Summary
Overview
Work History
Education
Skills
Websites
Certification
Tools Technologies
Projects
Timeline
Generic

Herbert Muwanga

Wilmington,MA

Summary

Dedicated and results driven CISSP certified Security practitioner with over 5 years of extensive experience in Information Security, Cyber Security, security operations. Proven record of accomplishment of enhancing organizational security posture through the implementation of robust threat detection, security workflow automations and incident response strategies. Successfully reduced security incidents by 30% through proactive threat monitoring and 40% faster incident response times. Expertise in security infrastructure tools, including firewalls, intrusion prevention and detection systems, and SIEH. Adept at developing and implementing sophisticated detection and analytic rules to stay ahead of emerging security threats. Eager to contribute unique insights and capabilities to a dynamic team as a Security Operations Analyst III.

Overview

6
6
years of professional experience
1
1
Certification

Work History

Information Security Analyst II

Sonesta Group of Hotels
09.2021 - 09.2023
  • Achieved a 70% reduction in response time to critical incidents by creating and reviewing enterprise security playbooks and runbook, leveraged Incident Response capabilities to respond to phishing, malware, and forensic investigations.
  • Conducted and assessed Vulnerabilities using Tenable, producing reports that identified and prioritized high-impact security issues, including Zero-day threats, resulting in 30% improvement in vulnerability remediation efficiency.
  • Collaborated with operational support teams and mentored junior analysts in incident response, enhancing team efficiency by 25% fostering team growth and expertise.
  • Leveraged MITRE ATT&CK framework to develop monitoring and detention rules to identify emerging security incidents achieving a 40% increase in visibility across the environment.
  • Conducted proactive research into emerging threats and threat hunts identifying and mitigating malicious activities, resulting in 15% reduction in potential threats.
  • Performed compliance evaluations by utilizing One-Trust (GRC tool) to assess vendors and third-party parties against industry standards, ethical requirements of security and privacy reducing third-party risk by 25%
  • Leveraged reports and dashboards to investigate unauthorized access, revoked access, policy violations, monitored network baselines, and provided metrics for key performance resulting in 15% improvement in security posture.
  • Collaborated with the third-party SOC (ReliaQuest) designed and implemented security automation workflows, enhancing operational efficiency and timely and swift incident mitigation.
  • Acted as a point of contact during security incidents, offering guidance, coordination, and expertise in response and recovery efforts of resolving suspicious activity across multiple security platforms.

Cyber Security Analyst

Stanley Black & Decker
05.2019 - 08.2021
  • Monitored, investigated, and analyzed logs and alerts from various technologies (IDS/IPS, Firewall, Proxies, EDR, SIEM), achieving a 95% threat detection rate while staying updated on emerging threats and proactively conducted threat hunts.
  • Developed content for cyber tools defense tools, fine-tuned and managed SIEM rules, bolstered monitoring capabilities and reduced false positives by 20%
  • Conducted comprehensive vulnerability management using Balbix, resulting in 30% decrease in identified vulnerabilities and 40% faster remediation process.
  • Leveraged reports and dashboards to investigate unauthorized access, revoked access, policy violations, monitored network baselines, and provided metrics for key performance assessment, resulting in a 15% improvement in security posture
  • Acted as the initial point of escalation for MSP activities, ensuring 100% timely resolution and maintaining uninterrupted operations
  • Led cross-functional team efforts and Implemented the Zero-Trust model, network segmentation best practices, optimized security tool configuration and Vendor-best practices, leading to a 25% enhancement in Security Posture.
  • Designed company-wide policies to bring operations in line with Center for Internet Security (CIS) standards.
  • Created cybersecurity best practice communications to educate staff against known threats and potential vectors of attack
  • Authored security incident reports, highlighting breaches, vulnerabilities and remedial measures.
  • Designed company-wide policies to bring operations in line with Center for Internet Security (CIS) standards.
  • Drafted security reports and metrics to track security performance and strategize improvements

Information Security Analyst

Cambridge Savings Bank
02.2018 - 02.2019
  • Conducted Policy Compliance scanning using NIST CSF, achieving 95% compliance rate, and implemented configuration management measures resulting in 30% reduction in policy violations.
  • Executed vulnerability assessments using Rapid 7 VM, identifying and remediating systems through Ivanti, leading to 25% decrease in vulnerabilities within the organization.
  • Actively researched and documented emerging security threats from US-Cert and FS-ISAC bulletins, contributing to 15% improvement in threat preparedness and response
  • Produced meticulous documentation of incidents, analysis findings, and lessons learned ensuring timely response, mitigation, and remediation efforts.
  • Thoroughly investigated and responded to security alerts, leveraging security tools, and making valuable recommendations for security enhancements, resulting in 40% faster incident response time
  • Mentored and shared knowledge with team members, improving their skills and contributing to more knowledgeable and capable security team.
  • Drafted security reports and metrics to track security performance and strategize improvements.

