About me

Phone: (438) 992-4258

 

 

Email: gedwinquezada@gmail.com

https://gedwinquezada.wixsite.com/chaos2security/home

LinkedIn: http://www.linkedin.com/in/gedwinquezada

https://youtube.com/@chaos2security460

                                                                     January 2025

 

Cybersecurity analyst / IT Professional

Professional Summary

 

Responsibilities:

  • Protecting computer networks: Be the first line of defense against cybercrime. Anticipate and defend against cyber threats, aiming to prevent security breaches. If or When a breach occur, be able to respond promptly to mitigate the impact.
  • Monitoring and evaluating threats: continuously monitor IT infrastructure, evaluate potential threats, and identify vulnerabilities in the network. Strive to enhance network security and protect sensitive information from unauthorized access.
  • Testing network security: conduct regular tests to identify weaknesses in the network before bad actors can exploit them. By proactively finding vulnerabilities, as a team, we implemented measures to strengthen network security.
  • Collaborating with teams: as an analysts I worked closely with IT teams and other stakeholders to develop and implement security measures. They provide insights and recommendations to enhance security protocols and software choices.
  • Creating IRP: involved in creating an Incident Response Plan that outline procedures to be followed in case of an incident. This plan ensure the continued operation of the organization's IT department and include preventive measures like data backups.
  • Staying updated: staying informed about emerging technologies, industry trends, and best practices. This allows me to adapt quickly to evolving cyber threats and contribute effectively to the organization's security efforts.
  • Azure AD, Defender, InTune and Microsoft Sentinel, Plus other tools.
  • Latest training: Vulnerability Management, Vulnerability analyst, Mitre Att&ck foundations.

As a cybersecurity analyst I played a critical role in protecting computer networks and sensitive information from cyber threats. Responsible for anticipating, defending against, and responding to security breaches, as well as collaborating with teams to enhance network security.

Others:

 

        Windows Server environment: 2012, 2008, 2016.

 

        Windows desktops environment: Windows 7/8/10 and other legacy Operating Systems.

 

        Other known Operating Systems: MAC OS, IOS, Linux (Fedora, Opensuse, Ubuntu desktop, Linux.

 

        Cloud App security, Exchange admin center, MS Endpoint Manager Admin center, etc.

 

        PowerShell: see my website for examples, text to speech, speech to text, voice recognition etc.

 

        Azure AD, Sentinel SIEM (Defender, Exchange online, security center.)

 

        Ticketing systems: Remedy, Service now

 

 

Day to day

day-to-day activities, scanning for vulnerabilities using Nexpose and/or NMap but as part of the SOC I dealt mostly with Nexpose, please visit my site for NMAP and Python examples, these tools helped identify weaknesses, network gaps, and applications that could potentially be exploited by attackers, Regularly scanning for vulnerabilities, as a cybersecurity analyst I proactively address these weaknesses and mitigated potential risks, if any or provided a report to the sysadmin so that this gaps could be address.

 

Help manage and verify the configuration settings for multiple computers in a network.

Work with Group Policy to enforce security policies and settings across the organization's Windows systems, work alongside the system administrators.

This may involve verifying the configuration of password policies, verifying firewall rules, restricting access to certain resources, and implementing other security-related configurations.

Monitor and audit Group Policy changes to ensure compliance and identify any potential security risks, also alongside the Windows administrators.

 

Check and monitors for common vulnerabilities: Microsoft Sentinel, collect and analyze security event logs from various sources, including Windows clients. 

 

Besides that I have been in IT as tech support (from level 1 and 2, to team lead), I have extensive knowledge helping, brainstorming any technical hardware/software issues that may need assistance.

 

MAC environment

Enabling network printing support.

Setup, installation and troubleshooting of applications.

Setup and installation of Parallels for clients to use Windows for legacy applications.

Configuring, installing and backing up Iphones, Ipads, IMACS and MACBOOKS.

Hardware support (limited) – adding memory, swapping hard drives.

Airwatch- administration of MAC devices via airwatch, remote wipe, limiting applications, user access etc.

