Cyber Security Professionals Resume Examples

Areas of Expertise

⦁ Vulnerability Assessments

⦁ On-going Technical Support

⦁ Database Management

⦁ IT Governance & Risk Management

⦁ Compliance Assurance

⦁ Network Maintenance & Security

⦁ Team Leadership & Development

⦁ Penetration Testing & Digital Forensics

⦁ Operating Systems Security

⦁ Data Security & Integrity

⦁ Incident Response & Reporting

⦁ Network Security & Threat Intelligence

⦁ Intrusion Detection & Prevention

⦁ Adaptive Security Appliance Management


⦁ Risk Assessment & Mitigation

⦁ Agile Methodologies

⦁ Team Leadership & Staff Development

⦁ Data Security

⦁ Security Software & Controls

⦁ Cross-functional Collaboration

⦁ Security Risk Management

⦁ Compliance Assurance  

⦁ Relationship Management

⦁ Stakeholder Engagement

⦁ VPNs Configuration

⦁ Penetration Testing

⦁ Complex Problem Resolution

⦁ Continuous Improvement

⦁ Digital & Memory Forensics

⦁ Network & Logs Analysis

⦁ Data Security & Integrity 

⦁ Microsoft Windows Security

⦁ Vendor Engagement

⦁ Endpoint Detection Analysis

⦁ Hardware & Software Troubleshooting

⦁ Networking & Virtualization

⦁ Cloud Computing 

⦁ Cyber Security Initiatives

⦁ Network Security

⦁ Mobile Devices Security

⦁ Firewalls Management

⦁ Technical Support


Professional Summary and Experience of Cyber Security Analysts

Dedicated professional with recent education and comprehensive knowledge across cyber security and information technology to align security architecture plans/processes with future business objectives. Proven ability to develop and test security frameworks for web-based applications. Expert at planning and deploying robust network defense strategies. Adept at collaborating with cross-functional teams and stakeholders during project execution to ensure attainment of collective goals and vision.

Highly analytical professional with 15 years of experience across cyber security, compliance assurance, and IT governance. Proven success in documenting security alerts and incidents in line with defined MoD policies and procedures, while escalating complex issues to network engineers for more in-depth technical analysis. Proven ability at conducing technical security audit processes specific to customer systems, including managing controls, performing auditing, and examining system accounting and event logs, as well as performing manual accounting and audit logs for suspected attempted and actual breaches in security in accordance with set requirements. Adept at collaborating and liaising with key stakeholders for all security related matters. Demonstrated history of working in high pressure operational environments for both MoD and Fire Service. Security cleared DV holder.

Technical-minded professional with 10 years of experience across cyber security, vulnerability assessment, threat hunting, and information security analysis. Excel at managing all aspects of security engagements from inception to completion. Skilled at uncovering and mitigating threats leveraging Intrusion Detection/Prevention Systems (IDS/IPS) and Security Information Event Management (SIEM) tools. Expert at conducting in-depth analysis and review of security events, logs, and network traffic to discover potential, successful, and unsuccessful intrusion attempts. Skilled at planning and deploying robust network defense strategies. Adept at hunting and researching potential malicious activities and incidents across multiple platforms and networks by utilizing advanced threat network and host-based tools. Adept at collaborating with cross-functional teams and stakeholders to ensure attainment of collective goals.

Versatile, highly-analytical, and dedicated professional with hands-on working knowledge in several facets of IT, including data security, network hardening, and cybersecurity prevention/awareness. Possess in-depth knowledge and robust working understanding of several technologies, encompassing endpoint protection, network security, cloud computing, virtualization, software/hardware troubleshooting, system protection, and firewall. Proven ability to utilise sound judgement and excellent assessment skills to address and resolve complex information security issues and embrace challenges with unique blend in virtual environment.

Highly analytical, accomplished, and technical-minded professional with comprehensive experience across cyber security, including development/deployment of security solutions, assessment of privacy controls, and identification/mitigation of risk. 

• Adaptable to ever-changing demand of working environment with a track record of coordinating diverse-natured activities. 

• Proficient in SDLC and RMF processes, as well as possess in depth-knowledge of NIST 800 series, FIPS 199, FIPS 200, FedRAMP, OMB, and FISMA standards.

• Proven success in leading high-performing teams, managing complex project, and delivering IT/digital solutions with keen focus on cyber security.

• Demonstrated history of conducting research, making on-site visits, analyzing data, evaluating quality control checks, and confirming compliance with set regulatory guidelines.

