Irving Ngwayah, Cyber Security Engineer
Brooklyn park, 55444, United States, +1(763)245-4861, irvingngwayah@gmail.com,
www.linkedin.com/in/irving-d-ngwayah
SUMMARY
Dynamic Cyber Security Engineer with over 4 years of experience in
cybersecurity, threat analysis, and risk management. Proven track record of
achieving 99% data security while managing comprehensive databases for
20,000+ users. Skilled in utilizing SIEM tools, Nmap, and Nessus for identifying
vulnerabilities, and developed security programs enhancing compliance across
various standards. Dedicated to promoting best practices and reducing risks,
poised to deliver effective solutions in safeguarding information systems.
WORK EXPERIENCE
08/2024 – Present
Cybersecurity Analyst, Quest IT Solutions Inc., Minneapolis
- Executed comprehensive threat analysis in a 24/7 environment, effectively
mitigating and managing threats and risks to the company, achieving a
notable 99% data security rate using tools such as Nmap, Nessus, and
Wireshark. - Oversaw a team of 40 instructors, ensuring timely delivery of company
projects. - Formulated and implemented rules and policies for 8000 end-users in data
protection areas like DLP, utilizing tools such as OpenVAS and Wireshark
to enhance operational efficiency. - Solely managed a comprehensive database of over 20,000 users,
significantly boosting overall departmental performance. - Identified over 350 new viruses and hidden malware within three years,
safeguarding the company from potential damage to 15,000 computers
through the use of tools like Burp Suite and Metasploit. - Conducted unannounced security inspections for a site with 1000
employees, validating the safety and integrity of all technical operations
using tools such as Nmap and Nessus. - Executed a site-wide inventory project for 200 laptop computers,
maintaining accurate records for company clients with the help of tools like
Wireshark and OpenVAS. - Monitored security infrastructure for Indicators of Compromise and anti
malware occurrences via SIEM dashboards.
11/2023 – 08/2024
Information Security Analyst, F2Onsite Minneapolis
- Conducted security risk assessments for enterprise technologies and operations, aligning with ISO/IEC 27001, ITIL, COBIT, NIST frameworks,
and PCI-DSS standards. - Created and maintained engaging training modules and materials,
elevating cybersecurity awareness and compliance for over 8000
employees. - Developed and managed a formal information systems security program,
facilitating annual PCI DSS and ISO27001 re-certifications. - Administered and secured Identity and Access Management (IAM)
modules across multiple systems and applications for over 7000 employees, enhancing user and data access control. - Engineered User Acceptance Test (UAT) scripts, conducting UATs for in
house-developed applications and SaaS products to ensure system security functionality and compliance with business objectives. - Advocated cybersecurity best practices by providing security awareness
training to stakeholders, significantly reducing human-related security risks.
07/2023 – 10/2023
Security Analyst, Smith’s Medical Minneapolis
- Conducted security risk assessments for enterprise technologies and operations, aligning with ISO/IEC 27001, ITIL, COBIT, NIST frameworks,
and PCI-DSS standards. - Created and maintained engaging training modules and materials,
elevating cybersecurity awareness and compliance for over 8000
employees. - Developed and managed a formal information systems security program,
facilitating annual PCI DSS and ISO27001 re-certifications. - Administered and secured Identity and Access Management (IAM)
modules across multiple systems and applications for over 7000 employees, enhancing user and data access control. - Engineered User Acceptance Test (UAT) scripts, conducting UATs for in
house-developed applications and SaaS products to ensure system security functionality and compliance with business objectives. - Advocated cybersecurity best practices by providing security awareness
training to stakeholders, significantly reducing human-related security risks.
01/2022 – 12/2022
Network Operator Engineer, Xoriant Corporation, Minneapolis
- Diagnosed and resolved issues related to servers, networks, and
telecommunications.
Continuously troubleshot and monitored network performance to maintain
optimal operation. - Provided expert-level network support, administration, and management,
focusing on switching and routing. - Installed and maintained data servers and network equipment to ensure
operational efficiency. - Monitored day-to-day performance of servers, ensuring high levels of
uptime. - Documented and tracked support activities through a ticketing system
(ServiceNow). - Troubleshot and resolved network and server issues efficiently.
- Executed fiber cabling installations, including multi-mode, single-mode,
Cat5e, and Cat6e.
EDUCATION
07/2019 – 12/2023
Western Governors University
Master of Science, Information Technology Management Salt Lake City
07/2019 – 12/2023
Amity, University of India E-Learning
Bachelor of Science, Information Technology Noida, Uttar Pradesh
SKILLS
Network Security
Vulnerability Assessment
Firewall Configuration
Risk Assessment and Mitigation
Security Policy Development
Governance, Risk and Compliance
Cloud Security (AWS, Azure)
SIEM
Splunk
Burp Suite
Nessus
Wireshark
Nmap
Rsyslog
SET (Social Engineering Toolkit)
Cybersecurity Frameworks: OWASP
Top 10
ISO/IEC27001
COBIT
PCI DSS
MITRE ATT&CK Framework
GRC
Team Collaboration
Cybersecurity
Infrastructure Security
Information Security Fundamentals
Intrusion Techniques
Attention to Detail
Threat Modeling
Python
Accountability
Solutions Oriented
Microsoft
SOC2
NIST
ISO
Vulnerability Scanners
Virtual Machines, Next Gen AV, Application Whitelisting MDM
Ticketing Systems
Data Security and Posture
Management, API Security
Incident Response
Penetration Testing
Security Information and Event
Management (SIEM)
Encryption Technologies
Disaster Recovery Planning
MySQL Database management
Tools: AWS
SOAR
XDR
Metasploit
Hashcat
VirusTotal
Cryptography
OpenVAS
MSF Venom
NIST
CIS Critical Security Controls
HIPAA
CIS Controls
Zero Trust Security Model
CS-VRM
Leadership
Information Technology
Cyber Forensics
Network Hardening
Risk Management
Information Technology Security
Solutions
PowerShell
Networking Protocols
Autonomous
Finance
Mac
ITIL
COBIT
PCI
SIEM
Microsoft Products
MDR/EDR