and delivering appropriate technology solutions for local and cloud security. Skilled in the areas of data aggregation, multi-factor authentication, endpoint protection, and vulnerability management. Motivated and eager to advance my career with a growth-oriented, technically-advanced, and structured organization.

Employment history

Oct. 2019 – Present
Kirbyville, New Jersey
Cyber Security Analyst, Sipes-Marvin

  • Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
  • Review violations of computer security procedures and discuss procedures with violators to ensure violations are not repeated.
  • Modify computer security files to incorporate new software, correct errors, or change individual access status.
  • Train users and promote security awareness to ensure system security and to improve server and network efficiency.
  • Monitor current reports of computer viruses to determine when to update virus protection systems.
  • Confer with users to discuss issues such as computer data access needs, security violations, and configuration changes.
  • Perform risk assessments and execute tests of data processing system to ensure functioning of data processing activities and security measures.

Jun. 2018 – Aug. 2018
Schummshire, Rhode Island
Information Security Professional Apprentice, Blick-Pfeffer

Information Security support for Data, Endpoint, Network, Security Operations, and Application teams with experience in the following technologies and/or concepts:
  • Active Directory
  • Oracle IAM
  • VPN
  • Proxy
  • Splunk
  • Algosec
  • Phishing
  • Sandboxing Malware
  • Multi-factor Authentication

Education

Jul. 2019
Bachelor of Science: Cyber Security

  • Northern Georgia University – East Hiramville, Rhode Island

Jan. 2017
Associate of Applied Business: Networking Software

  • Southern Kertzmann – East Hana, South Dakota

Skills

AWS
Beginner

Atlassian
Skillful

Microsoft
Skillful

Crowdstrike
Skillful

Firewall
Skillful

Splunk
Experienced

Multi-factor Authentication
Skillful

Tenable
Skillful

Linux
Beginner

Pulse Secure
Beginner

f8362584-4ce4-48bf-b41f-fc38e3c83c6d

Andrew Smith


287 Custer Street, Hopewell, PA 00000

[email protected]

(000) 000-0000

Professional Summary

Experienced in cyber security specialist area. Highly organized computer technology professional with exceptional attention to details and critical thinking skills. Interested in the position of technical field.Talented individual with information technology background, strong desire to grow technical skills, and ability to learn new technologies swiftly. Looking for a challenging position in a progressive organization. I can make use of my skills and capabilities for a long term growth of the organization and self.

Employment history

Cyber security analyst, Terry LLC. Riceborough, Connecticut
Oct. 2019 – Present
  1. Provided cyber security support and evolution to develop clients.
  2. Conducted and coordinated workshops, seminar in ‘Cyber security and ethical hacking’  with several schools and colleges.
  3. Performed penetration testing for websites.
  4. Worked in both Linux and Windows environments.

Data Entry, Zboncak-Macejkovic. Croninchester, South Carolina
Aug. 2018 – Oct. 2018
  1. Provided guidance and information of school app to teachers and jilla panchayath.
  2. Entered data in to the school app.
  3. Maintained complete activity and usage of app.
  4. Handled and reviewed weekly calls.

Education

Southern Feil University, Nitzscheview, Nevada
DIPLOMA IN INFORMATION SECURITY, Front runner program, Apr. 2019

Southern Flatley College, West Tomikamouth, Oregon
Bachelor Of Technology, Electronics and communication, Jul. 2017

Dare Institute, North Ottoberg, Louisiana
HIGHER SECONDARY, PLUS TWO, Aug. 2013

West Denesik, Lake Alexander, Alabama
High School Diploma, SSLC, Jun. 2011

Languages

English

Malayalam

Tamil

Hindi

Skills

Nessus Essential

Burpsuite Professional

MS office

Data Entry

Linux

dcdc5e9a-973a-477d-b049-8b5ce9cecba0

Andrew Smith


287 Custer Street, Hopewell, PA 00000

[email protected]

(000) 000-0000

Employment history

Cyber Security Analyst, King-Ward. West Carlosshire, Illinois
Feb. 2020 – Present
Cyber Security Analyst – (Pentester), 01/October/2019 to Current
Cyber Cube Services Pvt. Ltd.