• Expert at developing and maintaining professional relationships with stakeholders at all levels leveraging interpersonal communication skills.

Day-to-day job duties of Cyber Security Professionals

Direct all activities related to monitoring of sensor data to maintain Information Assurance (IA) via effective computer network defence strategy in 24/7 working shift pattern. 

Report all findings in accordance with current procedures by conducting log analysis. 

Deliver exceptional support in assessment of potential IA impacts, while developing strategies to mitigate risks through 2nd/3rd line analysis.

Ensure adherence to policies, procedures, and orders to maintain accurate records of activities by utilizing Security Operations Centre (SOC) management tools.

Lead and train shift personnel in line with current training guidelines.

Communicate with relevant organisations to manage operational security events. 

Deliver timely reports to upper management on ongoing security events, current status, and future actions. 

Execute routine Quality Assurance (QA) assessments as per defined operating procedures. 

Research and maintain up-to-date knowledge on current vulnerabilities and exploits.

Cyber Security  lead overs end-to-end functions related to the compilation of patching and vulnerability across defence estate for reporting to senior command. 

Enhance patching processes and reduced vulnerabilities by partnering with service delivery partners.

Identify zero-day exploits and collaborated with teams to uncover and mitigate security associated risks across estate. 

Compile vulnerability assessment reports during site visits by working with technical testing teams.

Resolve issues and reduced risks by executing action plans in accordance with MOD policies. 

Gather and compile snapshots of defence estate for given scenarios by utilising bespoke software.

Act as key point of contact for communication with accreditors and execution of risk profiles for non-compliant systems, while escalating issues through management chain.

Deliver updates and resolution timelines on incidents with potential impact on MOD operations by attending high-level operational briefings. 

Head efficient management of network outages across the defence estate.

Engage with service delivery partners to uncover and resolve issues, as well as delivered expected timescales for resolution.

Gather and deliver monthly statistics and Key Performance Indicators (KPI) reports for service delivery, finance team, and eternal stakeholders.

Execute routine operations related to cyber and information security, as well as oversee incident response and deliver proactive services to IBM internal teams.

Collaborate with IBM business units to improve overall security by responding to key incidents, including resolution of security incidents and managing active threats leveraging security intelligence.

Deliver exceptional cyber and network security support to counter vulnerabilities, minimize risk, and enhance overall security framework for enterprise customer networks of Fortune 100 companies.

Cyber Security managers guide technical and non-technical users on information policy, security, and procedures. 

Act as key professional in development and execution of SOC by establishing policies and procedures. 

Perform real-time network and host monitoring analysis by utilizing Intrusion Detection/Prevention Systems (IDS/IPS) and Security Event and Incident Management (SEIM) tools.

Provide high-level technical support to Fortune 100 customer networks by designing, deploying, troubleshooting, and validating robust solutions across Cisco firewalls, F5 load balancers, DNS, and L2/L3 networks. 

Design, deploy, troubleshoot, and maintain firewalls and Virtual Private Networks (VPNs) over IPSEC and site-to-site tunnels, while performing traffic analysis in response to Distributed Denial of Service (DDoS) attacks.

Oversee several facets related to development of Security Assessment Plans (SAPs), while providing evaluation of security control selections across various moderate impact level systems to confirm absolute compliance with NIST SP 800-53A Rev 4.

Supervise routine security control and artifact gathering conference with key stakeholders leveraging robust techniques of interview, examination, and testing. 

Cyber Security analysts review and analyze Security Assessment Report (SAR), as well as recommended preemptive actions for failed controls and vulnerabilities.

Steer SIA kickoff calls to determine significant change in project, while assuring project requirement for Security Impact Analysis (SIA) report and Security Risk Assessment (SRA) letter.

Deployed Risk Management Framework (RMF) in accordance with NIST SP 800-37.

Analyze and assess security categorization of systems by utilizing FIPS 199 & NIST SP 800-60, as well as updated technical, operational, and management control families/controls by using NIST 800-53 Rev 4 and FIPS 200 guide. 

Steer security authorization deliverables, encompassing system security plans, security review reports, risk assessment plans, and POA&M. 

Establish Authorization to Operate (ATO) packages, as well drafted, finalized, and offered Privacy Threshold Assessments (PTAs), Privacy Impact Analyses (PIAs), E-Authentication Assessments, and System of Record Notices (SORNs) for yearly review and re-certification.

Execute routine audits/assessment for current and potential suppliers through effective questionnaires, regular site visits, and documentation review, including evaluation reports (ex.Soc 2) to uncover several control deficiencies and risks. 

