John Baez
Orlando,FL
Summary
Cybersecurity Analyst Professional Summary: Listed Skills ordered from most recent to least Communicate with stakeholder modifications for Security Policy, Incident Response Plans, Run Books Communicate with stakeholders modifications Disaster Recovery Plan (DRP). Communicate with Stakeholders modifications to Business Continuity Plans (BCP), and (BIA) Conducting Project Gap Analysis for further definition of Project Scopes. Standards: NIST 800-53, NIST 800-171, & FIPS Level3, Cybersecurity Maturity Model (CMMC). Provisioning and I&AM with OKTA, RSA, Microsoft Auth, Google Auth for both Multifactor Auth & SSO Requiring execution of KB involving Entrust & RSA on Mobile phones for token configs within Apps. Ensuring I&AM Configurations work seamlessly with authenticators involving SSO's onboarding. I&AM Provisioning IIS Views for Databases & SQL Queries. Assessing & Troubleshooting platform processes for seamless functionality. Python Scripting: Fixing code to mitigate corruption with OS, Apps, Files, and Processes. Python Scripting : Troubleshooting IOT Devices, Pen Testing, Installations, Maintenance hooks R Coding for Data Analytics for Health Data Analytics and other various focuses. PowerShell Scripting: for automation of Window, Registries, Processes, Memory, and Configurations. PowerShell Scripting: for Sys Admin duties regarding End User anomalous behaviors. Redhat Linux Scripting: IOT Devices (Upgrading, Updating, Mitigating, Hardening). Penetration Testing O.S's: Parrot OS, Kali Linux 2.0, Black Arch. Vulnerability Management scanning tools Nessus, Wireshark, Splunk, and Kali. Email Monitoring: SPM, DMARK, DKIM, MX Toolbox, Security O365 Security, Titan. Scanning: URL's, Attachments, Email Headers, and Email Body for malicious intent. Reputation Scans: IP's, DNS FQDNs, and URLs. Configuration Management: Intune 2020, Azure 2020 Network Monitoring Systems NMS tools for performance monitoring Zabbix Security Incident & Event Monitoring (SIEM): Carbon Black, Sentinel, Splunk, Arcsight. Web Content filters: Titan (Black Lists, White List) to control internet personal usage. Cloud Services: Azure, Citrix (Upgrading & Updating Gold Images). Provisioning: Baselining Apps (Intune 2020). Loglogics: Integrating Syslog Servers for the purpose of SIEM Pipelining. CISCO: Netflow (Dashboarding, UI Configuration of services, CLI Routing of nodes) CISCO: Configuring Firewalls via approved Security Policies (RIPv2, OSPF, EIGRP, BGP) SCADA: (ICS) Arch Hardening (SCADA, HMI's, RTU's, PLC's, Field Units, Libs). SCADA: Deep Malware Analysis with various Static and Dynamic tools malicious software affecting SCADA ICS (Sandworm, Chernovite, Xenotime, Erythrite, Dragonfly, Log4J Variants (Networked Systems)). Cabling: Ethernet (Cat5e, 6, 7), Fiber: MTP, LC-UPC, SC-UPC, FS ULL (Fluke test MS2-100). Results-driven IT professional with notable success in planning, analysis and implementation of security initiatives. Strengths in providing comprehensive network design and security frameworks. Certified in NIST,RMF,AGILE. IT professional with [10] years of experience developing and implementing security solutions in fast-paced environments. Skilled in [Risk Management] and [Network Security Infrastructure] with proven history of delivering exceptional risk management support. IT professional with [5] years of experience developing and implementing security solutions in fast-paced environments. Skilled in [Data Structure Analytics] and [Buisness Intelligence & Risk Management Dashboards] with proven history of delivering exceptional risk management support. IT professional with [20] years of experience developing and implementing security solutions in fast-paced environments. Skilled in Hardening Network Infrastructure and [Systems] with proven history of delivering exceptional risk management support.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Data Security Analyst
Blue Omega
12.2020 - 12.2023
- Creating tickets for Palantir Dev Ops Teams for jurisdictions indicated to correct issues with Data Quality, Data Corruption, Incomplete Data, Input Validation, and Static & Dynamic Code Scanning
- (Veracode)
- Creating Special Reports through Special Application within Platforms to help troubleshoot requests where applicable.
- Creating API'S as parallel solution for special requests for data reporting.
- Building Jurisdictional Dashboards in MSFT Power Bi Platform for all desired KPI's coverages as stated in IIS.