  •  Performed penetration testing on various Companies infrastructure and vulnerability assessment of database servers
  • Performed dynamic and static analysis of web applications using Burp Suite Professional. Analyze systems for potential vulnerabilities that may result from improper system configuration, hardware or software flaws, or operational 
  • Performed vulnerability assessment and penetration testing for Cyber Cube clients for vulnerabilities based on the web application and network. Conducted white/gray box penetration testing using  Kali  Linux, Nessus pro, etc.
  • Reviewed security documentation and make a recommendation.  Assisted  in  conference  call  meeting  with Developer to mitigate vulnerability findings 
  • Port scan servers using NMAP and close all unnecessary ports to reduce the attack surface
  •  Performed live packet data capture with  Wireshark to examine security flaws.  Used SQL injections techniques of exploiting Web applications that use client-supplied data

Penetration Tester, Buckridge-Grant. West Ozzie, Georgia
Dec. 2018 – Mar. 2019
Worked with many freelancing projects of Web application Security Testing, Network Assessment & Penetration Testing, and Vulnerability Assessment. 

Intern Security Operations Center (SOC), Ortiz, Hills and Osinski. Lindgrenfurt, Massachusetts
Jul. 2015 – Nov. 2015
TruShield is a leading provider of risk assessments, continuous security monitoring (CSM), and managed IT security services.

  • Providing the client with TruShield CSM solution which included management and monitoring of firewalls, mail and web gateways, endpoint protection, and 24×7 security monitoring of over 15 billion dollars in assets located all over the world both in the commercial and government sectors.
  • Worked on AlienVault OSSIM (Security Information and Event Management)

Professional Summary

 Penetration Tester with more than 2 years of experience in various domains such as 

Manual and automated Web application security testing & Android application security testing 
Network Vulnerability Assessment and Penetration Testing
Vulnerability scanning 
Wireless testing and Router Exploitation
VAPT Report writing 

• Knowledge of Source Code Review of Android Applications and Web Applications using various tools.
• Proficient in Linux operating system (Kali Linux), Burp Suite, Nessus, Metasploit, SQLi, etc.

• Extensive knowledge of hardware, software, and networking technologies to provide a powerful combination of analysis, implementation, and support

• Managed the cycle of project continuity, reviewed the technical work of the team, and ensured the quality of service deliverable. 

• Skilled in Customer relations and business requirement gathering. 

Education

North Streich University, New Otto, South Carolina
PGDM, IT, 2018

Southern Dare, New Rosendoview, Wyoming
BBA (CAM), Computer Aided Management, 2015

Certificate and Training

Skills

Knowledge of operating systems, application software and cyber security tools Remote access support

Experience with tools: Aircrack-ng, Hydra, Burpsuite, Metasploit, OWASP-ZAP, Nmap, Sqlmap, John-Ripper, Nesuss.

OWASP top 10

Android Application Security Testing

Source Code Review

Web Application VAPT

Strong Report Writing

Vulnerability Assessment

Network Vulnerability Scan and Penetration Testing

Kali Linux

cyber security analyst

  • On The Spot Award – Dev team UIDIA
  • Star of the Month Award – Dev team 
  • Contributing to in-house SIEM tool (BlueScope) by testing, providing feedback and working with software developers and data scientist.
  • Responsible to handle clients request and questions received via phone/email and detailed investigation to resolve informational security incident and alerts.
  • Creating on-demand & daily reports for Global customers using HP ArcSight, reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs).
  •  Incident management for Global Security teams of HCL & Creating custom rules, filters & deploying them over SIEM tool. 
  • Performing monitoring of all the logs coming from respective clients on Arcsight console. 

senior cyber security analyst

  • Lead team of Interns for Incident Response Management and train them on required skills matrix.
  • Achieved 100% compliance in Security training for the account by planning the training process systematically and executing it effectively.
  • (S)miles Award – Talent Acquisition Group
  • Applause Award – Cyber Security Unit

cyber security analyst

  • Testing security level in natural environment systems.
  • Conducted various Network assessment using various tools like nmap,Open VAS , Wireshark and Metasploit etc. also used kali Linux for various assessment.
  • Achievements and Appreciations:
  • Appreciated by the Client for showing exceptional analytical abilities while performing application security for finding out major logical flaws in the application.