Cyber Security analysts deliver overall onsite/virtual vendor risk evaluation to uncover potential and re-evaluate existing risks.

Track, maintain, and report various third-party risks to key stakeholders. 

Liaise with stakeholders to deliver vendor information security concerns, while ensuring absolute awareness of related risks and critical actions required to remediate. 

Devise and implement onsite security/risk assessments for third-party vendors.

Administer overall scrum lifecycle, including management of progress blockers and removing impediments. 

Resolve day-to-day issues by liaising with team, reporting impediments for escalation, and identifying various risks/concerns to key stakeholders.

Liaise with plan and coaching teams to ensure implementation of  agile development principles. 

Train PO team on backlog refinement and prioritization to support product owner for managing product backlog, maintaining focus on delivery of features, and high quality.

Cyber Security analysts track progress and led scrum team to understand concept/values of Scrum framework leveraging burn-down and burn-up charts.

Provide end-to-end support with Splunk training to level-I SOC Analysts, including general information, security knowledge, and industry best practices. 

Train and mentor high-performance team through simulation of live attack by ingesting data into Splunk while showcasing “how to proceed with remediation of discovered attacks”.

Gather, evaluate, and monitor all clients’ infrastructure needs and implement various rules set as per customized requirements through deployment of Splunk Enterprise Security.

Cyber Security professinoals implement various Splunk applications in line with set requirements, including Splunk Enterprise Security, Splunk Enterprise, Splunk Stream, HTTP Event Collectors, and several TA applications to assisting SOC team tune their dashboards.

Collaborate with Active Directory Federation Service on Windows 2016 and 2019 server to confirm team access to network resources in line with defined group policies.

Perform routine maintenance and hardware upgrades on PCs and patched Operating Systems (OS) with latest updates. 

Manage all client training and client health logs as per set HIPAA guidelines while storing data for long term record keeping on air-gapped file server. 

Establish work plans, oversaw budget, and managed projects schedules for all IT systems related activities.

 Leverage project management principles in seamless implementation of all IT projects and fitness client training sessions.

Achievements & Accomplishments

⦁ Uncovered potential risks and vulnerabilities by conducting security audits.

⦁ Enhanced customer satisfaction by ensuring swift resolution to any bugs/issues across server and website. 

⦁ Regulated internal access to secure sensitive/confidential information, while monitoring use of data files.

⦁ Oversaw prioritisation of events in line with set SOPs whilst investigating, escalating, and reporting overall events within one hour during all shifts.

⦁ Liaised with relevant departments to resolve incidents effectively and quickly along with supporting team to maximise effectiveness of incident response time.

⦁ Researched and uncovered knowledge bases and existing information for prompt resolution of issues, as well as investigated all incidents via open-source online materials.

⦁ Updated and evaluated several use CASES and SOPS, redrafted and upgraded as per requirement due to processes transformation. 

⦁ Delivered exceptional contribution to training and development of new shift members regarding identification and resolution of potential activities in channels.

⦁ Transmitted incidents on to the next shifts for further investigation, managing each incident’s progression and leading shift handovers. 

⦁ Accomplished excellent productivity on CAT study plan, combining official instruction with own open-source research.

⦁ Identified and decreased vulnerability footprint and vulnerabilities risks during new systems migration. 

⦁ Collaborated with partners to ensure on time resolution of discovered vulnerabilities, as well as provided updates in high-level daily briefings.

⦁ Supervised team to discover footprint on compromised network and potential impact on MOD infrastructure by gathering and compiling data on number of networks and locations, enabling threat teams to conduct testing during site visits.

⦁ Served as key point of contact within Global Operations Security Control Centre (GOSCC) for military command and service delivery partners, ensuring constant communications and customer service presence.

⦁ Reviewed and prioritised work allocation across the team to meet with business needs.

⦁ Assessed, uncovered, and resolved issues with initial reporting processes and streamlined and improved their effectiveness, which resulted in efficient and more accessible reporting functions.

⦁ Conducted digital forensic analysis across Windows, Mac, and Linux platforms. 

⦁ Responded and mitigated incidents reported to Computer Security Incident Response Team (CSIRT), such as malware intrusions, advanced persistent threats, insider threats, and eDiscovery.

⦁ Carried out endpoint detection analysis of incidents by utilizing several EDR platforms, such as Carbon Black, CrowdStrike, MDATP, ELK, Splunk, and DLP solutions.

⦁ Assisted Security Operations Center (SOC) analysts in Indicator of Compromises (IOCs) and threat intelligence to perform proactive hunting engagements from incidents. 