Education

Master of Science - Information Assurance &Cybersecurity

Northeastern University
Boston, MA
05.2017

Bachelor of Science - Computer Science

Kyambogo University
Kampala -Uganda
02.2007

Skills

  • Security Assessments
  • Continuous learning
  • SOC Operations & monitoring
  • Incident Response
  • Threat Hunting& Intelligence
  • Vulnerability Management
  • Malware Analysis
  • Security Policy management
  • Email and Network Security
  • Cloud Security
  • Endpoint Detection & Response
  • Governance, Risk & compliance
  • Baseline Configuration
  • KPI & Metrics Reporting
  • Documentation& reporting
  • Analytical skills
  • Detail-Oriented
  • Collaboration &teamwork
  • Communication
  • Critical Thinking
  • Workflow Automation
  • Advisory and Guidance
  • Security Awareness Training & Mentorship
  • Root Cause Analysis
  • Incident Response: Expert in incident reporting, rapid detection, response, and root-cause analysis, swift containment of security threats
  • Risk Management: Proficient in assessing and mitigating security risks, specializing in third-party vendor assessments for supply chain security
  • Security Operations: Skilled in SIEM and SOC operations, monitoring multiple security platforms, for proactive threat detection and response
  • Cloud Security: Experienced in securing cloud environments, adhering to best practices for data confidentiality, integrity, and availability
  • Threat Management: Adept at gathering threat intelligence, conducting threat hunting, and analyzing malware to safeguard systems
  • Comprehensive Security: Well-versed in network, email, web-gateway security, and data loss prevention, ensuring holistic information security
  • Vulnerability Management: Vulnerability assessments, remediation efforts, and zero-day vulnerability management

Certification

  • AWS Security Associate, 09/2023 - Present
  • Azure Fundamentals, 08/2023 - Present
  • CISSP Certification, 09/2019 - Present
  • Certificate in Cloud Computing for Enterprises, 10/2017 - 01/2018

Tools Technologies

  • Vulnerability Assessment: Balbix, InsightVM, Qualys, Nessus, Tenable.
  • Penetration Testing: Metasploit, Burp suite.
  • Traffic Analyzers &Scanners: Wireshark, Nmap.
  • EDR Solutions: Carbon Black, Forti-EDR, Red cloak, CrowdStrike.
  • Security Standards &Frameworks: PCI-DSS, HIPAA, NIST CSF, MITRE ATT&CK, Kill chain.
  • SIEM& Log Aggregators: SecureWorks, Insight IDR, Tibico Log vault, QRadar
  • Email and Web Gateways: Zscaler, McAfee, Proofpoint (TAP&TRAP), Mimecast.
  • Networking protocols& Tools: Ping, NSlookup, Traceroute, Netstat.
  • Firewalls & Networking: Cisco, Palo Alto, SolarWinds.
  • DLP: Varonis, Fortinet.
  • PAM & MFA Solutions: Cyber-Ark, Ping-ID, Okta.
  • MDR Solutions: GreyMatter (Reliaquest).
  • Ticketing Systems: ServiceNow, Fresh service, JIRA
  • Others: OSINT, Virus Total, Sandboxing, Phishing analyzer, KALI Linux.
  • Microsoft: MS 0365, PowerShell scripting, MS defender for the Cloud, Azure

Projects

Incident response Automation using CrowdStrike and Zscaler playbooks integration. Drafted a security camera security requirements document used to standardize the deployment of security Cameras across Sonesta hotel’s environment. SOC maturity and optimization using the MITRE ATT&CK framework at Sonesta Hotels.

Timeline

Information Security Analyst II

Sonesta Group of Hotels
09.2021 - 09.2023

Cyber Security Analyst

Stanley Black & Decker
05.2019 - 08.2021

Information Security Analyst

Cambridge Savings Bank
02.2018 - 02.2019

Master of Science - Information Assurance &Cybersecurity

Northeastern University

Bachelor of Science - Computer Science

Kyambogo University

Similar Profiles

CREATE PROFILE
Herbert Muwanga