Antonio Hicks
Lawrenceville,GA
Summary
Personal attributes: dedication, integrity, and strong work ethic. A fast learner that adapts well to new challenges and job requirements. Able to approach extreme challenges with composure and clarity. Well organized, detail oriented and efficient. Able to plan, prioritize and complete multiple tasks in a thorough, efficient & accurate manner. Extremely service oriented and self-starting individual with a strong track record of success in problem solving skills. Confident, articulate and persuasive team-builder able to motivate and communicate effectively to maintain integrity of mission and vision while achieving exceptional business performance.
Overview
12
12
years of professional experience
1
1
Certification
Work History
Senior Security Analyst (CyberArk)
Veterans Affairs (Tista)
Lawrenceville, GA
07.2022 - 08.2023
- Proactive involvement in administration of the applications with a target to minimize business or operational impact
- Work closely with different areas of the business and IT, analyze the provided information, and make recommendations for change where applicable
- On-boarding/configuration of systems/applications to the various legacy or strategic IDAM (Identity and Access Management) solutions
- Support a CyberArk infrastructure that manages privilege Access to growing number of target platform, such as Windows, network switches/routers, VMWare ESXi and Middleware, Unix, DB's, custom connector builds, CP and CCP, upgrades and patching
- Investigate technical and user issues, performance issues and drive through resolution
- Develop and maintain tools to enhance efficiencies and productivities
- Serve as a point of escalation for issues regarding CyberArk and manage all incidents needing assistance from CyberArk or supporting team
- Research, escalate and reassign issues as appropriate
- Produce documentation
- Communicate and present to senior colleagues and other stakeholders
- Oversee changes or issues concerning interfaces with source systems to CyberArk
- Provide support to other client application teams for service account password changes
- Coordinate Quarterly maintenance activities
- Helping users create ePas and emass request to get privileged accounts to use cyber security tools, choosing the right systems and account types
- Worked with DUO, Okta and Ping for zero trust multifactor authentication
- Working as cloud administration on Microsoft Azure environments, involved in Azure ADConnect configuring virtual machines, Storage accounts and Azure resource groups
- Experience with cloud computing and Virtualization
- Strong Endpoint device support experience (i.e desktop computers, laptops, Surface hubs, Surface Pro)
- Administrator Azure AD users, groups, and devices, and participate in migration between on-premises and Azure AD through AD connect
- Hands on experience with Unix/Linux environment
- Perform automation tasks in PowerShell, Azure CLI and JSON form ARM templates
- Deployment of Virtual Machines to Virtual Networks using Azure portal or PowerShell
- Working Experience with Microsoft Azure Administrator like configuring availability sets, virtual machine scale set(VMSS) with load balancers, Virtual networks, network security group (NSG), Docker and Kubernetes
- Provision, manage and monitor storage accounts
- Ability to install Operating System on Servers and Devices
CyberArk - Technical Business Analyst
3 Dots (Metlife)
Lawrenceville, GA
01.2022 - 05.2022
- Clean-up of Safe Structure
- Naming changes and corrections to team safes, application Safes and accounts
- Name conventions to match Cherwell system – source of truth
- Documentation processes
- Perform component installation (CPM, PSM and PVWA)
- Minor version upgrades
- Create custom connectors
- Patching component servers
- Create accounts and safes adding users
- Set up platforms for accounts and rule for password length and duration
- Compliance for SOCS and PCI – troubleshooting failed accounts
- Day to Day operational functions
IAM CyberArk Security Engineer
Talentburst (Synopsys)
Lawrenceville, GA
08.2021 - 01.2022
- Assist in the operationalization of CyberArk EPM deployment including: agent deployment, policy management and tuning, troubleshooting and documentation
- Locate and evaluate software in various repositories for packaging, centralization, or deletion
- Create elevation policies with CyberArk EPM, using a best practice approach
- Work with application owners and IT admins to test and sign-off on their applications
- Provide regular updates to management on project progression, milestones and blockers
- Help execute operational tasks to support overall IAM program
Sr. Security Analyst
Primerica
Duluth, GA
02.2020 - 09.2021
- Receiving alerts from IPS (FireEye), DLP (Symantec), EDR (Carbon Black), TAP Alerts (ProofPoint) I conduct investigations to determine if there is anything suspicious or malicious from the notifications coming from the list of security tools, so that they can be remediated or flagged as false positives
- Correlate events and gathering more information to make determinations in SIEM (QRadar)
Security Operations Center Tier 2 Analyst
Pinnacle Staffing Agency
04.2019 - 02.2020
- Assist analyst investigation and ticket creation efforts
- Provide daily monitoring and alerting of events that occur within the near real time environment
- Manage the SOC mailbox, and monitor and analyze the emails for threats including phishing and malware, and escalates per procedure
- Monitor, evaluate, and assist with the maintenance of assigned security systems in accordance with industry best practices to safeguard internal information systems and databases
- Stay informed of current events in the security industry including the latest exploits and threats as well as preventative measures, remediation, and restoration techniques
- Oversee and ensure P1 and P2 incidents are handled according to operational procedures
- Document areas of improvement through after-action reports and work with necessary parties to resolve any findings
- Identify improvements within processes, procedures, policies, staffing, training, and tools to improve efforts and daily operations
- Assist in developing and maturing the future services and capabilities of the SOC, using Qradar SIEM, Carbon black EDR, ProofPoint Email gateway, Checkpoint Firewalls and other security tools.
