Security Professional Resume examples & templates

Michael Rodriguez

Denver, CO 80202 • (720) 555-8976 • mrodriguez@emailprovider.com • linkedin.com/in/michaelrodriguez

Entry-level security professional with hands-on experience in vulnerability assessment and incident response. Recently completed Security+ certification to complement my technical background. Quick learner who identified and remediated 17 critical vulnerabilities during university internship. Looking to apply my analytical skills and security knowledge in a SOC Analyst role.

EXPERIENCE

Security Operations Intern – CyberShield Solutions, Denver, CO
January 2023 – Present

• Monitor SIEM alerts and escalate potential security incidents to senior team members, reducing false positive reporting by 22%
• Perform vulnerability scans using Nessus and document findings for the remediation team
• Assist with weekly threat hunting activities, helping identify 3 previously undetected network anomalies
• Update security documentation and develop basic scripts to automate routine monitoring tasks

IT Help Desk Technician – University of Colorado, Boulder, CO
August 2021 – December 2022

• Provided tier 1 technical support for 400+ faculty and staff members, resolving an average of 38 tickets weekly
• Implemented basic security measures including password resets, multi-factor authentication setup, and malware removal
• Created user guides for common security practices like phishing awareness and secure file sharing
• Collaborated with IT security team during a ransomware incident affecting 6 department systems

Technical Support Volunteer – TechBridge Community Center, Denver, CO
May 2021 – August 2021

• Assisted community members with computer troubleshooting and basic cybersecurity practices
• Led 2 workshops on internet safety for seniors, covering topics like password management and recognizing scams

EDUCATION

Bachelor of Science, Information Technology
University of Colorado, Boulder – May 2022
Minor: Cybersecurity

CERTIFICATIONS

• CompTIA Security+ (May 2023)
• CompTIA A+ (January 2022)
• Microsoft Azure Fundamentals AZ-900 (November 2022)

SKILLS

• Security Tools: Wireshark, Nessus, Splunk (basic), Metasploit (basic)
• Operating Systems: Windows, Linux (Ubuntu, Kali)
• Networking: TCP/IP, firewalls, VPNs
• Scripting: PowerShell, Python (beginner)
• Concepts: Vulnerability Management, Incident Response, Security Controls
• Other: Documentation, Communication, Problem-solving

PROJECTS

Home Lab Security Environment – Ongoing

• Built a virtual security lab using VirtualBox to practice penetration testing techniques and security hardening
• Documented findings and created a personal knowledgebase of common vulnerabilities and fixes

University Capstone: SMB Security Assessment – Spring 2022

• Conducted security assessment for local business as part of 4-person team
• Identified 17 security vulnerabilities and provided remediation recommendations

Marcus J. Patterson

Atlanta, GA | (404) 555-7821 | m.patterson@emailpro.net | linkedin.com/in/marcusjpatterson

Security professional with 6+ years of experience in vulnerability management, security operations, and incident response. Skilled at translating complex technical risks into business-friendly language while maintaining strong relationships with stakeholders. Track record of reducing security incidents by implementing proactive measures and training programs across diverse environments.

PROFESSIONAL EXPERIENCE

Senior Security Analyst – TechSecure Solutions, Atlanta, GA (June 2021 – Present)

• Lead vulnerability management program for 3,200+ endpoints, reducing critical vulnerabilities by 78% in first 9 months through prioritization framework I developed
• Spearheaded implementation of SOAR platform that cut incident response time from 42 minutes to 11 minutes on average
• Coordinate security awareness training for 900+ employees; phishing test failure rates dropped from 24% to 7%
• Collaborate with DevOps teams to integrate security testing into CI/CD pipeline, catching 31 potential exploits before production
• Mentor two junior analysts and provide technical guidance on complex security issues

Security Analyst – Meridian Financial Group, Columbus, OH (March 2019 – May 2021)

• Monitored security events using Splunk and QRadar, investigating ~40 alerts per week and escalating legitimate threats
• Conducted weekly vulnerability scans and prioritized remediation efforts based on risk to business operations
• Performed security reviews for 17 third-party vendors, identifying contract compliance gaps in 8 cases
• Created documentation for security incident response procedures that reduced containment time by 35%
• Assisted with PCI-DSS compliance activities and gathering evidence for quarterly audits

IT Support Specialist – Pinnacle Systems, Columbus, OH (Aug 2017 – Feb 2019)

• Provided tier 2 technical support for 200+ users across multiple locations
• Identified and reported potential security issues, leading to my transition into security role
• Deployed and maintained endpoint protection software across corporate network
• Helped develop and test disaster recovery procedures for critical business systems

EDUCATION & CERTIFICATIONS

Bachelor of Science, Information Technology – Ohio State University (2017)

