Tammy R.
Details
Roche
Senior Cybersecurity Analyst
Office of Information Security - Senior Security Analyst - Governance
- Implement and run phishing awareness program
- Update policies in alignment with NIST 800-53 and CIS Controls
- Advise on security awareness training
2017 : 2023
Colorado Governor's Office of Information Technology
Senior Security Analyst
Cyber Risk Defense Center (CRDC) analyst - malware / intrusion team
Investigated SIEM security alerts across a network of over 100,000 endpoints, analyzing network traffic, and utilizing information from a variety of security tools.
Inspected file systems of potentially infected Windows workstations and extracted suspicious files for malware analysis.
Conducted open-source research on malware-related URLs and IP addresses.
Collaborated with the team for planning, results comparison, exchange of ideas, and new use case development.
Trained and guided new team members and after-hours contractor staff.
2014 : 2017
Kaiser Permanente
Cyber Security Analyst
Security Operations Center (SOC) analyst
Actively protected the Roche corporate network of over 100,000 end users in 100 countries using intrusion detection system (IDS) and SIEM, submitting and escalating remediation tickets for endpoints across the globe.
Primary administrator of an enterprise password vault with more than 3,000 accounts for 1,000 IT and business system owners. Performed daily administrative duties, including user account creation, user assistance and training, upgrades, and problem resolution.
Ran vulnerability reports and submitted tickets, escalating as necessary, for hardening and patching of vulnerable systems.
Provided on-call support after hours and weekends.
2009 : 2013
Roche
IT Security Analyst
ITIL / ITSM change coordinator on an international team supporting a matrixed IT infrastructure organization.
2007 : 2009
Roche
ITIL Change Coordinator
Skills
Analysis, Anti-phishing, Antivirus, Certified Novell Engineer, Change Control, CISSP, Cybersecurity, GCIH, GIAC, Global Operations, IBM AIX, IBM Tivoli, Identity & Access Management (IAM), IDS, Information Security, Information Security Awareness, Information Security Policy, ITIL, ITIL Certified, ITIL v3 Foundations Certified, IT Service Management, Log Analysis, Malware Analysis, Malware Detection, Network Traffic Analysis, NIST 800-53, Novell Netware, Security, Security Information and Event Management (SIEM), Security Policy Development, Shell Scripting, SIEM, System Administration, Vulnerability Scanning, Windows NT, Wireshark, Security Awareness, Incident Management, Information Technology, Identity Management, Computer Security, Vulnerability Management, Service Desk, IT Operations, IT Strategy, Help Desk Support, Disaster Recovery, Windows 7, Servers, IT Audit