Cyber Security Analyst
Country Financial
Alpharetta, Georgia
07.2015 - 02.2019
- Respond to CSIRT mailbox, escalating and remediating incidents
- Create objects and rules from request for Checkpoint Firewalls; placing SAM blocks on IPs that are scanning the network
- Using Bluecoat Reporter, scheduled reports malicious botnets, application downloads and potential infections
- Monitor and investigate TAP alerts from Proofpoint
- Remediating malware infections through virus scans using McAfee Anti-virus and tools such as Virustotal, Malwr and others to investigate malware alerts
- Respond to phishing alerts
- Use ProofPoint to blacklist email addresses block senders and IP addresses associated with SPAM
- Monitor spoofing and geo-location folders for suspicious email
- Checking shared drives for PII and escalate for quarantine or mark as false positive with McAfee DLP
- Now using Symantec DLP
- Monitor security events and logs from a variety of sources including firewalls, network and data at rest DLP, IDS/IPS, network devices, system logs, and other data feeds in order to detect security anomalies, provide analysis and respond with appropriate mitigation to prevent a security incident
- Interface with Security Risk Management and provide detailed analysis and information on applicable weaknesses and vulnerabilities
- Using Qualys we are scanning and reporting to different teams the vulnerabilities thy may have
- Checking to see if there are any compensating controls in place and to make sure patching stays on schedule
- Remediate and respond to Carbon Black alerts to files that are blocked, creating and tuning policy
- Investigate and remediate escalations from MSSP, Secureworks
- SIEM: Tibco Loglogic / QRadar
SOC Analyst
Fiserv
Atlanta, Georgia
04.2014 - 07.2015
- Perform analysis of log files
- Includes analysis of system resource access using Arcsight and Checkpoint Smartview Tracker also firewall health checks
- Monitor network security events received from alerts in Sourcefire IDS/IPS and Alertlogic, and then take appropriate action based on security policy
- Also monitoring the network for any anomalies and malicious/suspicious activity
- Perform vulnerability scans of devices sitting on the network using Qualys, gather reports and determine security levels from QID’s
- Blocking/blacklisting URL’s on the Bluecoat proxy, check proxy health and traffic
- Strong analytical and problem solving skills
- Incident response using Remedy ticketing system and Alarmpoint notifications to join bridges to remediate incidents
- Investigate and remediate SOC tickets from Dell Secureworks.
