Mack J.
Education:
Associate's degree
Cyber security and information technology
Eastern Gateway College
Experience:
Information Security Engineer
2022 - Present
* Designed secure and resilient Python applications for vulnerability management.
* Strengthened application security through design, implementation, and code reviews.
* Conducted automated cybersecurity testing for services, web apps, and APIs.
* Coordinated with Engineers, Operations, and other teams to implement risk analysis.
* Conducted threat and impact analysis to identify vulnerabilities with cloud platforms.
* Integrated governance, risk, and compliance activities into cybersecurity programs to ensure regulatory compliance and improve security posture.
Senior IT Specialist
2018 - 2022
* Oversaw security infrastructure and ensured regulatory compliance with industry best practices.
* Coordinated with internal and external stakeholders as needed to develop and implement technical solutions to remediate vulnerabilities and reduce risk
IT Specialist
2015 - 2018
* Developed and delivered comprehensive training to increase awareness of cyber threats and best practices across all levels of the organization
* Provided support for security infrastructure and Apple technical platform.
Support Specialist
2013 - 2015
* Conducted root cause analysis to resolve technical issues with Mac, PC and mobile platforms.
* Managed customer relationships through effective communication and problem-solving.
2012 : Present
Apple
Information Security Engineer
Company: Apple
Years of Experience: 11
I am devoted to exploring the ever-evolving information security trends that facilitate the seamless coordination of security and compliance with internal and external stakeholders. A comprehensive knowledge of automated security testing, web applications, APIs, and a passion for learning has provided me with a set of skills that spans defensive and offensive methodologies.
Topics That Interest Me:
🔹 Threat intelligence.
🔹 Network Security
🔹 Firewall Security
🔹 Endpoint Security
🔹 Intrusion Detection
🔹 Data Loss Prevention
🔹 Security Information and Event Management (SIEM)
🔹 Identity and Access Management (IAM)
🔹 Penetration Testing
🔹 Vulnerability Management
🔹 Patch Management
🔹 Application Security
🔹 Cloud Security
🔹 Mobile Device Security
🔹 Social Engineering
🔹 Phishing and Spear Phishing
🔹 Ransomware
🔹 Malware Analysis
🔹 Cyber Threat Intelligence
🔹 Cybersecurity Frameworks
🔹 Risk Management Frameworks
🔹 Disaster Recovery
🔹 Business Continuity Planning
🔹 Cyber Insurance
🔹 Third-Party Risk Management
🔹 Data Privacy
🔹 Compliance Auditing
🔹 Cybersecurity Policies and Procedures
🔹 Security Awareness Training
🔹 Cybersecurity Metrics and KPIs
🔹 Regulatory Compliance
🔹 PCI DSS Compliance
🔹 HIPAA Compliance
🔹 GDPR Compliance
🔹 ISO 27001/27002 Compliance
🔹 NIST Cybersecurity Framework
🔹 Cybersecurity Risk Assessments
🔹 Security Assessments and Audits
🔹 Security Governance
🔹 Risk Management
🔹 Security Incident Management
🔹 Security Governance
🔹 Cybersecurity Metrics and Reporting
🔹 Cybersecurity Training and Education
🔹 Cybersecurity Best Practices
🔹 Security Architecture and Engineering
🔹 Security Testing and Evaluation
🔹 Security Information Management
🔹 Security Risk Management
🔹 Threat Modeling
🔹 Security Operations
🔹 Security Assessment and Authorization
🔹 Cybersecurity Consulting
🔹 Cybersecurity Management
🔹 Identity and Access Governance
🔹 Data Governance
🔹 Compliance Management
🔹 Vendor Management
🔹 Security Standards
🔹 Security Policies
🔹 Security Compliance
🔹 Security Governance Models
🔹 Cybersecurity Tools and Technologies
🔹 Cybersecurity Awareness Programs
🔹 Security Incident Response Planning
🔹 Security Compliance Monitoring