Summary
Overview
Work History
Education
Skills
Websites
Certification
Communication Skills
Leadership Experience
Developing Interests
Awards
References
Timeline
Generic

Michael Wilfert

CyberSecurity
Manchester,NH

Summary

Dedicated and experienced Cybersecurity Professional with a proven track record in the higher education and financial sectors. Seeking a cybersecurity role to leverage my expertise.

Overview

14
14
years of professional experience
4
4
Certifications

Work History

Cyber Security Tester / Assessor App Sec

Enterprise Cyber Security
11.2022 - Current
  • Lead cross-functional teams in identifying, reporting, and remediating security vulnerabilities, maintaining accountability for addressing gaps and risks, including vendor engagements.
  • Delivered training sessions on secure coding practices and threat mitigation strategies for development teams, fostering a culture of security awareness within the organization.
  • Implemented innovative approaches to exploit vulnerabilities while minimizing collateral damage during penetration tests.
  • Researched latest security threats and vulnerabilities to stay abreast of trends and threat actors.
  • Simulated attack scenarios using threat actors' tactics and techniques.
  • Identified weaknesses and vulnerabilities in network systems.
  • Collaborated with external vendors to perform penetration tests on network devices, operating systems and databases.
  • Conducted IT audit assessments for systems or applications to recommend solutions to mitigate risks.
  • Used analysis from attack simulations to identify gaps in threat detection or response.
  • Developed risk assessment reports to identify threats and vulnerabilities.
  • Developed comprehensive test plans for assessing web applications, networks, and infrastructure components against known vulnerabilities and attack vectors.
  • Conducted risk analysis, system certifications, auditing, security documentation and security testing.
  • Provided cybersecurity expertise on applications development projects, enabling appropriate operating environment configurations.
  • Assisted clients in understanding the implications of discovered vulnerabilities, helping them make informed decisions about necessary corrective actions.
  • Evaluated security controls effectiveness with rigorous penetration testing exercises, identifying gaps in coverage that required attention from management or additional resources.
  • Worked closely with stakeholders to prioritize remediation efforts based on risk levels associated with identified vulnerabilities.
  • Maintained a high level of professionalism, adhering to strict ethical guidelines when conducting vulnerability assessments and penetration tests.

Cyber Security Tester / Assessor App Sec

Enterprise Cyber Security
11.2021 - 11.2022
  • Continuously refined penetration testing methodologies in response to evolving threats and client feedback, ensuring ongoing relevance and effectiveness.
  • Streamlined vulnerability management processes by collaborating with cross-functional teams to establish clear lines of communication regarding security concerns.
  • Implemented remediation strategies for identified vulnerabilities, reducing the risk of cyber attacks.
  • Assessed threats, risks and vulnerabilities from emerging security issues to advise pertinent stakeholders on appropriate measures.
  • Collaborated with development teams to integrate secure coding practices, improving overall application security.
  • Provided detailed reports on findings and recommendations for improvement, guiding clients towards more secure systems.
  • Recommended measures to protect systems from modification, disclosure, or destruction.
  • Mentored junior team members in best practices for ethical hacking and penetration testing techniques, fostering professional growth among colleagues.
  • Designed tests and tools to break into security-protected applications and networks to probe for vulnerabilities.
  • Analyzed security policies for usefulness and value to suggest security policy improvements.
  • Established trust through effective communication that allowed stakeholders at all levels to understand the importance of cybersecurity measures.
  • Documented entire penetration testing lifecycle during engagements for future review.
  • Identified weaknesses and vulnerabilities in network systems.
  • Stayed current on emerging threats and trends in cybersecurity, adapting testing methods as needed to address new risks.
  • Developed risk assessment reports to identify threats and vulnerabilities.
  • Created comprehensive documentation outlining test processes, results, and recommended actions for client review.
  • Conducted IT audit assessments for systems or applications to recommend solutions to mitigate risks.
  • Developed scripts and tools to automate repetitive tasks during the penetration testing process, saving time without compromising quality or effectiveness.
  • Reviewed existing security policies and provided recommendations for improvements based on the results of vulnerability assessments and industry best practices.
  • Reviewed proposed new systems, networks, and software designs for potential security risks.