cyber security analyst

  • Event Detection – Following an established, documented process for event detection including but not limited to:Receipt of Security Alerts, (and Operational Health Alerts from Security Devices) from monitored devices and associated technology
  • Acknowledgement of receipt of the event
  • Opening new service desk tickets, or update existing tickets in order to track event handling through its lifecycle to resolution and closure.
  • Assignment of the event ticket to the appropriate owner.

cyber security analyst

  •  ArcSight 
  •  Working on the HP ArcSight SIEM tool in Hcl Technologies.
  •  Contributed organization effectively as an ArcSight SIEM Engineer utilizing my expertise in ArcSight ESM & handling daily Security Operations & needs for global customers. Updating Global customers through latest Security Advisories to mitigate modern threats.
  •  Installed and configured an ArcSight ESM SIEM tool from scratch & observed device Integration of multiple Log sources with the ArcSight Connector appliance. Administer connectivity between ArcSight systems with client consoles, connectors.
  •  Installing smart connectors on both Arcsight 6.8 & 6.11 console. 
  • Clearing Backlogging (i.e. Cache files) and also performed the troubleshooting of the connector to resolve and maintain the connectors health. 
  •  Worked on Trends, Filters, Dashboards, Active Channels, Active lists & SOC advisories (i.e. update information about vulnerable systems in security environment).

cyber security analyst

  • Hunt for abnormalities and anomalies using various SIEM (Security information and event management) and data visualization tools to detect TTP(Tactics, Technique and Procedures).
  • Security and network log analysis to detect attack origin, attack behaviour and attack spread.
  • Identify detective security gaps within the network with the recommended approach.
  • Contribute to the fine-tuning of use-case on SIEM to enhance threat detection capabilities.
  • Develops new detective and advanced use-cases on multiple SIEM
  • Creation and automation of security and operational reports on SIEM and PowerBi to enhance insight and visibility.
  • Develops dashboards to correlate different events to detect unknown threats and threat actors.

cyber security analyst

  •  Penetration testing & Vulnerability assessment of both intranet & internet application. •Well trained in the application security testing methodology with a strong basic knowledge in SQL Injection, Cross-Site-Scripting, Business Logic Bypass, & other various attacks. 
  • Efficient in tools like Burp Suite, IBM App-Scan, Acunetix, SSLyze, SSLscan, Nmap, Ettercap, Yasca, ZAP, SQLMap, Nikto, adb,jadx, QARK, BASH Script etc.
  • Experience in the field of Cyber Security such as Vulnerability Assessment and Penetration testing of Application Security, Network Security and Mobile application.
  • Conducted Web and Mobile Assessment for Various Government and Private Clients for around 30+ Applications.
  • Conducted Audit of UIDAI requirement on various client sides and also currently engaged in this.
  • Worked on various tools like Burp suite, Accunetix , HP Web Inspect , Sqlmap , Netcat , SSL lab , SSLyze, SSLscan etc. for web application assessment .
  • For mobile application security Dex-2-jar, Jd-gui, QARK, Mob-SF , Genny motions, Android Tamer, burp suite etc.

cyber security analyst

  • Monitoring and analyzing 
  • Intrusion Detection Systems (IDS). Anomaly Detection Systems (ADS). Firewall event logs. Security Incident. ArcSight (SIEM) Solutions. Anti-Virus. Web Proxies. Vulnerability Assessment tools. 
  • Assisting in Computer Security Incident Response activities for large organizations
  • Working with first, second & third line security analysts (Internal and External) to identify various malicious threats in enterprise environments
  • Reviewing attack information from other analysts in preparation for release to or onward review
  • Ensuring timely accurate communications of alerts to IT, Network or Security groups regarding intrusions and compromises to their network infrastructure, applications and servers 
  • Assisting senior analysts with the implementation of counter-measures or mitigating controls

cyber security analyst

  • Apply Security Practices in the Development of the In-House product.
  • VAPT of the end product (Automated and Manual).
  • Automating the process with shell scripting (Server Deployment).
  • Making & understanding of IT Security Policies and implementation.
  • Leading R&D Team.
  • Setup of infrastructure network and its security.
  • Conducting security sessions for non-technical colleagues.