Hardware Procurement: contact with Apple (thunderbolt, USB or Bluetooth devices).

Daily support such as user account issues, printer support, application issues, shared access issues, Fonts issues etc.

Image creation for Backups.

 

Scripting Languages

 

Powershell: please visit my website for examples.

Python: please visit my website for examples, most used to find vulnerabilities.

 

 

 

Tools

 

Windows: Eventviewer, Ping,NBTstat, RDP, netstat, route print, sysinternals for cyber investigations, etc.

Azure AD (Entra)

Defender 365

InTune

Azure sentinel: SIEM

Threat hunting tools: Defender KQL, Microsoft Sentinel

PCI DSS auditing: Netsparker

Windows Administrative Tools: network monitor, Wireshark (packet sniffer), Nmap, Networking tools, e-mail protocols: SMTP, POP, IMAP, print servers, checkpoint, RSA validating and revoking licenses, and Symantec Endpoint console.

 

Other tools: nmap, wireshark, nessus, owasp, openvas, Qualys, etc.

 

 

Certifications

CA - FortiGate 7.4 Operator Self-Paced

Comptia A+

Comptia PDI+

Comptia Network+

Comptia Security+

See LinkedIn for additional training certificates.

 

Languages

Languages:                                   French (spoken) Spanish (fluent).

 

 

 

Courses Taken

 

        Official CC course Completion (ISC)2 Certified in Cybersecurity

        Next Gen Network Security 2025

        Mitre Att&ck Foundations

        Systems Security Certified Practitioner: SSCP

        Security Engineering and System Hardening Bootcamp

        GIAC Security Essentials GSEC

        Microsoft Windows Server 2012/2016 

        Microsoft Security Operations Analyst

        Security in Office 365

        Red Team, Pen Testing

        Azure Identity and Endpoint Protection Basics

        Microsoft Azure Cognitive Services

        AI for CyberSecurity

        Implementing and Administering Azure Sentinel

        Security Architecture and Design.

        Security in Office 365 / Managing Identity

        Azure: Design an authentication and Data security strategy

        Cloud Architecture Foundation

        Azure security concepts

        Malware Analysis.

        Powershell

        Improving Cyber Security Framework.

        APT: Advanced Persistent Threat Hacking.

        Kali Linux Fundamentals

        Comptia PenTest+

        Organizational Data Security Fundamentals

        Security Operations

        Fundamental System Security

        Advanced cyber Threat Intelligence

        Microsoft Sentinel (SIEM)

        Splunk: log analyzing and monitoring tool

        AWS Certified Solutions Architect – Foundations

        Cyber Security Analyst

        Cyber Security Threat Intelligence Researcher/ Enterprise Cybersecurity Fundamentals

        CISA

        CySA: Cyber Security Analyst

 

To see a complete list please visit my LinkedIn URL. ( you will find it top left corner on this resume)

 

 

 

Education

Network Installation and Management diploma

Delta College, Montreal, QC

ICS

Computer Repair diploma, Montreal, QC

Courses: DOS, Windows 3.1, Hardware, software, troubleshooting.

Computer Information Systems Diploma,

Washington, DC.

Strayer College, Wash. DC

See more certifications in my LinkedIn page.

Hobbies:

Reading, Running, exercising, Camping.

 

Comments

Post a Comment

Popular posts from this blog

Steps to Create a Disaster Recovery Plan

Creating a comprehensive disaster recovery plan is essential for organizations to ensure business continuity and minimize the impact of potential disasters. While the specific steps may vary depending on the organization's needs, here are some general steps to consider when creating a disaster recovery plan: Assess Risks and Impact : Identify potential risks and threats that could disrupt business operations. Conduct a risk assessment to understand the impact of these risks on critical systems, data, and processes. Define Recovery Objectives : Determine the recovery time objectives (RTO) and recovery point objectives (RPO) for each critical system. RTO defines the maximum acceptable downtime, while RPO defines the maximum acceptable data loss. Inventory Assets : Create an inventory of hardware, software applications, data, and other critical assets. Document their location, dependencies, and ownership. Develop Recovery Strategies : ...
Read more