Cyber Security Consultant IAM

Enterprise Cyber Security
07.2020 - 10.2021
  • Leveraged expertise in information security principles to secure critical infrastructure, including Fidelity critical customer facing applications.
  • Evaluated customer needs and feedback to drive product and service improvements.
  • Conducted regular reviews of operations and identified areas for improvement.
  • Contributed to company-wide compliance initiatives by maintaining up-to-date knowledge on relevant regulations pertaining to information security and privacy.
  • Collaborated with cross-functional teams to ensure seamless integration between Identity Management solutions and other IT systems.
  • Conducted research to identify and evaluate new technologies and concepts.
  • Played a key role in incident response efforts related to unauthorized access or compromised credentials, ensuring prompt resolution and system restoration.
  • Developed robust role-based access control models to streamline permission management across enterprise systems.
  • Increased operational efficiency by integrating various applications into the existing identity management framework.
  • Assisted in the development of various technical documentation, including policy documents, user guides, and architectural diagrams related to Identity Management infrastructure.
  • Streamlined access control processes by designing automated systems for provisioning and deprovisioning user accounts.

Information Security Analyst SOC / IR / Blue Team

University IT Solutions
12.2018 - 07.2020
  • Lead and implemented security measures for operational standards to enhance university security.
  • Managed relationships with third-party vendors to ensure timely delivery of essential security products and services.
  • Assessed vendor security during procurement processes, ensuring compliance with company policies and industry best practices.
  • Administered and monitored firewalls, intrusion detection systems and anti-virus software to detect risks.
  • Conducted internal audits to identify areas of improvement within the organization''s information security program.
  • Supported legal teams in investigations involving cybercrime or data breaches, providing crucial technical expertise.
  • Monitored use of data files and regulated access to protect secure information.
  • Streamlined threat monitoring processes for quicker identification of potential risks.
  • Enhanced system protection by designing and deploying intrusion detection systems.
  • Increased organizational resilience with the development of comprehensive disaster recovery plans.
  • Developed clear documentation of policies, procedures, and guidelines related to information security management within the organization.
  • Maintained regulatory compliance by staying updated on relevant laws, regulations, and standards, implementing necessary changes when required.
  • Championed a culture of continuous improvement through regular evaluations of existing security measures against established benchmarks and metrics.
  • Monitored computer virus reports to determine when to update virus protection systems.
  • Recommend improvements in security systems and procedures.
  • Led cross-functional teams in managing data breaches and other incidents, minimizing damage and ensuring swift resolution.
  • Strengthened network security by conducting regular risk assessments and implementing appropriate countermeasures.
  • Encrypted data and erected firewalls to protect confidential information.
  • Boosted cybersecurity awareness among employees through effective training sessions and workshops.
  • Developed, tested and implemented security policies, plans and procedures for organizational protection.
  • Investigated and resolved incidents of unauthorized access to sensitive information.
  • Evaluated emerging technologies for potential adoption in enhancing the company''s overall security posture.
  • Worked with other teams to enforce security of applications and systems.
  • Educated and trained users on information security policies and procedures.
  • Collaborated with IT teams to ensure seamless integration of security measures into existing infrastructure.
  • Reviewed violations of computer security procedures and developed mitigation plans.
  • Drafted security reports and metrics to track security performance and strategize improvements.
  • Mitigated risks associated with remote access by implementing strict access controls for external users.
  • Used critical thinking to break down problems, evaluate solutions and make decisions.
  • Worked well in a team setting, providing support and guidance.
  • Resolved problems, improved operations and provided exceptional service.
  • Worked flexible hours across night, weekend, and holiday shifts.
  • Self-motivated, with a strong sense of personal responsibility.

Application Security Support Specialist

University IT Solutions
01.2018 - 12.2018
  • Provided tier III services for the student information system and various applications (Colleague, Banner).
  • Tracked and documented customer interactions in customer relationship management system to maintain accurate records.
  • Developed and implemented preventive maintenance procedures.
  • Monitored systems in operation and quickly troubleshot errors.
  • Provided feedback to product development and engineering teams on customer needs and issues for enhancements.
  • Created user accounts and assigned permissions.
  • Offered assistance in implementing and developing training programs.
  • Championed customer feedback initiatives that informed product improvements and feature enhancements over time.
  • Generated reports to track performance and analyze trends.
  • Patched software and installed new versions to eliminate security problems and protect data.

