James Earl West, Jr.
Gaithersburg,MD
Summary
Sr. Vulnerability Management Analyst with 25yrs of extensive experience in managing the vulnerability management lifecycle, from identification and prioritization to remediation and verification. Expertise in conducting vulnerability scans, analyzing results, and providing actionable insights to leadership and technical teams. Proven ability to reduce attack surfaces, improve security posture, and ensure compliance with industry standards such as NIST, CIS and ISO 27001. Proven expertise in utilizing security technologies such as Nucleus VM, Nessus(Tenable One), Qualys, Rapid7 InsightVM, and ServiceNow to identify, assess, and remediate vulnerabilities across diverse environments. Adept at developing SOPs, communicating technical concepts to non-technical audiences, and leading cross-functional efforts to enhance security posture and mitigate risks.
Overview
13
13
years of professional experience
1
1
Certification
Work History
Sr. Vulnerability Management Analyst
National Rural Electric Cooperative Association
03.2022 - 03.2025
- Created operational and strategic dashboards to accurately represent risk and prioritize mitigation efforts
- Primary focus on security vulnerability scanning, reporting, tracking, remediation, and analysis contributing to the development and implementation of the Enterprise Vulnerability Management Program
- Performed security vulnerability assessments using multiple vulnerability and penetration tools to evaluate attack vectors, identify vulnerabilities, and collaborate with team leads to develop remediation plans.
- Utilized Nucleus Vulnerability Management and Tenable.iO tool to aid in prioritizing vulnerabilities throughout the enterprise due to missed patches, configurations or recently identified vulnerabilities to ensure all systems are secured and patched
- Utilized ServiceNow(Utah version) Vulnerability Response module to focus on identifying, assessing and remediating vulnerabilities across the IT infrastructure.
- Utilized Wiz.Io Cloud Security Platform to aid in identifying and removing critical risks(vulnerabilities, misconfigurations, etc.) in the Cloud Environment
- Integrated and leveraged threat intelligence sources and partners to understand emerging security threats and advanced threat actors capabilities.
- Developed custom compliance and audit files for compliance scanning (NIST 800-53 and CIS) utilizing Tenable.IO
- Spearheaded assigning asset criticality to the asset inventory within the CMDB which helped the Support Teams to prioritize their efforts in remediation.
- Supported and coordinated with the Cybersecurity Operations team during high-priority and high-risk situations such as zero-day events and other fast-moving incidents.
- Collaborated with technical staff and the Business Units Leads as a subject matter expert ensuring that exception request lifecycle and workflow were correctly adhered to
Vulnerability Management Analyst
mission solutions incorporated, ltd.
11.2019 - 03.2022
- Utilize Nessus Scanner and Nessus Security Manager to provide the complete visibility into the security posture of the Organization by performing scheduled and ad-hoc Vulnerability, Compliance, Host Discovery, Credentialed, Non-Credentialed scans, retrieve results, provided compliance reports, real-time metrics, provided alerts on violations, real time detection on botnets, CnC traffic and context on assets using the Asset Criticality Rating (ACR)
- Install, Configure and Monitor the Rapid7 InsightVM and Nexpose to accurately monitor, manage and conduct scheduled vulnerability scans and and/hoc scans to actively report situation awareness of the Organizations Infrastructure, Network devices, workstations, and laptops
- Utilize Rapid7 InsightVM and Nexpose to aid with the ingesting of data feeds into SIEMs (Splunk & Arcsight) for correlation of data and investigation with the Security Operation Center, create trouble tickets and patched systems automatically.
- Develop internal standard operating procedures (SOPs). Participate in strategic development, implementation and execution of tactics, techniques, and procedures (TTPs)
- Prepare Vulnerability Metric reports to provide leadership insight into the Organization; TTD, TTR, Discovery, Exceptions Granted, etc.
- Identify attack surface reduction opportunities through vulnerability data analysis and threat models
- High-Level familiarity and understanding of penetration testing, vulnerability management, web application security, risk assessment, and mitigation methodologies
- High-Level of familiarity of the Vulnerability Management Lifecycle as it relates to identifying, prioritizing, assessing, reporting, remediating, and verifying the Organization Infrastructure is properly patched and vulnerabilities are identified for remediation to prevent any attack vectors being exposed
- Utilize root cause analysis (RCA) to identify specific vulnerabilities that are present and develop a process to remediate the vulnerabilities
- Conduct multiple security vulnerability assessments on multiple systems by via manual testing and automated testing assessing scans using various web, application (DAST), operating systems, and database vulnerability scanners (IBM AppScan, HB-Web Inspect).
