Resume

Professional Summary

Results-driven Cybersecurity Architect & Information Security Specialist with over 8 years of hands-on experience designing and implementing secure IT systems, enforcing data protection policies, and proactively defending enterprise networks against evolving threats. Proven track record in SIEM integration, zero trust architecture, and threat intelligence operations. Adept at working cross functionally to translate technical security requirements into scalable frameworks that align with business needs.

Certifications

• Certified in Cybersecurity (CC) – (ISC)²
• Systems Security Certified Practitioner (SSCP) – (ISC)²
• Certified Secure Software Lifecycle Professional (CSSLP) – (ISC)²

Technical Skills

Security Tools: Splunk, IBM QRadar, LogRhythm, Suricata, Snort, Nessus, Qualys, OpenVAS
Penetration Testing: Kali Linux, Metasploit, Burp Suite
Digital Forensics: EnCase, FTK, Autopsy
Networking & Infrastructure: Palo Alto Firewalls, Cisco ASA, VPNs, IDS/IPS, Zero Trust Architecture
Programming & Scripting: Python, Bash, SQL
Frameworks & Compliance: NIST, CIS Controls, ISO 27001, PCI DSS, HIPAA, CCPA
Cloud & Virtualization: AWS Security, Azure Security, VMware

Professional Experience

Harris and Rosales, LLP – Information Security Technician / Data Specialist
📅 March 2023 – June 2024

• Administered access controls and role based permissions in the Filvvine documentation system to strengthen internal data governance.
• Automated workflows to optimize data handling processes, achieving a 30% increase in operational efficiency.
• Generated daily security audit logs and compliance reports, supporting legal and internal regulatory requirements.
• Performed advanced SQL based data analysis to identify anomalies and support litigation processes.
• Collaborated in database hardening initiatives, contributing to a 25% reduction in unauthorized access attempts.
• Supported internal audits and risk assessments aligned with CIS controls.

Horizon Media – Information Security Officer
📅 June 2020 – March 2023

• Conducted daily access log audits and policy enforcement across critical systems, reducing insider threat potential by 15%.
• Managed physical and logical access control systems, ensuring alignment with corporate security posture.
• Authored security recommendations and incident prevention strategies based on audit findings and threat models.
• Analyzed employee behavior data for risk based access decisions in coordination with HR and compliance teams.

Almost Diamonds Inc. – Threat Data Analyst
📅 January 2015 – June 2020

• Engineered and deployed cyber threat defense solutions, enabling a 40% boost in secure transactional performance.
• Led vulnerability management lifecycle, performing scans, pen testing, remediation tracking, and validation.
• Operated and maintained enterprise grade SIEM platforms (Splunk, QRadar), correlating logs for real time detection.
• Orchestrated incident response effort triage, containment, forensic investigation, and recovery.
• Designed and led employee training programs to foster a 35% drop in phishing success rates.
• Ensured continuous compliance with regulatory standards including PCI DSS, HIPAA, and CCPA.

Projects

Risk Assessment Framework Implementation – Harris and Rosales, LLP

• Built and integrated a custom risk assessment model aligned with NIST SP 800-30 standards.
• Delivered a comprehensive threat and vulnerability matrix across legal and client facing systems.
• Authored incident response playbooks that standardized response workflows and reduced response time.

Education

University of California, Berkeley
📘 Bachelor of Science in Computer Science
📅 September 2004 – May 2008