Daniel Rono
Martinsburg,WV
Summary
A versatile IT auditor who has several years of experience in auditing and general experience. Possesses a well-versed exposure to internal control practices in the military and private organizations. Holds Security + CE and Certified Ethical Hacker certifications. Proficient in Windows, SQL, Internet/network security, Active Directory, risk assessment, vulnerability assessment as well as a host of cybersecurity tools. A self-starter who is committed to training and self-learning. A meticulous investigator by nature. Possess an understanding of incident handling and response. Currently enrolled and pursuing a Master’s degree in Cyber Security and Information Assurance, CHFI, CISSP, and CISA certifications. Organized and dependable candidate with experience in successfully managing multiple priorities with a positive attitude and willingness to take on added responsibilities to meet team goals. Information Security Specialist with a passion for aligning security architecture plans and processes with security standards and business goals. Versed in robust network defense strategies and a detail-oriented team player with strong organizational skills. Ability to handle multiple projects simultaneously with a high degree of accuracy.
Overview
10
10
years of professional experience
Work History
Cybersecurity Analyst
Evolve Security Academy
01.2023 - 07.2023
- A 20-week immersive cybersecurity training academy and apprenticeship program focused on performing live security assessments on non-profit organizations
- Assisted senior security professionals in conducting security assessments of client networks and systems, contributing to identification of vulnerabilities and potential attack vectors
- Collaborated with senior team members and clients to develop and implement effective security strategies and solutions, resulting in improved security posture and reduced risk of cyber attacks
- Developed, tested, and implemented security policies, plans, and, procedures for organizational protection.
- Executed penetration testing to identify security weaknesses and develop disaster recovery plans.
- Drafted security reports and metrics to track security performance and strategize improvements.
- Implemented security measures to reduce threats and damage related to cyber-attacks.
- Analyzed network traffic and system logs to detect malicious activities.
- Participated in incident response and remediation efforts, gaining valuable experience in responding to and mitigating security incidents
- Demonstrated understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs)
- Demonstrated sound understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements
- Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings
- Reviewed current and Open-Source intelligence for threats and to identify indicators of Compromise (IOCs)
- Utilized alerts from endpoints, IDs/IPs, NetFlow, and custom sensors to identify compromises on customer networks/endpoints
- Analyze massive log files, pivot between data sets, and correlate evidence for incident investigations and reported incidents to customers
- Triage alerts to identify malicious actors on customer networks.
- Recommend improvements in security systems and procedures.
- Authored security incident reports, highlighting breaches, vulnerabilities, and remedial measures.
- Created cybersecurity best practice communications to educate staff against known threats and potential vectors of attack.
- Developed and maintained incident response protocols to mitigate damage and liability during security breaches.
- Participated in the creation of device hardening techniques and protocols.
- Directed in-house cyber security auditing program to detect flaws and weaknesses in company security policies and procedures
- Designed company-wide policies to bring operations in line with Center for Internet Security (CIS) standards.
- Managed relationships with third-party intrusion detection system providers.
- Monitored computer virus reports to determine when to update virus protection systems.
- Educated and trained users on information security policies and procedures.
- Reviewed violations of computer security procedures and developed mitigation plans.
- Performed risk analyses to identify appropriate security countermeasures.
- Conducted security audits to identify vulnerabilities.
Revenue Auditor
Internal Revenue Service
10.2020 - 10.2021
- Evaluated risks and opportunities for information security audits, identifying potential vulnerabilities and opportunities for improvement
- Performed trend analysis on selected items of costs and expenses included in the tax return, identifying areas where cost savings could be realized
- Assisted in solving and interpreting complex tax problems and tax issues, ensuring compliance with relevant regulations and minimizing tax liabilities
- Maintained high standard of customer service through active support programs for continual improvement, ensuring that customer needs were met and exceeded
- Documented the results of audits and negotiations, including referencing supporting data and communications, ensuring that findings were accurately recorded and communicated
- Coordinated the overall completion of internal audits, ensuring that all stakeholders were informed and that audits were completed in a timely and efficient manner
- Reconciled costs presented in the tax return and the supporting financial data, including detailed cost schedules and depreciation schedules, ensuring accurate reporting of financial information
- Interpreted state and federal laws, accepted auditing principles and procedures and program standards to audited materials and data to detect non-compliance and facilitate recommendations.