- Effectively communicate security gaps with remediation recommendations to management
- Lead cross functional effort to assess security measures, identify and remediate vulnerabilities
- Working with the Information Security Engineering team in the identification, design, and implementation of new tools as requirements arise, consolidating and rationalizing the various vulnerability data from different scanning tools to remove duplicates, apply additional context to provide meaningful information for metrics that help prioritize and drive remediation activities
- Knowledge of the following industry standards and guidance: NIST SP800-53A r4, NIST SP800-37, NIST SP800-137, NIST IR 8179, FIPS 199 & 200, NIST SP 800-40, NIST SP 800-53, NIST SP 800-171, NIST SP800-207
- High Familiarity of the NIST NVD, CVSS, OWASP 10, OSINT, ISAC, OSSTMMv3 to keep abreast of any new vulnerabilities and scoring modifications to aid in accurately reporting and providing appropriate remediation procedures and tactics.
- Understanding of security frameworks such as NIST Cyber Security, PCI, HIPAA, GDPR, etc
vulnerability Management Engineer
Ignite it, llc.
01.2016 - 11.2019
- Install, Configure and Monitor the Nessus Scanners and Nessus Security Center to accurately monitor, manage and conduct scheduled vulnerability scans and and/hoc scans to actively report situation awareness of the Organization Infrastructure, Network devices, workstations, and laptops
- Lead and supported the Vulnerability Management team, effectively driving team strategy, goals, and performance objectives
- Utilized Black Duck software to scan open source and enforce source policies in source code to identify vulnerabilities, licenses, component quality risk and assist development teams identify and mitigate open-source related risks across application portfolios.
- Ability to identify systemic security issues based on the analysis of vulnerability and configuration data
- Knowledge of network security architecture concepts including topology, protocols, components, and principles
- Knowledge of general attack stages (foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation)
- Knowledge of network protocols (TCP/IP, DHCP) and directory services (DNS)
- Hands on experience with the remediation of security vulnerabilities (e.g. OS/Application Patching, Static and Dynamic Application Security Testing)
- Advance knowledge of performing a host of vulnerability scans (Tenable & Qualys) against client networks and applications
- Analyzed penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities within SLAs
- Work vulnerability-related tickets and security consultation requests to ensure issues are remediated within SLA timelines.
- Continuously monitored threat intelligence gathered from various sources, alert and collaborate with business and IT owners to address the threats within defined acceptable timelines.
- Performed web application, mobile application and network penetration tests to expose potential vulnerabilities, weaknesses and attack vectors.
- Operated and maintained a vulnerability management infrastructure capable of performing and supporting authenticated and unauthenticated scans for all approved systems, including Network infrastructure devices and applications.
- Utilized Cairis Threat Modeling Tool to identify security threats and expose multiple vulnerabilities to avoid exposure and limit risk
- Pro-actively and reactively monitored Identification Detection and Prevention Systems (IDS/IPS) and Security Incident Manager SIEM) alerts for actionable events and advises other team members of Indicators of Compromise (IOC)
- Collaborated with the Customers Enterprise Engineering Team to aid in the development and installation of Functional Requirement such as Central Logging, HBSS, System Backup & Restore, Patch Management, ACAS Scanning, System Monitoring, Database Management, Change, Incident, Service and Release Management.
- Provide daily monitoring, management, troubleshooting and issue resolution to systems and services hosted on Cloud resources
csirt threat analyst
MiCore Solutions, Inc.
02.2013 - 12.2015
- Performed hunting for malicious activity across the network and digital assets
- Analyzed threat information for multiple sources, disciplines and agencies across the Intelligence Community concerning foreign all-source collection capabilities and activities, human intelligence (HUMINT), signal intelligence (SIGINT), geo-spatial intelligence (GEOINT) / imagery intelligence (IMINT), measurement & signature intelligence (MASINT), specifically addressing foreign intelligence personalities, activities, capabilities, methods or operation/modus operandi (MO), intentions and relationships with other intelligence services and terrorist networks
- Analyzed threats intelligence (e.g. actors, tools, exploits, etc.) and determine techniques, tactics, and procedures (TTPs) of Threats Actors, including detailed technical analysis of the TTPs
- Ensured all pertinent information is obtained to allow for the identification, containment, eradication and recovery actions to occur in a timely sensitive environment
- Created and continuously improve Standard Operating Procedures used by the Security Operating Center (SOC)
- Created, managed and dispatched incident tickets
- Established and maintained excellent working relationships/partnerships with the Cyber Security and Infrastructure Support Teams throughout the Information Technology Organization, as well as Business Units.
- Contributed to the insider threat processes to identify and develop insider threat leads for possible referral to investigators; conduct background IT records reviews to identify past behaviors relevant to the issue under review; provided comprehensive written reports to investigators, supervisors, human resources specialists, personnel security specialists, etc
senior security engineer
Telos corporation, Inc.