- Manipulating & Modifying Data Structures for improved streamlining of Big Data in Oracle SAS & SQL IIS Database Partners for improved querying results.
- Prepping Big Data for Data Transforms and Ingests to ensure all HPI, PII, SPI data has been neutralized (Need to know)
- Querying and creating Reports from IIS and outputting CSV, XLS, Parquet files for more organized & less memory intensive processing on business platforms.
- Coding in R-Code for Statistical Analysis in De-duplication of Records process via Batch file, pointed to R-Code that ran algorithm to output scoring matches for possible duplicates.
- Provisioning and I&AM with OKTA, RSA, Microsoft Auth, Google Auth for both Multifactor Auth & SSO
- Requiring execution of KB involving Entrust & RSA on Mobile phones for token configs within Apps.
- Ensuring I&AM Configurations work seamlessly with authenticators involving SSO's onboarding.
- I&AM Provisioning IIS Views for Databases & SQL Queries.
System Administrator / Cybersecurity Analyst
Favor Tech LLC
05.2020 - 12.2020
- Micro Service Automation for Embedded System, Security granularization of controls, Common integration of API's Modularization Scalability Deployment, Working with 3rd party controllers and building security sockets for extensible platforms
- Gained experience working under the NIST 800-53, NIST 800-171, & FIPS Level3 standard for audit compliance within the Cybersecurity Maturity Model (CMMC)
- Using the Enterprise Framework Solution to keep track of compliance issues
- MSFT Intune Enterprise IaaS Active Directory, MSFT 0365 Security Center MSFT Defender Enterprise ATP- & Azure ATP as the main SIEM for the Web Titan Enterprise- for Web-Content monitoring & Filtering
- Varonis Enterprise - Secondary option for Active Directory, Forensics & Investigations Sentinel Enterprise – Intrusion Prevention System with Forensics (IPS) Risk Matrix Pro – Risk Register Jira – Management of Sprints, regarding tracking of projects
- Python Scripting for IOT hardware, Pen Testing, Patching, Installations
- Maintenance Hooks Linux Server Administration: Redhat, Fedora, Ubuntu Network Management Systems (NMS) Zabbix
- Established effective communication channels between IT support staff and end-users, leading to improved issue resolution times overall.
- Supported the implementation of new technologies by providing technical expertise and training to colleagues as needed.
- Enabled smooth transitions during hardware and software upgrades, minimizing disruptions to endusers.
- Provisioned new software and hardware for use, following established security policies.
- Installed important security and functionality patches to maintain optimal protections against intrusion and system reliability.
- Collaborated with IT team to develop and implement comprehensive disaster recovery plans, ensuring minimal data loss during critical incidents.
- Maintained a high level of customer satisfaction by providing rapid, accurate response to inquiries and concerns regarding system performance or functionality.
- Enhanced system performance by optimizing server configurations and implementing regular updates.
- Increased efficiency in the workplace by ensuring seamless integration of new applications into existing systems.
- Managed user access rights to maintain a high level of information security while ensuring appropriate levels of accessibility for authorized personnel.
- Reduced downtime by proactively identifying and resolving potential issues through thorough system monitoring.
- Oversaw file system and storage upgrades while safeguarding data integrity and redundancy.
- Worked with users to determine areas of technology in need of improved usability.
- Drove continuous improvement of IT governance processes.
- Simplified troubleshooting processes by creating detailed documentation for system configurations, procedures, and best practices.
- Diagnosed and resolved complex technical issues through in-depth analysis, facilitating uninterrupted business operations.
- Contributed to cost-saving initiatives by analyzing resource usage trends and recommending infrastructure adjustments accordingly.
- Recommend improvements in security systems and procedures.
- Encrypted data and erected firewalls to protect confidential information.
- Facilitated cross-departmental collaboration to ensure integration of security best practices in all IT projects.
- Optimized incident response times by developing and implementing streamlined process for handling security breaches.
- Conducted comprehensive security audits for identifying potential vulnerabilities, leading to strengthened defense mechanisms.
- Reduced false positive alerts in security monitoring systems by fine-tuning detection parameters, enhancing operational efficiency.
- Enhanced network security by implementing robust intrusion detection systems and conducting regular vulnerability assessments.
- Streamlined user access controls, minimizing risk of unauthorized access to sensitive systems and data.
- Reduced downtime caused by security incidents by establishing robust incident management and recovery framework.
