Uploaded File
Christopher
Cyber Security Analyst
8 years experience W2 Orlando, FL
Actively seeking
Christopher
Cyber Security Analyst
59
views
0
Recommendations
Average rating
59
Profile views
Compliance Auditing Change Management Data Security Integration Testing Quality Assurance Selenium SQL Test Case Preparation Test Planning
Remove Note
View Note
Recent Experience
Cyber Security Analyst 07/19 - present
Compliance Cyber Security IDS Information Security IPS Security Analyst SIEM UDP TCP/IP Network Infrastructure Network Administration Firewall Splunk Microsoft Excel Social Engineering
Cyber Security Analyst 06/18 - 07/19
Compliance Cyber Security Security Analyst Network Administration Patch Management
Cyber Security Analyst 06/18 - 07/19
Compliance Cyber Security Security Analyst
Summary

  • An IT professional with 10 year of expertise in Information Security, Risk Management, Vulnerability Assessment, Control Review and Assessment with background in Software Quality Assurance seeking new challenges to leverage strong information technology security acumen.
  • From my previous and present experience, I have experience with baiting (USB Flash drive) and phishing attacks. To prevent those attacks, I work with the Software development team and other IT departments to conduct Penetration testing that uses Social Engineering techniques and enables the organization to learn which type pose the most risk for the specific attacks.

AREAS OF EXPERTISE

  • DoD & DDoS Cyber Security Policies
  • Risk Management Framework
  • Social Engineering
  • Security Architecture
  • Regulatory Compliance
  • Information SecurityAuditing
  • Network & Security Architecture
  • Identity Access & Management
  • Cryptography Techniques
  • Team Management & Customer Service
  • NIST Series Publications

Social Engineering experience:

  • Phishing - This is the most common threat and I work daily in educating staff on the importance of being careful about all e-mails they receive is crucial.
  • Spear Phishing - After the incident with our Account Dept and the training provided, I participate in spear Phishing by sending spam emails to the accounting staff with the hope of having them respond.
  • Baiting - After firewall upgrade alongside our Asset Management team. We left numerous infected USB drives in our customer service center. The USB was connected to an asset, but the Firewall prevented the installation of the malware.
  • Tailgating - Each employee requires multifactor access to gain entrance to the floor so it is not possible for tailgating to occur.
  • Pretexting - We randomly make a call to our customer service agent posing as a customer to get PII info, but base on the training provided, the agent requires HIPAA verification and the phone select option requires complete verification before initiating agent transfer.
  • Quid Pro Quo - Work with the Tech support to ensure that all agent calls are screen prior to assisting with tech support. Also, we call a selection of random numbers within an organization and pretend to be calling back from tech support. The organization trains everyone not to divulge any info that cannot provide the employee IDs.
  • USB drop attacks - After firewall upgrade alongside our Asset Management team. We left numerous infected USB drives in our customer service center. The USB was connected to an asset, but the Firewall prevented the installation of the malware.

Top 5 Skills
SkillsProficiencyLast Used
Compliance
2020
Auditing
2015
Change Management
2015
Data Security
2015
Integration Testing
2018
Education and Certifications
Master's in Health Administration and Informatics
University of Phoenix 2014
Bachelor's in Public Health
Ohio University 2011
Preferences
Availability:Immediately
Willing to relocate?:Yes
Relocation preference
Any location
Prepared to Travel:No travel (0%)
Employment Type:Any
Security Clearance:No clearance
Citizenship:U.S. Citizen