Tailor Herrarte
Baton Rouge,Louisiana
Summary
Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience implementing and testing security frameworks for network based software and web applications.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Cybersecurity Analyst
Yahoo
02.2022 - Current
- Monitored resolution of bugs, tested fixes and helped developers tackle ongoing problems by providing QA perspective.
- Oversaw bug bounty program payments, processing and tracking payments to security researchers, while maintaining accurate monthly expenditure records
- Orchestrated penetration and remediation testing schedules for a diverse range of Yahoo assets, ensuring comprehensive security assessments and timely resolution of issues
- Proved successful working within tight deadlines and a fast-paced environment.
- Cultivated interpersonal skills by building positive relationships with security researchers who sent in vulnerability reports to Yahoo's bug bounty platforms
- Documented testing procedures for developers and future testing use.
- Tested functional and compatibility of new programs or updates in comparison to existing applications.
- Kept scripts and test cases updated with current requirements.
- Advised developers on problems with databases, performance and other issues.
- Authored and maintained well-organized, efficient and successful manual test cases for entire team.
Contributing Cybersecurity Analyst
Safer Internet Project
05.2017 - 01.2022
- Created cybersecurity best practice communications to educate staff against known threats and potential vectors of attack.
- Conducted security audits to identify vulnerabilities.
- Performed risk analyses to identify appropriate security countermeasures.
- Authored security incident reports, highlighting breaches, vulnerabilities and remedial measures.
- Investigated and resolved incidents of unauthorized access to sensitive information.
- Collaborated seamlessly with team members on diverse security projects, consistently meeting deadlines and ensuring successful project outcomes.
- Developed plans to safeguard computer files against modification, destruction, or disclosure.
- Executed penetration testing to identify security weaknesses and develop disaster recovery plans.
- Leveraged a variety of tools and techniques, such as Metasploit, Burp Suite, and Nmap, to perform network and application penetration testing, uncovering vulnerabilities and providing actionable insights for enhanced security
Junior Security Engineer
HMSHost
02.2019 - 04.2020
- Spearheaded the management of phishing attacks across the entire corporation, diligently analyzing each email reported by employees for signs of malicious activity.
- Proactively alerted the company, fostering a culture of awareness and empowering personnel to identify and appropriately handle suspicious emails.
- Engineered, maintained and repaired security systems and programmable logic controls.
- Implemented necessary controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.
- Authored security and vulnerability reports, detailing logged incursions and suggesting remediation efforts.
- Worked with teams to develop company-wide information assurance, security standards and procedures.
- Maintained strict adherence to regulations such as payment card industry (PCI) data security standard.
- Developed and maintained company-wide endpoint security solutions.
Network Analyst
National Institutes Of Health
01.2018 - 02.2019
- Troubleshot and maintained networking devices and infrastructure across enterprise.
- Monitored system logs for all company computers and devices to maximize uptime.
- Diagnosed system hardware and software problems using advanced root-cause analysis.
- Reviewed logs for all networking devices for unresolved abnormalities and problems.
- Kept up-to-date on new developments in computer and network vulnerabilities, data hiding and encryption.
- Communicated with vendors to resolve network outages and periods of reduced performance.
- Upgraded network software and hardware for optimized performance.
- Administered software licensing and purchasing for effective installation of network.
- Completed remote repairs involving software solutions and hardware repairs.
- Documented all server and network problems and other unusual events in detail.
- Administered and prepared programs for IP addresses, developed network resources and trained support personnel to provide Tier I support to end users.
- Mitigated risk by analyzing complex computer systems to assess vulnerabilities.
- Improved overall user experience through support, training, troubleshooting, improvements and communication of system changes.
- Set up hardware and software in optimal configurations to meet network performance requirements.
Application Security Analyst
Wire Security
05.2018 - 05.2018
- Used research to verify or disqualify potential vulnerabilities.
- Monitored quality and performance of open-source applications through testing and maintenance.
- Triaged and analyzed potential vulnerabilities discovered within open-source dependencies.
- Built threat models and mapped software and tool dependencies.
- Researched known vulnerabilities to determine characteristics such as severity and exploitability.
- Worked with other teams to enforce security of applications and systems.
- Conducted security audits to identify vulnerabilities.
- Developed, tested and implemented security policies, plans and procedures for organizational protection.
Information Systems Analyst
Supernus Pharmaceuticals
05.2017 - 05.2018
- Installed improvements and adjusted parameters to optimize functionality.
- Trained users and supported variety of problems with hardware and software.
- Planned and designed system improvements to meet changing demands.
- Troubleshot incidents reported by end-users to schedule system changes and identify permanent solutions.
- Performed internal system acceptance to deliver well-tested enhancements and meet business requirements.