cyber security analyst

  • Continuous monitoring of Network using SIEM.
  • Created Python Script to Analyze Firewall logs and generated reports.
  • Gathered Threat Intelligence using Different OSINT Platforms.
  • Support Organization with Different ongoing or upcoming Projects.
  • Big Data Analytics using ELK Stack.
  • Enterprise level Data Analytics and visualization.
  • Created Malware Analysis Lab to Identify, behavior & characteristic of malware and etc. 

cyber security analyst

  • Guided students with Penetration Testing and Ethical Hacking courses.
  • Provided workshops to 200+ students in Rajasthan.
  • Worked on various Cyber Crime Cases.
  • Have Interned Mr. Rizwan Shaikh, a renowned Ethical Hacker and Cyber Crime Investigator and also the CTO of Pristine Infosolutions.
  • Knowledge of many attacks and there prevention’s.

cyber security analyst

  • Have worked on  Independent projects of Network Vulnerability Assessment, Web Application Security and Mobile Application Security. 
  •  Hands-on for various Enterprise tools like Checkmarx, Blackduck, HP Fortify, Webinspect, Peach ,Adweb,BurpSuite, Nessus. 
  •  Attended internal training on basics of Threat Hunting and ISMS. 
  • Worked as resident security analyst at NPCI (National Paymets Corporation of India), Mumbai for 2 years with following responsibilities : 

cyber security analyst

  • Addressing the compliance issue for servers and workstations. 
  • Assigning the right required policy for servers and workstation as per compliance recommendation.  
  • Worked as part of a growing team, to disseminate information to others- which makes us continually improve. 
  • Providing various communications, shift handovers and incident documentation, maintaining high level of confidentiality and integrity. 

cyber security analyst

  • Worked on different types of authentication like Smart credential, Soft Token, Grid, SMS. 
  • Creating policies and roles in admin console. 
  • Hands on Experience in TrendMicro DSM 
  • Handles 800000 Nodes includes servers and Workstations. 

cyber security analyst

  • Perform RCA on tickets which did not meet the SLA or a Problem or a high priority ticket.  
  • Network Security using Mcafee IPS/IDS M & N Series, Also NSM v9.3  
  • Hands on experience in Entrust product Identity Guard v12. 
  • User creation and user management and troubleshooting with user for Enrolment. 

cyber security analyst

  • Participating the CAB meeting to approve the CR before implement.  
  • Handling Problem incidents, SR & CR as per ITIL process.   
  • Generating and submitting the Daily, Weekly and Monthly DAT/Threat compliance reports.  
  • Maintaining SLA compliance level 100% for Servers and 95% for Workstations.  

cyber security analyst

  • Document computer security and emergency measures
  • Establish and maintain relationships with individual or business customers or provide assistance with problems these customers may encounter measures policies.
  • Responsible for handling the escalations from within the team and from the end users.  
  • Extensively working on Critical escalation and being the Point of contact for customers for any critical issues on Virus infections.  

cyber security analyst

  • Creating task for automated report to the respective stakeholder as per the requirement from ePO Console.  
  • Performing Daily Health check on ePO servers, its reporting systems, remediation of non-complaint systems.  
  • Analysing the Scan reports for threats and remediate the threats.  
  • Troubleshooting McAfee Agent, VSE & SAE related issues.  

cyber security analyst

  • Monitoring of events & alerts from a multitude of technologies (SIEM) to detect malicious activity and security threats. 
  • Collection of necessary event logs that could help in the incident containment and security investigation. 
  • Detailed analysis using a variety of tools and techniques to investigate, navigate, correlate and understand security incidents.
  • Investigate and differentiate false positives from the intrusion attempts. 
  • Execute analysis of email based threats to  include understanding of email communications, platforms, headers, transactions and identification of malicious tactics, techniques and procedures. 
  • Ability to develop effective solutions to unique   problems using a combination of existing tools.
  • Responsible for preventing data loss and service interruptions by researching new technologies that will effectively protect a network.