Security Analyst
Fiserv
Atlanta, Georgia
07.2013 - 04.2014
- Maintain certificate management operational guidelines and processes to directly support Fiserv’s security architecture and design to protect web sites, applications and the integrity of financial transactions
- Support existing SSL certificate management security solutions and partner with the security engineering team for the implementation and integration of any new enhancements made to Certificate Management security solutions in support of improving overall enterprise security
- Ensure certificate management security tools and solutions hardware/software/devices are operating effectively and updated in a timely manner
- Develop and maintain certificate management operating guidelines and procedures in support of Fiserv’s policies, standards and guidelines
- Determine appropriate levels of certificate management security configuration, controls and monitoring
- Use appropriate and effective measures to respond to certificate management network alerts and incidents
- Support the maintenance and deployment of new certificates, renewals and revocations in multiple ETG data centers
- Understand the latest key and certificate management threat techniques and support appropriate countermeasures, configurations and awareness
- Support X.509 certificate management technologies on multiple platforms for internal/external clients
- Overall central management of certificate management solutions
- Work with members of all BU and ETG staff to support the enterprise approach to key management and certificates
- Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise networks
- Perform certificate management ticket queue monitoring, resolution and prioritization, maintain diagrams and documentation as appropriate and support data reviews, auditing and maintenance activities
- SSL Certificate experience (root, intermediate, CSAPI, PKCS, certification stores, chains)
- Foundational network knowledge including load balancers, bindings and system configuration
- PKI and SSL exposure and experience, including a strong preference for industry tools used for Certificate Lifecycle Management (Venafi, Trustwave.).
Security Analyst
Park n’ Fly
Atlanta, Georgia
12.2012 - 06.2013
- Monitor IPS for security related events and implemented blocks based on analysis of traffic patterns using Sourcefire
- Assist in developing, defining, and directing the information security awareness program
- Definition and implementation of technology and policy architecture
- Coordination of Patch Management and vulnerability testing
- Proactive determination of trends related to predictive pathways, threat agents and attack vectors
- Monitor and manage Symantec Endpoint anti-virus software on all endpoints using central management console
- Provide Information Security training to new employees and administer semi-annual Security Policy awareness training
- Use of ticketing system to efficiently meet the clients’ needs
- Installed mobile device encryption technologies to employee company mobile devices
- Acceptable use/ Security policy creation and revision
- Physical security administration, configuration and installation of Genetec and Axis camera and NVR systems
- Document issues and their resolution in the incident management system.
Security Administrator
Home Depot
Atlanta, Georgia
05.2012 - 12.2012
- Monitor and audited Symantec Endpoint anti-virus software on all remote computers using central management console
- Utilize SIEM Log Rhythm to troubleshoot and identify issues
- Monitor IDS and IPS for security related events and implemented blocks based on analysis of traffic patterns
- Document issues and their resolution in the incident management system
- Utilize remote tools to troubleshoot and identify issues
- Use of ticketing system to efficiently meet the clients’ needs
- Eyes on glass monitoring of different security technologies.
Jr. Security Analyst
Staley Technologies
Norcross, Georgia
06.2011 - 04.2012
- Creating playbooks and procedures, documenting the process
- Monitor IPS for security related events and implemented blocks based on analysis of traffic patterns
- Remove virus from workstation while protecting data integrity
- Document issues and their resolution in the Incident Response program
- Handled abuse email through Abusix security tool.
Education
Bachelor of Science - Information Systems Security
Westwood College
Skills
- Cybersecurity Frameworks
- Protecting Networks
- Managing Security Breaches
- Monitoring Computer Viruses
- Information Auditing
- Critical Thinking Skills
Citizenship
Citizen
Ssn
3955
Certification
- CEH (Certified Ethical Hacker)
- Security+CE
- ITILv3
- Qualys Guard Certified Specialist
- Cyberark PAS certified Level2: Defender
Public Trust
Active
Personal Information
Date of Birth: 08/18
Timeline
Senior Security Analyst (CyberArk)
Veterans Affairs (Tista)
07.2022 - 08.2023
CyberArk - Technical Business Analyst
3 Dots (Metlife)
01.2022 - 05.2022
IAM CyberArk Security Engineer
Talentburst (Synopsys)
08.2021 - 01.2022
Sr. Security Analyst
Primerica
02.2020 - 09.2021
Security Operations Center Tier 2 Analyst
Pinnacle Staffing Agency
04.2019 - 02.2020
Cyber Security Analyst
Country Financial
07.2015 - 02.2019
SOC Analyst
Fiserv
04.2014 - 07.2015
Security Analyst
Fiserv
07.2013 - 04.2014
Security Analyst
Park n’ Fly
12.2012 - 06.2013
Security Administrator
Home Depot
05.2012 - 12.2012
Jr. Security Analyst
Staley Technologies
06.2011 - 04.2012
Bachelor of Science - Information Systems Security
Westwood College