Information Security Technical Specialist
AIRBUS
Total des années d'expérience :5 years, 10 Mois
Leading Compliance, Audits & Vulnerability Management for China, including reporting to top management. Also, supported on Industrial Cyber Security topics.
Leading, and managing security tools topics for China such as McAfee ePO, Forcepoint DLP, Splunk/SOC, Bitlocker, EDR & Stormshield, and Qualys including troubleshooting all issues related with these tools.
Developed a custom Splunk App for China, consisting of multiple dashboards and reports that support Compliance, Audits, Vulnerability Management, and Security Operations.
Developed multiple script solutions with a combination of Powershell, Python, and Javascript that automate Security activities and support the team's objectives and goals.
Matured processes and developed technical solutions to ensure China's Compliance for assets is above 90% throughout the year.
Expanded the coverage of our security tools such as McAfee, SOC, EDR on all compatible assets, including Industrial assets. Ensured our tools and compliance checks are covering Phoenix project and Industrial projects. Created an automated security tools report for China's coverage check.
For P0 vulnerabilities maintained Mean Time to Recovery at 22 days (TFO 70 days). Multiple P1 vulnerabilities were also closed within 2 days during 2023.
Linked multiple data sources with Splunk such as AD, Compliance report, Security tools(McAfee, SOC, EDR), SNOW, Netskope, Nomad to create a consolidated inventory list to support security operational activities and identify noncompliance proactively. Implemented new security KPIs into run mode.
Provided all required evidences to pass the internal and external ISMS audit
Perform vulnerability management, managed Splunk, McAfee ePO, Digital Guardian for implementation of DLP policies & rules, perform troubleshooting for security tools and creating reports.
Splunk developer, performed data analytics & data visualization, developed realtime monitoring to track Data Loss, risks/threats & compliance within the company.
Ensured compliance is above 90%, leading the compliance & audits for all types of assets.
Supporting and providing security technical expertise on projects.
Developed Powershell, Python & Javascript that can automate security operations.
Organizing Security, data classification training & Awareness sessions.
Client: Airbus Group
Splunk(SIEM) developer; created several real-time monitoring solutions, such as compliance dashboard, Data Leakage and risk monitoring dashboard for the business and Exceptions dashboard.
Enforcing compliance and vulnerability management for workstations, network equipment, servers(win/linux/unix/db) within Airbus Group
Managing McAfee ePO and firewalls
Implementing policies using Digital Guardian
Data loss prevention activity and information protection
Compliance reporting and tracking for workstations and servers
Root cause analysis for non-compliance
Technical training for the IM department
Organizing Security Awareness training session for the employees/business
Scripting for task automation using powershell
Managing Security Tools such as Splunk, McAfee ePO, Digital Guardian & Bitlocker. Created Splunk dashboard to monitor security activities & reports.
Leading Compliance, Audits & Vulnerability Management topics for all asset types. Automated security operational tasks with Powershell & Python.
Reduced security exceptions by providing compliant solutions & reduced data leakage by introducing proactive measures & also by launching campaigns to increase awareness.
Managing Win10 migration project and ensured a timely completion by proactive dealing with blockers.
Patching for vulnerabilities and taking remediation actions, removal of escalated privilege, access and unauthorized applications.
Incident management, provide technical support, create documentations, knowledge base and end-user training.
Research: Enterprises’ Crowdsourcing Motivation and Performance Evaluation
Research: Convolution Encoder and Viterbi Decoder based on FPGA