12.2011 - 12.2012
- Monitor, evaluate and solve multifaceted, multi-tier complex hardware and/or software related performance issues related to security.
- Prepare and document security configuration standards, security related operation procedures and protocols.
- Identify and define system security requirements
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Engineer, implement, monitor and take escalation for security related issues, require investigations for security incidents, or anything related to securing system boundaries as required for the business, keeping systems and network devices hardened against attacks and securing highly sensitive data.
- Experienced in an operational role working directly with internal and external customers, trouble ticketing systems and incident management.
- Experience in building and maintaining security systems, system and security event logs – performing analysis for related events, running packet captures for inspection and analysis.
- Experience with SIEM/centralized logging analysis and correlation solutions (Splunk, Arcsight, FireEye, ePO, WAF, Nessus, TripWire)
- Ability to successfully plan and document and perform basic maintenance windows on production networks and adhere to change management policies and procedures.
- Proficient in understanding and experienced in diagnostic tools, monitoring applications and performance analysis tools.
- Operate and improved the end-to-end vulnerability management process, including aspects of asset inventory, contextual approach to scanning, conduct risk and vulnerability management and providing reporting and remediation guidance.
- Provided security reviews of change management tickets submitted by the organization to ensure remediation efforts are acted upon in a timely manner.
- Assist with associated incident response, security administration, and security monitoring initiatives as requested.
Education
BS - Computer Information Systems
Strayer University
01.1990
AA - Network Management
Stratford University
01.2001
AA - Accounting
Strayer University
01.1993
Skills
- Vulnerability Management
- IT Design & Development
- IT Service Delivery
- System Migration/Integrations
- Enterprise-wide Implementations
- Threat Intelligence Analysis
- Cross-Functional Supervision
- Team Building & Mentoring
- Intrusion Detection & Monitoring
Certification
- AWS SA Certification
- Agile Certified Scrum Master
- ITIL V4 Foundation Certification (ITIL)
- Security + ce
- AWS Solutions Architect Associate
- CHFI
- CEH
- CCAH Certification
Training
- Nucleus Security Platform
- Incident Management
- Incident Response Lifecycle
- Nucleus Vulnerability Management
- Qualys VMDR
- Nessus Scanner & Management
- MITRE ATT&CK Defender & ATT&CK Framework
- Bash Scripting
- CAP
- FEDRamp
Technical Summary
- Nucleus Vulnerability Management
- Tenable One Vulnerability Management
- Sentinel One
- Ivanti LanDesk Endpoint Manager (Patch Management)
- Nucleus Security Platform
- ServiceNow ITSM
- Wiz.io
- Veeam Backup
- Qualysguard Enterprise (SaaS)
- Nessus Security Center & Scanner
- Symantec Endpoint Management & Data Loss Prevention (DLP)
- McAfee NSM (IPS)
- McAfee SIEM (Nitro)
- Burp Suite Enterprise
- FireEye HX (Mandiant)
- InsightVM
- Core Impact
- StealthBit Intercept
- DBProtect
- IBM Guardium
- Microsoft Operations Management
- Arcsight SIEM ver 5.5. 6.5
- Splunk Enterprise 6.0
- FireEye Endpoint Security
- Source Fire IDS
- Eeye Retina
- App Detective
- Webinspect 7.07
- Server Management Services SMS
- Retina Network Security Scanner
- Hyperic HQ 4.0 Enterprise
- CA Change, Configuration and Release Management
- BurpSuite
- System Center Configuration Manager
- Linux Operating Systems
- Websense Explorer 6.3
Timeline
Sr. Vulnerability Management Analyst
National Rural Electric Cooperative Association
03.2022 - 03.2025
Vulnerability Management Analyst
mission solutions incorporated, ltd.
11.2019 - 03.2022
vulnerability Management Engineer
Ignite it, llc.
01.2016 - 11.2019
csirt threat analyst
MiCore Solutions, Inc.
02.2013 - 12.2015
senior security engineer
Telos corporation, Inc.
12.2011 - 12.2012
AA - Network Management
Stratford University
AA - Accounting
Strayer University
BS - Computer Information Systems
Strayer University
Similar Profiles
Jessica LeonzoJessica Leonzo
Senior Associate, Marketing Operations at National Rural Electric Cooperative AssociationSenior Associate, Marketing Operations at National Rural Electric Cooperative Association
Isaiah KabbanIsaiah Kabban
National Director of Ongoing Legislation at American Youth AssociationNational Director of Ongoing Legislation at American Youth Association
Ramsey Dela VinaRamsey Dela Vina
Accounting Associate III at Phil. Rural Electric Cooperative Association, IncAccounting Associate III at Phil. Rural Electric Cooperative Association, Inc