COLM KENNY

· CompTIA Network+ and CySA+ training

· Learning more about CrowdStrike along with previously used applications such as ServiceNow, Splunk and TryHackMe

· Working on Curriculum vitae layout, teamwork and time management skills

• Administered and conducted weekly vulnerability scans and reports for domains and IPs
• Responded to daily alerts and incidents across SIEM and Anti-virus endpoint protection applications and took immediate action or escalated to management and relevant contacts
• Used open-source research to discover fraudulent job offers and raised requests with third parties to have social media scam accounts and/or typosquatting domains and websites taken down
• Maintenance of company and subsidiary domains, IPs and management contacts across Excel and third party applications
• Developed and updated processes for actions to be taken on various incidents
• Reported to our team on weekly meetings about latest threats, incidents (open ports, leaked credentials etc), actions taken, statistics etc

• Permitted role-based access control temporarily to employees needing to use restricted applications
• Used active directory to assign and revoke user permissions
• Used identity and access management applications to grant once-off permissions for large payments
• Updated application procedures for new employees as the main work was decentralized to a team based abroad

• Worked on a temporary contract role which involved scanning internal IPs for vulnerabilities and preparing the reports for other IT/Infosec teams to decide upon patching or other actions to be taken

• Daily monitoring through Sophos Endpoint Protection
• Identifying attempts at unauthorised access through analysing Splunk logs
• Conducting vulnerability scanning and reports using Nexpose
• Patching end-user machines through Ninite application and WSUS (Windows Server Updates Services)
• Assisting the Information Security Lead with the implementation of the ISO/IEC 27001:2013 standard
• Regular contact with our IT support team in relation to maintenance of domains, IPs, raising tickets to resolve user and network issues etc
• Gathering daily information on new vulnerabilities and threats.

• Analyzing personal and business credit card transactions for suspicious transaction reporting and raising alerts to my manager and fraud prevention team

• Conducted regular contact with business risk teams to help ensure that they were handling data loss incidents and assisting with their own queries
• Reported specific breaches to the Data Protection Commissioner incident team
• Stored investigation letters from the Data Protection Commissioner’s office and liaised with my manager on responses to those requests.
• Maintained and updated data protection issues and breaches on internal databases
• Updated data protection policies, standards, guidelines and processes

• Provided customer support to business online customers and employees
• Handled customer complaints before escalations to team manager
• Used active directory to apply and revoke employees access to internal applications
• Reviewed and updated procedures for HR applications used by employees
• Assisted the intranet editor with applying changes to the web portal platform