Victoria Kulumba Lucero

Analytical and compassionate professional with over 15 years of experience in customer service and hospitality, leveraging newly acquired skills in cybersecurity through the completion of the Google Cybersecurity Professional Certificate and IBM Penetration Testing Certification. Expertise includes Governance, Risk, and Compliance (GRC) frameworks, information security, and risk mitigation, with a specialized focus on healthcare cybersecurity. Committed to safeguarding patient data and ensuring regulatory compliance (HIPAA) while enhancing secure and efficient hospital operations. Proven ability to build cross-departmental relationships, communicate complex security concepts effectively, and drive continuous improvement in compliance posture.

• Applied NIST and ISO 27001 frameworks in simulated healthcare security scenarios to identify control gaps, assess risk exposure, and support compliance with HIPAA privacy and security requirements
• Conducted log analysis and incident triage using Splunk, correlating events and identifying indicators of compromise to support timely incident response and threat detection
• Analyzed network traffic using Wireshark, identifying abnormal ARP, DNS, TCP, and HTTP/HTTPS activity to troubleshoot connectivity issues and detect potential security threats in enterprise-style environments
• Supported risk assessments and vulnerability analysis through hands-on labs, documenting findings and recommending mitigation strategies aligned with healthcare data protection best practices
• Demonstrated foundational incident response workflows, including detection, analysis, containment, and documentation, using structured playbooks and security tools
• Developed a strong understanding of healthcare data protection principles, emphasizing patient privacy, system availability, and regulatory compliance within security operations
• Applied HIPAA Security Rule concepts to evaluate administrative, technical, and physical safeguards in simulated healthcare environments
• Translated technical security findings into clear, non-technical explanations, supporting collaboration between IT, security, and non-technical stakeholders
• Completed hands-on labs in Linux and Windows environments, managing permissions, analyzing system logs, and investigating artifacts relevant to security monitoring and forensic analysis
• Utilized CyberChef, RegEx, and command-line tools to decode, parse, and analyze log data efficiently during investigations
• Strengthened security monitoring skills through participation in Splunk “Boss of the SOC” investigations, identifying patterns and escalating findings appropriately
• Leveraged 15+ years of experience in high-trust, customer-facing roles to demonstrate discretion, confidentiality, and professionalism when handling sensitive information
• Maintained composure and accuracy in high-pressure environments, supporting incident response and operational continuity
• Collaborated effectively across teams, demonstrating communication skills essential for healthcare security operations
• Achieved safely driving over 450 passengers through effectively helping with managing the driver version of the Circuit LLC app
• Documented and resolved passengers lost and found reports which led to 100% customer satisfaction and huge appreciation rewards

TryHackMe | Virtual Cybersecurity Labs

• Completed structured, hands-on cybersecurity training within an interactive virtual lab environment to strengthen practical IT, networking, and security analysis skills
• Linux Systems Administration
  Completed Linux Fundamentals (Levels 1–3) and Linux Strength Training
  Navigated directory structures, managed file permissions, analyzed system logs, and utilized core Linux utilities to support troubleshooting and security monitoring
• Log Management & Analysis
  Conducted log analysis exercises identifying log types and sources
  Applied regular expressions (RegEx), command-line tools, and CyberChef to parse, analyze, and interpret log data relevant to incident detection
• Network Traffic Analysis
  Gained hands-on experience using Wireshark for packet capture, filtering, and analysis
  Analyzed ARP, ICMP, TCP, DNS, HTTP, and HTTPS traffic to support network troubleshooting and security investigations
• Windows Operating Systems & Forensics
  Completed Windows Fundamentals (Levels 1–3) and Windows Forensics (Levels 1–2)
  Developed foundational knowledge of Windows architecture, including file systems, UAC, system configuration, firewall settings, registry, and FAT/NTFS structures
  Practiced accessing registry hives, utilizing registry analysis tools, and recovering deleted files
• Security Monitoring & Incident Response
  Completed Splunk Basics, Incident Handling with Splunk, and advanced Splunk labs
  Navigated Splunk dashboards, conducted incident investigations, and participated in Boss of the SOC scenarios to analyze security events and identify threats

• Google Cybersecurity Professional Certificate, Merit America, Virtual, 2024-08-01, Applied NIST and ISO frameworks in simulated GRC scenarios., Conducted risk assessments, vulnerability analyses, and incident response simulations., Developed hands-on skills with Linux, Splunk, Wireshark, and Python for proactive problem-solving.
• Penetration Testing, Incident Response, and Forensics, IBM Coursera Certified, 2023-12-01, Performed ethical hacking simulations and forensic analyses to identify vulnerabilities., Enhanced analytical reasoning and problem-solving under simulated time-sensitive conditions.
• CompTIA Security+ and Network+, In Progress, 2026-01-01