Paul Pambah
Westborough
Summary
Information Security Analyst with 7 years of experience in Information Security Operations encompassing Risk Definition, Planning, Measuring, Implementation of Controls and Assessing their Effectiveness. Knowledgeable in Risk Assessment, Compliance and Audit, Security policies, and accustomed to NIST SP 800-53, NIST SP 800-171, CMMC 2.0 and SOC 2 frameworks. Seeking a position that offers professional challenges requiring problem-solving skills, strategic thinking, interpersonal and organizational skills.
Overview
9
9
years of professional experience
1
1
Certification
Work History
CYBER SECURITY ANALYST II
Staples, Inc.
01.2021 - Current
- Utilized security tools to monitor computer networks and systems for threats and security incidents
- Installed, altered/tuned, and updated security tools and firewall rules in response to security needs or threats
- Developed and updated use cases for detection, alerting and responding to anomalous activities in accordance with prevailing security best practices
- Performed system analysis, documentation, testing, implementation, and user support for Service-Now Security Incident Module and Microsoft Defender
- Investigated and responded to security incidents and prepared incidents reports for root cause analysis and continuous security improvement of security posture
- Responding to Audit queries in compliance with SOC 2, CMMC and PCI DSS requirements
- Updating Security Awareness Training materials to incorporate emerging security threats like Vishing, Smishing and Quishing attacks
- Mentoring and coaching Junior Security Analysts to enhance organization security response depth
SECURITY ANALYST I / THIRD PARTY RISK ANALYST
Staples, Inc.
01.2018 - 12.2020
- Conducted Third Party Risk Assessments of Cloud Service Providers of IaaS, PaaS, SaaS, and other XaaS solutions to enable business to achieve and maintain compliance with regulatory and contractual requirements
- Completed Strategic and Reputational Risk reviews for due diligence and ongoing monitoring of vendors and subcontractors
- Ensured assessments, routine maintenance and remediation plans were processed to meet set Service Level Agreements
- Assisted with identification, assessment, monitoring and reporting on Third Party systems, interconnections, and identified risks
SYSTEMS SECURITY ANALYST
UST Global
09.2016 - 12.2017
- Analyzed and updated System Security Plan (SSP), Risk Assessment (RA) and Plan of Actions and Milestones (POA&M), and address system weakness
- Evaluated effectiveness of security controls (i.e., checking if controls implemented correctly, operating as intended, and meeting security requirements)
- Performed system monitoring activities, identification and evaluation of security threats, breaches and vulnerabilities and responded to security alerts and incidents
- Conducted risk analyses to ensure countermeasures were implemented in accordance with risk profile and root-cause of risk was fully addressed following NIST SP 800-30 and NIST SP 800-37
- Assisted with review of policies, procedures, guidelines, and security alerts to ensure that documentations follow NIST standards and FISMA regulations
- Collaborated on a team to develop System Security Plan (SSP), Information System Contingency Plan (ISCP), Incident Response Plan (IRP), Continuous Monitoring Plan for clients
- Conducted security audits to identify vulnerabilities and verify compliance with company security policies and standards
Education
MBA - Business Administration and Big Data Analytics
Brandeis University
Waltham, MABachelor of Science - Applied Statistics
Maseno University
Skills
- Access Control Management
- Audit Compliance Proficiency
- Information security
- Developing Systems Security Plans
- Risk Assessment
- Security Incident Response Management
- Security tools like SIEM, EDR/XDR, Threat Intelligence Platform
- Vulnerability assessment
- Network security
- Digital forensics
- Security policy development
Certification
Certified Information Systems Security Professional (CISSP), ISC2, 2022
Security Clearance
SECRET
Security Tools Experience
Microsoft Defender Suite:
- Writing custom search and alerting rules based on intelligence, known artifacts or existing investigation.
- Defender for Identity – to investigate anomalous access or login activity, restricting access for compromised or termed accounts and enforcing access credential resets due to suspected or confirmed compromise.
- Defender for Cloud Apps – Setting customs alerts for anomalous cloud application behavior (i.e. new apps creation by unauthorized users, unauthorized access elevation, etc), investigating alerts and remediation.
- MDE vulnerability management for built-in continuous vulnerability scanning and suggesting remediation action such as scanning endpoints and servers for default accounts, guest accounts or cached credentials that pose access security risk and alerting for appropriate actions to minimize the risk. Detecting vulnerable applications and suggesting best practice actions
- Used Microsoft Defender Security Copilot to quickly generate efficient KQL queries for custom alerting or investigations as well as converting intelligence IOCs into use cases
Splunk:
- Incorporating Splunk base, ES and SOAR for consolidated view of the technology operating environment.
- Creating/ modifying custom alerting user cases and report for visibility and detection of suspicious or anomalous activity.
- Investigating alerts and incidents in ES
- Automating validated workflows/playbooks in SOAR to automate repetitive tasks
- Using Splunk AI app to write efficient searches as well as understand existing/new custom use cases so that we can modify them to suit current needs
Network Security:
- Used Riverbed Steel Central to monitor network performance activity. This would come in handy by detecting suspicious activity from external and internal threat sources.
- Used Palo Alto Network security to set up/modify firewall rules to restrict network traffic.
- Used Riverbed Packet Analyzer to capture and analyze network traffic
CrowdStrike:
- Monitoring endpoint activity for suspicious/anomalous activity.
- Investigating alerts to determine if they are real or false
- Ingesting artifacts/IOCs from intelligence sources as custom searches or alerts
- Using Real-Time Response (RTR) to access remote endpoints for collect artifacts, image dumps and uninstall malicious/suspicious applications.
Timeline
CYBER SECURITY ANALYST II
Staples, Inc.
01.2021 - Current
SECURITY ANALYST I / THIRD PARTY RISK ANALYST
Staples, Inc.
01.2018 - 12.2020
SYSTEMS SECURITY ANALYST
UST Global
09.2016 - 12.2017
Bachelor of Science - Applied Statistics
Maseno University
MBA - Business Administration and Big Data Analytics
Brandeis University
Similar Profiles
Tyler HullTyler Hull
Sales Manager at Staples, Inc.Sales Manager at Staples, Inc.
Natasha BorgesNatasha Borges
Senior Category Merchant (Manager) at Staples, Inc.Senior Category Merchant (Manager) at Staples, Inc.
Kimberly MunroKimberly Munro
Retail Assistant General Manager at Staples, Inc.Retail Assistant General Manager at Staples, Inc.
Caroline BrosnihanCaroline Brosnihan
Server/Bartender at Central HouseServer/Bartender at Central House
Alexa TirabassiAlexa Tirabassi
Associate Sales Representative at Stryker, Sage ProductsAssociate Sales Representative at Stryker, Sage Products