- Leveraged cutting-edge cybersecurity tools and technologies for continuous monitoring and protection of IT infrastructure.
- Customized and managed security information and event management (SIEM) systems for real-time threat detection and analysis.
- Developed and enforced stringent cybersecurity policies, significantly reducing risk of data breaches.
- Improved system resilience with deployment of advanced firewalls and anti-malware software.
- Spearheaded adoption of encryption technologies, safeguarding sensitive information during transmission and storage.
- Guided IT teams in secure configuration of hardware and software, minimizing vulnerabilities and compliance issues.
- Advocated for and achieved significant improvements in security posture by leading change in organizational culture towards cybersecurity.
- Conducted regular security risk assessments, enabling proactive identification and mitigation of potential threats.
- Played key role in regulatory compliance projects, ensuring adherence to industry standards and legal requirements related to cybersecurity.
- Enhanced network security by implementing advanced threat detection and prevention systems.
- Ensured compliance with industry regulations by performing comprehensive audits on existing security policies and procedures.
- Reduced risk of cyber attacks by conducting regular vulnerability assessments and penetration testing.
- Conducted security audits to identify vulnerabilities.
- Performed risk analyses to identify appropriate security countermeasures.
- Performed regular reviews of user access rights, minimizing the risk posed by insider threats or compromised accounts.
- Collaborated with IT teams to integrate security measures into the development and deployment of new applications.
Network / System Administrator / Field Tech
Robert Half Technology
07.2018 - 05.2020
- As a consultant working with various clients as a System Admin, and Cybersecurity Analyst
- Installing & configuring servers at 1 WTC Location Installing & Troubleshooting Networking Appliances and network related issues in the MDF rooms.
Lead-IT Corporation – Cloud Services End User & Domain- Contract
Datacom Technology Group (DTG)
05.2016 - 07.2017
- Supported 100,000 End Users, and 75,000 Network Devices Contract: (MTA) Metropolitan Transportation Authority) HQ – 2 Broadway New York, NY 12001
- Skills predominantly used are as follows: Team Lead
- System Administrator functions: Win Server 2012, 2016 Migration of client Network Drives onto client
- SCCM & PIX Imaging onto multiple clients
- Application Security via Scanning, Sandboxing, and proper provisioning of end-users via Citrix
- Providing Ping Scans and mapping network Topology via Nessus App for Device Discovery & proper enumerations
- Creating clones of Hardrives and changing SSID's of clone to add computers to PDC then move user to Child domain, Creating Account Permissions, Performing Full & Incremental Backups
- Cisco Nexus 4000 Series Switch 24 Port POE
- Cisco Firewalls Content Filtering, URL Filtering, Spam Filtering Domain Controllers via Citrix Datacenter R2 Virtualization via Dell VM's Application Security via Scanning, Sandboxing, and proper provisioning of end-users via Citrix
- Remote End User Support via Service Now Ticketing System Configuring, and Initializing Backups & Migration of Data form End-user to Server & Vice-versa
- Providing Ping Scans and mapping network Topology via Nessus App for Device Discovery & proper enumeration of devices for Asset tracking and security assessments
- Two-factor Authentication via MDM Software to provide extra layer of Protection by using personal mobile device or PKI RSA infrastructure for Symmetric, and asymmetric encryption [DUO, SSO, MFA] Cloud Services End User & Domain
- Supporting 100,000 End Users & 75,000 Network Devices
- Migrating user Data to new systems
- Converting Apps from 32-bit systems to 64-bit systems
- Troubleshooting peripheries such as: Printers, Scanners all Types, Copiers, Faxes, Credit Cards Machines, Biometric Devices, Mobile Devices
- Cloud Services: Cloud ADDS Sync, Dell Thin Client & Desktop
- Re-Imaging: MTA Apps, Win 7, Win 10, RedHat Enterprise
- WAN -LAN troubleshooting various networking issues in TCP/IP, Both DCHP, Static & Dynamic Configs, Cisco 24 Port Switches, and Routers, Eliminating Rouge Legacy Access Points
- Upgrading from Token Ring to Ethernet CAT 6
- Conducting Site Security Assessments
- Troubleshooting Computer & Network issues at Subway Hubs, Bus Depos, Admin Buildings, Train Yards, and Bridges & Tunnels.