- Investigated discrepancies discovered during the auditing process.
- Performed observations and evaluated supporting documents to supplement audit findings.
- Administered auditing program to address risks and evaluate compliance with regulatory requirements.
- Planned audits and audit activities to allocate necessary resources and determine the consistency of plans with audit objectives.
- Identified control gaps in processes, procedures, and systems through in-depth research and assessment and suggested methods for improvement.
- Executed audit phases and entered data into accounting software for analysis.
- Interviewed business owners and individual taxpayers to understand needs and explain audit scope.
- Assessed internal control risks of the network through information system audits.
- Developed audit policies, guiding administrative and technical functions.
- Adapted plans and schedules to meet changing priorities of work objectives, resources, and workload demands.
- Interviewed auditees to gather data needed to conduct audits.
- Planned and executed follow-up audits at appropriate intervals.
Healthcare Specialist
United States Army
11.2013 - 11.2017
- Managed soldiers' medical readiness, medical supplies, and equipment, ensuring that all soldiers were medically prepared for their duties and responsibilities
- Maintained soldiers' medical files and electronic records by HIPAA guidelines, ensuring that all medical information was accurate, up-to-date, and secure.
- Administered and prescribed appropriate courses of treatment.
- Developed health plans for patients to improve overall health or recover from injuries and illnesses.
- Advised and educated patients regarding diet, hygiene, and effective disease prevention methods.
Education
Master of Science - Cybersecurity And Information Assurance
Western Governors University
Salt Lake City, UT05.2024
No Degree - Cybersecurity Bootcamp
Evolve Security Academy
Chicago, IL07.2023
BACHELOR OF BUSINESS ADMINISTRATION - PROJECT MANAGEMENT
Liberty University
Lynchburg, VA12.2019
Bachelor of Business Administration - Accounting
Hofstra University
Hempstead, NY.05.2014
Skills
- Basic understanding of Information Technology concepts and Cyber Security Concepts
- Understands basic computer networking fundamentals
- Proficient in Windows, Linux, and Unix Operating systems
- Investigation Scope Determinations
- Critical Thinking and Analysis
- Risk Mitigation Strategies
- Auditing Processes and Procedures
- Regulatory Compliance
- Verbal and Written Communication
- Splunk SIEM
- Cybersecurity Policy Development
- Network Security Measures
- Incident Response Management
- Computer Forensics, IDS/IPS Integration, and Data Encryption
- Compliance with Security Requirements
- Vulnerability and Penetration Testing
- Critical Thinking Skills
- Symantec Endpoint Protection
Timeline
Cybersecurity Analyst
Evolve Security Academy
01.2023 - 07.2023
Revenue Auditor
Internal Revenue Service
10.2020 - 10.2021
Healthcare Specialist
United States Army
11.2013 - 11.2017
Master of Science - Cybersecurity And Information Assurance
Western Governors University
No Degree - Cybersecurity Bootcamp
Evolve Security Academy
BACHELOR OF BUSINESS ADMINISTRATION - PROJECT MANAGEMENT
Liberty University
Bachelor of Business Administration - Accounting
Hofstra University
Similar Profiles
Zarifa HasanovaZarifa Hasanova
Cybersecurity Student at Evolve Security AcademyCybersecurity Student at Evolve Security Academy
Sarah TamerSarah Tamer
Cybersecurity Apprentice at Evolve Security AcademyCybersecurity Apprentice at Evolve Security Academy
Ravelli MachadoRavelli Machado
Student Intern at Evolve Security AcademyStudent Intern at Evolve Security Academy
Corey WilliamsCorey Williams
Assistant Store Manager at Royal Farms, Two FarmsAssistant Store Manager at Royal Farms, Two Farms
Frederick BrehmFrederick Brehm
Management Team Member at Petco Animal Supplies Stores Inc.Management Team Member at Petco Animal Supplies Stores Inc.