Ray Johnson
SAINT CLOUD,FL
Summary
Results-driven Cyber Security Analyst with 7 years of experience in Vulnerability Management, Security Operations, Phishing Response, and Penetration Testing. Expertise in leading remediation efforts and enhancing security posture while effectively responding to emerging threats. Proficient in collaborating with cross-functional IT teams and leveraging advanced tools such as SIEM, EDR, and vulnerability scanning solutions to proactively safeguard critical assets. Recognized for a strong ability to identify risks, minimize exposure, and ensure secure application deployments.
Overview
9
9
years of professional experience
1
1
Certification
Work History
Cyber Security Analyst
Clorox
06.2021 - 09.2024
- Lead Vulnerability Management initiatives by utilizing Nessus and InsightVM to perform regular scans on servers and endpoints, prioritizing remediation efforts for critical assets.
- Partner with Windows and Linux teams to coordinate timely patch deployment and ensure compliance with security standards.
- Manage Phishing Awareness program by monitoring phishing mailboxes, analyzing reported emails, quarantining malicious content, and executing password resets or account containment procedures.
- Conduct Internal Network Penetration Tests, identifying vulnerabilities in network devices, and delivering detailed mitigation reports to system owners.
- Perform Web Application Security Assessments, scanning pre-production applications, and collaborating with development teams to address security flaws before deployment.
- Operate within the Security Operations Center (SOC), monitoring and triaging alerts from SIEM and EDR platforms, executing containment actions such as machine isolation or reimaging infected endpoints.
- Document incident findings and escalate complex threats to senior analysts, contributing to a proactive security posture.
- Collaborated with cross-functional teams to enhance security protocols and safeguard sensitive data.
- Monitored network traffic for suspicious activity, ensuring timely threat detection and response.
- Led training sessions on cybersecurity best practices for employees, improving overall awareness and compliance.
Information Security Analyst
White Cap
10.2020 - 06.2021
- Maintained SIEM, EDR, and vulnerability tools.
- Delivered phishing simulations and awareness training.
- Partnered with third-party testers to assess risks.
- Analyzed security incidents to identify vulnerabilities and recommend preventative measures.
- Developed and implemented security policies and procedures aligning with industry best practices.
- Collaborated with IT teams to integrate security solutions into existing infrastructure effectively.
- Led training sessions for staff on cybersecurity awareness and best practices to enhance compliance.
- Monitored network traffic using SIEM tools to detect suspicious activities and mitigate risks.
- Reduced vulnerabilities by performing thorough penetration testing on a regular basis.
- Conducted security audits to identify vulnerabilities.
Information Security Analyst
HD Supply
02.2020 - 10.2020
- Conducted vulnerability assessments and supported incident response.
- Analyzed security incidents to identify vulnerabilities and recommend preventative measures.
- Developed and implemented security policies and procedures aligning with industry best practices.
- Streamlined threat monitoring processes for quicker identification of potential risks.
- Administered and monitored firewalls, intrusion detection systems and anti-virus software to detect risks.
- Championed a culture of continuous improvement through regular evaluations of existing security measures against established benchmarks and metrics.
- Enhanced system protection by designing and deploying intrusion detection systems.
- Improved incident response times by creating and maintaining detailed incident response procedures.
- Analyzed network traffic and system logs to detect malicious activities.
Network Security Administrator
MasterCorp, Inc.
07.2019 - 02.2020
- Monitored network alerts and performed endpoint vulnerability scans.
- Managed user access and implemented policies.
- Implemented security protocols for access control systems and surveillance technologies.
- Managed user permissions and monitored system activity to ensure compliance with security standards.
- Conducted regular audits of security systems to identify vulnerabilities and recommend enhancements.
- Led training sessions for staff on security best practices and system usage to enhance awareness.
- Analyzed incident reports to identify trends, driving strategic improvements in security measures.
- Oversaw system upgrades and maintenance schedules, ensuring minimal disruption to organizational operations.
Network Engineer
Sprint
03.2019 - 07.2019
- Built firewalls and VPN connections for the Federal Reserve Bank.
- Monitored network systems to ensure uptime, quickly identifying and resolving issues.
- Collaborated with cross-functional teams to integrate new technologies into existing infrastructure.
- Designed and implemented network configurations to optimize performance and reliability.
- Led troubleshooting efforts for complex network outages, ensuring minimal disruption to services.
- Trained junior engineers on best practices for network management and configuration tasks.
- Monitored network capacity and performance to diagnose and resolve complex network problems.
- Provided complete end-to-end engineering and installation of route-based IP network solutions.
- Delivered end-user support by troubleshooting connectivity issues and providing guidance on proper usage of networking equipment.
- Managed, tracked, and coordinated problem resolution and escalation processes.
Cyber Security Analyst
ADT
08.2018 - 02.2019
- Monitored EDR alerts and conducted threat analysis in MSSP-SOC.
- Monitored security incidents and alerts using SIEM tools to identify potential threats.
- Conducted threat analysis and vulnerability assessments to improve incident response strategies.
- Collaborated with cross-functional teams to enhance network security protocols and procedures.
- Reduced false alarms by fine-tuning intrusion detection system configurations based on historical analysis of incidents.
- Enhanced network security by monitoring systems for potential threats and vulnerabilities.
- Identified root causes of security breaches through thorough investigation and analysis of log data.
- Maintained accurate documentation of all SOC activities, facilitating knowledge sharing across the organization.