Field Services Technician I-III

University IT Solutions
01.2016 - 01.2018
  • Mentored junior technicians in maintenance, repair, and reporting duties.
  • Collaborated with cross-functional teams to ensure timely completion of complex projects.
  • Actively participated in continuous learning initiatives to stay updated on industry trends and advancements in technology.
  • Tested systems, noting issues and completing preventive maintenance.
  • Provided expert advice on equipment selection, leading to an overall improvement in operational efficiency.
  • Reduced downtime for machines through proactive identification and resolution of technical issues.
  • Maintained quality assurance and customer satisfaction objectives.
  • Worked with outside vendors for fiber installations and service.
  • Diagnosed and executed resolution for network and server issues.
  • Troubleshot hardware and software to determine and rectify network problems.
  • Recommended new and replacement hardware and software purchases.

Technologist & Analyst

University IT Services
01.2011 - 01.2015
  • Revamped systems and upgraded wiring, PLCs and drives to handle changing needs.
  • Interpreted test information to resolve design-related problems.
  • Used surveying equipment to grade and measure land profiles before installation of multimedia electrical systems.
  • Mentored junior team members to enhance their technical skills and improve overall team productivity.
  • Reduced downtime for critical systems through proactive maintenance and timely troubleshooting.
  • Delivered services to customer locations within specific timeframes.

Helpdesk Specialist

University IT Services
01.2015 - 12.2016
  • Identified opportunities for process automation, saving time on repetitive tasks while maintaining service quality standards.
  • Optimized system operation and resource utilization to streamline workflows and processes.
  • Developed troubleshooting guides to empower end-users to resolve minor issues independently.
  • Provided end-user system and equipment training.
  • Diagnosed and troubleshot hardware, software and network issues.
  • Installed new desktop systems and migrated data to new machines.
  • Tested new software and hardware prior to deployment.

ISP Service Technician

Radius North
05.2010 - 12.2010
  • Maintained strong focus on safety and efficiency to provide comprehensive support to personnel performing skilled repairs.
  • Responded to problems reported by customers by troubleshooting and resolving hardware and software issues.
  • Enhanced client retention through exceptional communication skills and a commitment to addressing concerns promptly.
  • Assisted in the development of company-wide best practices for servicing procedures, contributing to higher efficiency standards across teams.
  • Troubleshot hardware and software to determine and rectify network problems.

Education

MS - Cybersecurity

Southern New Hampshire University

UG - Computer Science & IT

Plymouth State University

Skills

Vulnerability Assessment / Management

Penetration Testing

Security Standards (OWASP, NIST)

Incident Response / SOC

Scripting (Python, Bash, PowerShell)

Automation

Threat Detection and Response

Phishing Mitigation

Security Awareness

(IAM) / (PAM)

Problem-solving aptitude

Network Troubleshooting

Network support

Websites

Certification

Certified Scrum Master (2018)

Communication Skills

Present for all ECS Application Security reports weekly, monthly quarterly, and annual metrics.

Leadership Experience

In my senior role I lead efforts in the Fidelity ECS App Sec team.

Developing Interests

  • Bug bounty: (Hacker1, Bugcrowd, GitHub)
  • CTF: (HTB, TryHackMe, PicoCTF & more)
  • Cyber Labs: (INE, Portswigger, Pentestlabs, Immersive Labs, Pluralsight, UDEMY, DVWA)
  • Automation: (AI, CHATGPT, Power AUTOMATE)

Awards

  • Fidelity Best Performer Award x2 (2022 & 2023)
  • Fidelity Recognition Award x5
  • Fidelity High Five Award

References

Available upon request.

Timeline

Cyber Security Tester / Assessor App Sec

Enterprise Cyber Security
11.2022 - Current

Cyber Security Tester / Assessor App Sec

Enterprise Cyber Security
11.2021 - 11.2022

Cyber Security Consultant IAM

Enterprise Cyber Security
07.2020 - 10.2021

Information Security Analyst SOC / IR / Blue Team

University IT Solutions
12.2018 - 07.2020

Application Security Support Specialist

University IT Solutions
01.2018 - 12.2018

Field Services Technician I-III

University IT Solutions
01.2016 - 01.2018

Helpdesk Specialist

University IT Services
01.2015 - 12.2016

Technologist & Analyst

University IT Services
01.2011 - 01.2015

ISP Service Technician

Radius North
05.2010 - 12.2010

MS - Cybersecurity

Southern New Hampshire University

UG - Computer Science & IT

Plymouth State University
Michael WilfertCyberSecurity