- Collaborated with upper management to drive strategy and implement new processes.
- Developed diagrams to describe and lay out logical operational steps.
- Enhanced project management skills by defining and presenting system solutions and timelines for business needs or technical problems.
- Communicated and explained business requirements to team members to understand and implement functional demands.
- Analyzed existing systems and databases and recommended enhancements to solve business needs
Network Operations Center Analyst
Nauticon
08.2016 - 02.2017
- Improved overall user experience through support, training, troubleshooting, improvements and communication of system changes.
- Set up hardware and software in optimal configurations to meet network performance requirements.
- Diagnosed and executed resolution for network and server issues.
- Monitored network hardware operations to evaluate proper configuration.
- Investigated and corrected problems with printers, copiers and other peripheral devices.
- Documented support procedures, processes and solutions in centralized systems, enabling user self-service.
- Utilized source code control for tracking configurations and changes.
- Provided faculty and staff with security software and network configuration support.
Program Analyst (Intern)
National Institutes Of Health
05.2016 - 08.2016
- Analyzed unstructured information to derive key insights.
- Reviewed program implementation plans to assess risk and feasibility.
- Validated results and performed quality assurance to assess accuracy of data.
- Helped solve diverse program problems with in-depth analysis.
- Evaluated current processes to develop improvement plans.
- Gathered, documented, and modeled data to assess business trends.
- Reviewed internal systems and organized training plans to address areas in need of improvement.
- Evaluated diverse organizational systems to identify workflow, communication, and resource utilization issues.
- Conducted thorough reviews of operations to devise and deploy improvement strategies.
- Restructured procedures through coordination with compliance director to create and execute projects.
- Leveraged on-site observation and personal interviews to identify team and individual strengths.
- Created and optimized records management strategies to coordinate and protect information.
- Recommended Sharepoint operational improvements based on tracking and analysis of stakeholder data.
Digital Learning Center Assistant
Montgomery College
05.2015 - 05.2016
- Managed filing system, entered data and completed other clerical tasks.
- Managed phone and email correspondence and handled incoming and outgoing mail and faxes.
- Assisted coworkers and staff members with special tasks on daily basis.
- Managed paper and electronic filing systems by routing various documents, taking messages and managing incoming and outgoing mail.
- Built and maintained excellent customer relationships through timely response to inquiries and going above and beyond to accommodate unusual requests.
- Completed forms, reports, logs and records to quickly handle all documentation for human resources.
- Continually sought methods for improving daily operations, communications with clients, recordkeeping and data entry for increased efficiency.
- Volunteered to help with special projects of varying degrees of complexity.
- Facilitated timely delivery of special projects to meet organizational and departmental objectives.
Education
Associate of Applied Science - Cybersecurity
Montgomery College
Rockville, MD09.2017
Skills
- Burp Suite Testing
- Bug Tracking and Resolution
- Web and Mobile Application QA
- Cross-Platform Testing
- Security Testing
- Security and Antivirus Software
- Configuration Management
- Network Security Measures
- Operational Improvements
- Splunk SIEM
- Kali Linux
- Risk Mitigation
Affiliations
Voting Village Volunteer - DEFCON31
Certification
- Security+ - CompTIA
Timeline
Cybersecurity Analyst
Yahoo
02.2022 - Current
Junior Security Engineer
HMSHost
02.2019 - 04.2020
Application Security Analyst
Wire Security
05.2018 - 05.2018
Network Analyst
National Institutes Of Health
01.2018 - 02.2019
Information Systems Analyst
Supernus Pharmaceuticals
05.2017 - 05.2018
Contributing Cybersecurity Analyst
Safer Internet Project
05.2017 - 01.2022
Network Operations Center Analyst
Nauticon
08.2016 - 02.2017
Program Analyst (Intern)
National Institutes Of Health
05.2016 - 08.2016
Digital Learning Center Assistant
Montgomery College
05.2015 - 05.2016
Associate of Applied Science - Cybersecurity
Montgomery College
Similar Profiles
Madhumitha KarthikeyanMadhumitha Karthikeyan
Production Engineer at YahooProduction Engineer at Yahoo
Rob MargolinRob Margolin
Client Services Lead at YahooClient Services Lead at Yahoo
Seema DabadiSeema Dabadi
Network Quality Optimisation Specialist at YahooNetwork Quality Optimisation Specialist at Yahoo
David (DJ) Ryan JohnsonDavid (DJ) Ryan Johnson
Director, Business Development Commercial Development at YahooDirector, Business Development Commercial Development at Yahoo
SHANDELL BROWNSHANDELL BROWN
Direct Service Worker at All Kare AlternativeDirect Service Worker at All Kare Alternative