- Improved incident management workflows through streamlined communication between SOC Analysts, IT departments, and other relevant parties.
- Streamlined incident response processes for quicker threat detection and remediation.
- Updated security procedures and documentation, keeping pace with evolving cyber threats and industry best practices.
- Led cybersecurity awareness programs, increasing staff vigilance against phishing and social engineering attacks.
Network Analyst
U-Haul International
10.2017 - 08.2018
- Administered global network performance and maintained VPNs.
- Analyzed network performance issues to identify and implement solutions for improved operational efficiency.
- Optimized network configurations to enhance reliability and reduce downtime across multiple locations.
- Led cross-functional teams in troubleshooting complex network incidents, ensuring swift resolution and minimal service interruption.
- Developed and enforced best practices for network security, safeguarding sensitive data across organizational systems.
- Monitored system performance metrics to produce regular reports, facilitating informed decision-making on network enhancements.
IT Service Desk
Safeway
08.2015 - 10.2017
- Provided IT support and escalated technical issues efficiently.
- Assisted in the development of IT service desk policies, ensuring compliance with industry standards and regulations while maintaining a focus on providing excellent customer service.
- Improved customer satisfaction by efficiently resolving IT service desk tickets and providing clear communication to endusers.
- Developed detailed documentation for IT service desk procedures, enabling faster onboarding of new team members.
- Improved IT service desk efficiency by implementing streamlined ticketing processes and knowledge base updates.
- Resolved guest inquiries punctually and politely for professional customer service.
Education
Bachelor of Science - Information Technology, Cybersecurity
Florida State University
Tallahassee, FL01.2015
Skills
- Vulnerability Management (Nessus, InsightVM)
- SIEM & EDR Monitoring (eg, Splunk, InsightIDR, SentinelOne)
- Phishing Detection & Response
- Risk assessment
- Incident response
- Digital forensics
- Network security
- Penetration Testing (Internal Network & Web Applications)
- Incident Response & Threat Mitigation
- Patch Management & Remediation Coordination
- Security Awareness & User Education
- Risk Assessment & Reporting
- Network & Endpoint Security
- Cross-Team Collaboration (Windows/Linux)
- Tools: Nessus, InsightVM, Rapid7 InsightIDR, Splunk, SentinelOne, Microsoft Defender 365, Burp Suite, OWASP ZAP, Crowdstrike, Exabeam
- Technologies: Windows Server, Linux (RedHat, Ubuntu), Active Directory, TCP/IP, DNS, HTTP/S
- Security Frameworks: MITRE ATT&CK, NIST, OWASP Top 10
- Scripting: Basic knowledge of Python, PowerShell for automation
- Other: Phishing Platforms (KnowBe4), Vulnerability Reporting, Patch Management
Certification
- Certified Information Systems Security Professional (CISSP) (ISC)² — Issued: 2025-03 Advanced expertise in designing, implementing, and managing enterprise cybersecurity programs across eight domains, including Security Operations, Risk Management, and Asset Security.
- CompTIA Advanced Security Practitioner (CASP+) CompTIA — Issued: 2024 Enterprise-level security skills in risk management, advanced threat detection, and securing complex environments.
- GIAC Penetration Tester (GPEN) SANS GIAC — Issued: 2023 Validated skills in network penetration testing, vulnerability exploitation, and post-exploitation techniques.
- GIAC Web Application Penetration Tester (GWAPT) SANS GIAC — Issued: 2023 Specialized in identifying and exploiting web application vulnerabilities, aligned with OWASP Top 10 and modern web attack vectors.
- CompTIA Cybersecurity Analyst (CySA+) CompTIA — Issued: 2020 Proficient in threat detection, analysis, and response using behavioral analytics and SIEM tools.
- CompTIA Security+ (SEC+) CompTIA — Issued: 2019 Foundation in core cybersecurity principles, risk management, network security, and incident response.
- GIAC Global Industrial Cyber Security Professional (GICSP) SANS GIAC — Issued: 2022 Bridges IT, engineering, and cybersecurity for securing Industrial Control Systems (ICS) and SCADA environments.
- GIAC Forensic Cyber Examiner (GFCE) SANS GIAC — Issued: 2022 Expertise in digital forensics, evidence collection, and analysis of cyber incidents across diverse platforms.
- CompTIA PenTest+ CompTIA — Issued: 2021 Hands-on penetration testing skills covering network, web, and cloud-based environments, including vulnerability assessment and management.
- AWS Certified Cloud Practitioner Issued: 2025-06 | Amazon Web Services (AWS) Demonstrated foundational knowledge of AWS Cloud concepts, core services, pricing models, security best practices, and cloud deployment strategies.
- Offensive Security: GPEN, GWAPT, PenTest+
- Defensive Operations & Risk Management: CISSP, CASP+, CySA+, SEC+
- Industrial & Forensics Expertise: GICSP, GFCE
Timeline
Cyber Security Analyst
Clorox
06.2021 - 09.2024
Information Security Analyst
White Cap
10.2020 - 06.2021
Information Security Analyst
HD Supply
02.2020 - 10.2020
Network Security Administrator
MasterCorp, Inc.
07.2019 - 02.2020
Network Engineer
Sprint
03.2019 - 07.2019
Cyber Security Analyst
ADT
08.2018 - 02.2019
Network Analyst
U-Haul International
10.2017 - 08.2018
IT Service Desk
Safeway
08.2015 - 10.2017
Bachelor of Science - Information Technology, Cybersecurity
Florida State University