Education
M.S in Cybersecurity -
Mercy College
NY, NY05.2019
B.S in Cybersecurity -
Mercy College
NY, NY05.2018
A.A.S Networking Technologies -
Technical Career Institutes
NY, NY05.2015
Skills
- Virtualization Security
- Identity and Access Management
- Network Security Management
- Two-Factor Authentication
- Regulatory Compliance Knowledge
- Intrusion Detection Systems
- Security Information and Event Management
- Incident Response Planning
- Penetration Testing
- Access Control Management
- User Awareness Training
- Mobile Device Security
- Secure Coding Practices
- Threat Intelligence Analysis
- Data Encryption Techniques
- Vulnerability Scanning Tools
- Firewall configuration
- Data Loss Prevention Strategies
- Digital Forensics Investigation
- Cloud Security Implementation
- Security risk assessment
- Vulnerability Assessment
- Patch management
- Network Security
- Disaster Recovery
- IDS Integration
- Ethical Hacking
- Cybersecurity frameworks
- Threat Hunting
- Teamwork and Collaboration
Certification
- Certified Information Security Auditor (CISA), Information Systems Audit and Control Association (ISACA), 08/23/2024, Orlando, FL, FL
- Certified Information Security Manager (CISM), Information Systems Audit and Control Association (ISACA), 10/04/2024, Orlando, FL, FL
- Project Management Institute (PMI) Project Management Professional (PMP)
Oct 22nd, 2024 – Scheduled
- CCNA Cisco Certified Network Associate, Cisco Systems Certifications, 08/08/2024, Orlando, FL, FL
- CySA+ CE, CompTIA, 03/18/2024, Orlando, FL, FL
- Stackable Cert: Cyber Security Analytics Professional (CSAP), CompTIA, 05/01/2024, Orlando, FL, FL
- SEC+ CE, CompTIA, 05/01/2024, Orlando, FL, FL
- PenTest+ CE, CompTIA, 07/16/2024, Orlando, FL, FL
- Stackable Cert: Network Security Professional (CNSP), CompTIA, 07/16/2024, Orlando, FL, FL
- Stackable Cert: Network Vulnerability Professional (CNVP), CompTIA, 07/16/2024, Orlando, FL, FL
- Network + CE, CompTIA, 07/22/2024, Orlando, FL, FL
- CASP+ CE, CompTIA, 07/30/2024, Orlando, FL, FL
- Stackable Cert: Secure Infrastructure Expert (CSIE), CompTIA, 07/30/2024, Orlando, FL, FL
- Stackable Cert: Security Analytics Expert (CSAE), CompTIA, 07/30/2024, Orlando, FL, FL
- SERVER+ CE, CompTIA, 08/06/2024, Orlando, FL, FL
- Stackable Cert: Certified Network Infrastructure Professional (CNIP), CompTIA, 08/06/2024, Orlando, FL, FL
- LINUX+ CE, CompTIA, 08/09/2024, Orlando, FL, FL
- Stackable Cert: CompTIA Linux Network Professional (CLNP), CompTIA, 08/09/2024, Orlando, FL, FL
- Cloud+ CE, CompTIA, 08/12/2024, Orlando, FL, FL
- Stackable Cert: CompTIA Certified Cloud Admin Professional (CCAP), CompTIA, 08/12/2024, Orlando, FL, FL
- Stackable Cert: CompTIA Certified Secure Cloud Professional (CSCP), CompTIA, 08/12/2024, Orlando, FL, FL
- Data+ CE, CompTIA, Scheduled, Orlando, FL, FL
- Certified Ethical Hacker – CEH, EC- Council, On-Going, Orlando, FL, FL
- SC900- Certified Microsoft Cybersecurity Professional, Microsoft Certifications, On-Going, Orlando, FL, FL
- AZURE, Microsoft Certifications, On-Going, Orlando, FL, FL
Clearance
Federal Public Trust, HHS, CDC, DOH, Active since December 2020
Languages
Spanish
Native or Bilingual
Timeline
Data Security Analyst
Blue Omega
12.2020 - 12.2023
System Administrator / Cybersecurity Analyst
Favor Tech LLC
05.2020 - 12.2020
Network / System Administrator / Field Tech
Robert Half Technology
07.2018 - 05.2020
Lead-IT Corporation – Cloud Services End User & Domain- Contract
Datacom Technology Group (DTG)
05.2016 - 07.2017
M.S in Cybersecurity -
Mercy College
B.S in Cybersecurity -
Mercy College
A.A.S Networking Technologies -
Technical Career Institutes