Certifications:

• Certified Information Systems Security Professional (CISSP) – Expected December 2023
• CompTIA Security+ (2018, renewed 2021)
• Certified Ethical Hacker (CEH) (2020)
• Splunk Certified User (2019)

TECHNICAL SKILLS

• Vulnerability Management: Tenable.io, Qualys, Rapid7
• SIEM: Splunk, QRadar, Microsoft Sentinel
• Endpoint Security: CrowdStrike, Carbon Black, Microsoft Defender ATP
• Network Security: Cisco ASA, Palo Alto, Wireshark
• Cloud Security: AWS, Azure (basics)
• Scripting/Programming: Python, PowerShell, Bash
• Compliance Frameworks: NIST CSF, PCI-DSS, SOC2
• Incident Response & Digital Forensics (basic knowledge)

PROJECTS & ADDITIONAL EXPERIENCE

• Developed custom Splunk dashboard for executive reporting that’s now used company-wide
• Active member of local OWASP chapter and helped organize 2 security workshop events
• Participated in internal red team exercise that identified 3 critical gaps in network segmentation

Miguel A. Ramirez

mramirez@securemail.net | (415) 555-8732 | San Francisco, CA 94107
linkedin.com/in/miguelramirez | github.com/mramirez-security

Security professional with 10+ years specializing in enterprise security architecture, cloud infrastructure protection, and threat intelligence. Proven track record leading security initiatives across financial services and healthcare sectors. Known for balancing robust security controls with business objectives while fostering cross-functional collaboration. CISSP, CISM, and AWS Security certified.

PROFESSIONAL EXPERIENCE

Lead Security Architect | Healthnet Systems, Inc. | San Francisco, CA | March 2020 – Present

• Architected and implemented Zero Trust security framework across hybrid cloud environment, reducing unauthorized access attempts by 76% and cutting incident response time from 4.3 hours to 37 minutes
• Lead team of 7 security engineers responsible for protecting patient data across 17 healthcare facilities serving 1.2M+ patients
• Spearheaded migration from legacy security tools to cloud-native solutions, eliminating 3 on-premise appliances and saving $327K annually
• Developed custom threat hunting playbooks that identified previously undetected APT activity (we caught something the big vendors missed!)
• Collaborate with CISO to translate strategic security initiatives into actionable implementation plans for engineering teams

Senior Security Engineer | Pacific Financial Group | San Francisco, CA | June 2017 – March 2020

• Managed security operations for critical financial infrastructure processing $14B in annual transactions
• Rebuilt vulnerability management program, increasing scan coverage from 68% to 97% and reducing critical/high findings remediation time from 31 days to 8 days
• Designed and deployed enhanced IAM solution using Okta + custom workflows, eliminating 90% of privileged access exceptions
• Led security incident response for ransomware attempt, successfully containing threat with zero data loss and minimal operational impact

Security Engineer | TechDefend Consulting | Boston, MA | August 2014 – May 2017

• Performed security assessments and penetration tests for 30+ clients across financial, healthcare, and retail sectors
• Discovered critical SQL injection vulnerability in client’s payment processing system that could have exposed 50k+ credit card records
• Developed custom security monitoring dashboards using Splunk and ELK Stack, reducing alert fatigue by 42%
• Assisted in PCI-DSS compliance initiatives for e-commerce clients, achieving 100% compliance for 12 consecutive quarters

EDUCATION & CERTIFICATIONS

Master of Science, Information Security | Boston University | 2014

Bachelor of Science, Computer Science | University of Massachusetts | 2012

Certifications:

• Certified Information Systems Security Professional (CISSP) – 2016
• Certified Information Security Manager (CISM) – 2018
• AWS Certified Security – Specialty – 2019
• Certified Cloud Security Professional (CCSP) – 2020
• GIAC Certified Incident Handler (GCIH) – 2017

TECHNICAL SKILLS

• Security Tools: Crowdstrike, Palo Alto, AWS Security Hub, Azure Sentinel, Tenable.io, Rapid7
• Cloud Security: AWS (GuardDuty, WAF, Security Hub), Azure (Sentinel, Defender), GCP Security
• Compliance: PCI-DSS, HIPAA, SOC2, GDPR, NIST CSF/800-53
• Scripting/Development: Python, Bash, PowerShell, Terraform, Docker
• IAM/Zero Trust: Okta, Azure AD, AWS IAM, Privileged Access Management
• Security Operations: SIEM implementation, threat hunting, incident response, forensics

ADDITIONAL INFORMATION

Conference speaker at BSides San Francisco 2022: “Practical Approaches to Zero Trust in Healthcare”
Contributor to OWASP Application Security Verification Standard (ASVS)
Mentor for Women in Security and Privacy (WISP) organization