Joshua Sumwalt
Rock Hill,SC
Summary
Skilled Security Analyst specializing in vulnerability assessment, risk identification, and security controls validation. Certified in CompTIA Security+, with a strong foundation in risk management and network security. Expertise in identifying security weaknesses and evaluating risk impact to support effective remediation efforts.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Program Assistant
Boys & Girls Club
Rock Hill, SC
08.2021 - Current
- Monitored environments for abnormal activity, safety risks, and policy violations, escalating concerns in accordance with established procedures
- Documented incidents, observations, and response actions, ensuring accurate reporting and traceability
- Enforced policies, procedures, safety protocols in a structured, compliance-focused environment.
- Maintained situational awareness to identify risks and potential security concerns in real time.
- Supported a controlled environment requiring consistent policy enforcement and risk awareness.
Ticket Puller
Mayer Electric
Charlotte, NC
03.2019 - 04.2020
- Validated inventory and order data, identifying discrepancies, anomalies, and potential process risks.
- Maintained accurate records and documentation to support audit readiness and data integrity.
- Demonstrated strong attention to detail and control adherence in a high-volume environment.
- Identified and resolved process gaps and data inconsistencies, reducing downstream exposure.
- Followed-internal control procedures and documented workflows to ensure compliance with operational standards.
Education
AAS - Information Technology (Cybersecurity)
Central Piedmont Community College
Charlotte NC12-2025
Skills
- Policy enforcement and access control
- Risk governance
- Security controls assessment
- Vulnerability assessment
- Risk impact analysis
- Threat identification and analysis
- Log analysis
- Network security fundamentals
- Nessus vulnerability scanning
- Splunk SIEM log analysis
- Network traffic analysis
- Security controls
- MITRE ATT&CK mapping
- System review concepts
- Python fundamentals
- Documentation tracking
Websites
Certification
- CompTIA Security+
- Information Technology Certificate – CPCC
- Cybersecurity Certificate – CPC
Hands On Projects/Labs
- Detected and validated a reverse shell attack between Ubuntu and Kali Linux using network traffic capture and endpoint analysis., Captured malicious traffic using Wireshark/tcpdump, identifying TCP connection to attacker host on port 4444., Correlated network indicators with endpoint evidence using Linux tools (ss, ps) to identify the bash process initiating the connection., Confirmed attacker IP, victim IP, and active session to validate command-and-control style behavior., Demonstrated host + network correlation techniques used in incident analysis and threat investigation.
- Performed a vulnerability scan of a Windows 11 system using Tenable Nessus Essentials., Identified medium-severity misconfiguration (SMB Signing Not Required) exposing system to man-in-the-middle / SMB relay attacks., Evaluated risk impact and attack scenario, including credential interception and traffic manipulation risks., Documented remediation actions, including enforcing SMB signing via Windows security policy., Demonstrated vulnerability identification, risk prioritization, and remediation guidance.
- Deployed a Splunk Enterprise SIEM environment on Ubuntu and ingested Windows authentication logs using Splunk Universal Forwarder., Queried and analyzed Windows Event IDs 4624 (success) and 4625 (failed logons) using Splunk SPL queries., Built time-based analysis of failed logons to detect abnormal authentication spikes and potential brute-force activity., Analyzed authentication activity by host to identify source systems generating failed login attempts., Investigated authentication metadata fields including account name, logon type, source IP, and workstation., Applied MITRE ATT&CK technique T1078 (Valid Accounts) for detection mapping and security monitoring alignment.
Timeline
Program Assistant
Boys & Girls Club
08.2021 - Current
Ticket Puller
Mayer Electric
03.2019 - 04.2020
AAS - Information Technology (Cybersecurity)
Central Piedmont Community College