⦁ Involved in hiring process by conducting technical interviews for analyst and intern positions

⦁ Developed and maintained pro-active threat hunting capabilities for malicious activities on host and network enterprise environments, as well as AWS and Azure cloud environments. 

⦁ Analyzed and determined requirements for in-depth analysis by performing initial assessments of type and extent of intruder activities.

⦁ Oversaw efficient management of event database, including recording and escalating suspicious events based on incidents classification.

⦁ Achieved promotion to Security Analyst II through exceptional performance.

⦁ Delivered feedback regarding efficacy of features, capabilities, and overall performance by reviewing vendor products.

⦁ Acted as technical resource and mentor to colleagues across the company.

⦁ Maintained on-site computers and printers, as well as delivered exceptional data and system support.

⦁ Carried out strict action against breaches of tenancy in accordance with set Stonham’s policies and procedures.

⦁ Directed routine functions involved in management services, comprising tenancy signups, voids management, housing inspection, and ABS management.

⦁ Examined health and safety standards as per set requirements, comprising weekly panic and fire alarm testing.

⦁ Served as key point of contact for customers and maintenance contractors working on ECHG schemes in Edmonton.

⦁ Delivered quality repair service to ECHG tenants, while raising work orders and logging repairs on academy by utilizing SOR Codes.

⦁ Finalized FIPS 199 workbook and determined high-water mark.

⦁ Developed Requirement Traceability Matrix (RTM) and documents, enabling evaluation, approval, and rejection of controls by utilizing NIST SP 800-53A guide.

⦁ Evaluated A&A package items by utilizing NIST guidance for FISMA compliance, including System FIPS 199 Categorization, e-Authentication Assessment, PTA, PIA, Contingency Plan (CP), and Contingency Plan Test (CPT).

⦁ Established Security Risk Assessment (SRA) documents and Security Impact Analysis (SIA) Reports through NIST SP 800-53 and FIPS 199.

⦁ Supervised efficiency of security controls through set NIST SP 800-137 guidelines.

⦁ Assessed, analyzed, and updated implementation of system security plan statements involving relevant controls to assign systems by using NIST 800-18.

⦁ Evaluated Project Level Critical Control (PLC) workbook, as well as interviewed key technical leads to confirm deployment of  critical controls by utilizing NIST SP 800-53 standards.  

⦁ Spearheaded risk controls documentation across vendor risk scorecard as per set Third Party Risk Management (TPRM) Policy and Risk Assessment Matrix. Reviewed multiple outsourced products/services associated with risks and criticality.

⦁ Analyzed several questionnaires and supportive documentations to authenticate vendor specific deployment of information security controls.

⦁ Developed and maintained user stories and strong product backlog by collaborating with team owner and team members.

⦁ Configured and deployed Splunk for easy scalability with simple amendments with configuration file.

⦁ Designed and deployed dashboards to enable Directors to oversee and manage user auditing, incident response event auditing, and various client metrics by gathering and analyzing information through Splunk.

⦁ Planned and implemented redundant storage to comply with NIST guidelines as well as DoD and clients’ requirements.

⦁ Devised and deployed three separate Network Attached Storage (NAS) servers to manage and organize hot, warm, and cold data storage while syncing to highly secured and encrypted private cloud storage.

⦁ Automated deployment of Splunk universal forwarders on endpoint through Windows Group Policy Update as well as enabled Security Operations Center (SOC) to monitor client’s endpoints by developing two custom PowerShell scripts.

⦁ Deployed a full custom Splunk environment handling over 5,000 endpoints containing three indexers, four search heads, one deployment server, one search head deployer, one cluster master, one monitoring console, and two license masters with one as redundant backup.

⦁ Deployed Docker in a fully containerized environment by configuring Splunk in virtual machines, which helped company to save money on hardware resources while providing environment with easier maintenance.

⦁ Configured and deployed Virtual Private Networks (VPNs), Firewalls, and Intrusion Prevention Systems (IPS) to secure fitness team network.

⦁ Supervised high-performance team while ensuring team adhere to defined security protocols in reducing attack surface.

⦁ Evaluated, configured, and implemented Splunk in line with customized companies’ requirements of clients tracking with gym, including fitness class attendances, customer support interactions, and status of their goal completions.

⦁ Steered scrum ceremonies including daily stand-up meetings, sprint reviews, sprint retrospectives, and sprint planning meetings. Liaised with team velocity and sprint/release progress within established reporting framework.