cyber security analyst

  •  Performed penetration testing on various Companies infrastructure and vulnerability assessment of database servers
  • Performed dynamic and static analysis of web applications using Burp Suite Professional. Analyze systems for potential vulnerabilities that may result from improper system configuration, hardware or software flaws, or operational 
  • Performed vulnerability assessment and penetration testing for Cyber Cube clients for vulnerabilities based on the web application and network. Conducted white/gray box penetration testing using  Kali  Linux, Nessus pro, etc.
  • Reviewed security documentation and make a recommendation.  Assisted  in  conference  call  meeting  with Developer to mitigate vulnerability findings 
  • Port scan servers using NMAP and close all unnecessary ports to reduce the attack surface
  •  Performed live packet data capture with  Wireshark to examine security flaws.  Used SQL injections techniques of exploiting Web applications that use client-supplied data

cyber security analyst

  • Malware Tracking and Erasing
  • High operation work using Windows
  • Monitor current reports of computer viruses to determine when to update virus protection systems.Modify existing software to correct errors, to adapt it to new hardware, or to upgrade interfaces and improve performance.
  • Responsible to contact to the Client’s Senior Consultant and help them in understanding the AV infrastructure Environment.  

cyber security analyst

  • Developed Scripts for various Security Solutions Implementations using C#, PowerShell and Python
  • Implemented Security Solutions into CI/CD workflow (DevSecOps) 
  • Implemented and maintained Unidirectional Security Gateways
  • Strong knowledge and practical experience  in varied IT departments – System, Network and Security
  • Working with DevOps and Development teams 

cyber security analyst

  • Hands on experience in upgrading the McAfee products like Agent, VSE and other products in overall environment.  
  • Hands on experience in McAfee ePO server 4.x, 5.x & ENS. 
  • Responsible for maintaining 200000 nodes are getting DAT updated daily.  
  • Design, Implement, recommend and manage the Endpoint security solutions (VSE, HIPS, Antivirus) as per the requirement and present state of the security in the client environment.  
  • Installation, configuration and maintaining of McAfee ePO server, Repositories and Agent Handlers.  
  • Upgraded the McAfee server from 4.6 to 5.1.1 and 5.1.1 to 5.0.9 (ENS) versions.  
  • Responsible for policy configuration for all the McAfee components and the same is deployed to the clients.  

cyber security analyst

  • Perform threat analysis with SIEM tool IBM Qradar by identifying, reporting and resolving incidents with root cause analysis.
  • Provide periodic Vulnerability analysis report with Tenable IO and perform administrative tasks by making policies, scanning and reporting.
  • Prepare network and security related reports with Administrative skills in Symantec Endpoint protection and Proxy SG with broad knowledge of network architecture.
  • Assist in integration of SOC Environment, coordinating with other teams and users and auditing existing processes and documentation in order to identify opportunities for improvement.
  • knowledge of IAM tool CyberArk, latest security technologies and training for penetration testing.

cyber security analyst

  • Monitor/detect various attacks against publicly facing infrastructure which have the capability of      halting or significantly impacting internet services for a prolonged period of time by using Arcsight and Qradar. 
  • Investigating and troubleshooting all threats events detected from crowdstrike
  • Provide 24×7 on call support during incidents where required. 
  • Raising Alerts for different incidents. 
  • Aggregating and Correlating the Logs and Configuring Reports, Queries, Rules, Filters, Dashboards, Real Time Alerts and Console Resource Operations. 
  • Creating Active Channels for fetching optimized raw logs. 
  • Analyzing suspicious events and finding patterns. 

cyber security analyst

  • Splunk Engineer.
  • Use case developer.
  • Creating Dashboards and Reports.
  • On-boarding security relevant data to splunk.
  • Understanding client/sme requirements to deliver high. performance and expected results
  • Main motto is to enhance security by detecting/alerting any possible threats to Business.