Jerome Z.

Jerome Z.

Penetration tester
Work experience
  • Penetration TesterCxLoyalty
    July 8, 2019 - Present

    Key Responsibilities:
     Design, document and implement pen testing methodology based on industry norms.
     Performing a Network and Web Application Penetration testing.
     Defining the scope for security testing assignments.
     Managing complex multi-faceted security testing assignments.
     Developing and quality assuring security test reports.
     Working with internal clients and stakeholders to develop appropriate remediation plans.
     Select, design and create appropriate tools for testing.
     Managing and delivering security testing assignments.

  • Network Penetration Testing Remediation CoordinatorThe Depository Trust & Clearing Corporation (DTCC)
    July 31, 2017 – March 13, 2019

     Performs an authorized penetration test using the same techniques used by today’s cybercriminals to hack into
    a network or application. These procedures require adequate working knowledge on system and device
    administration, operating systems such as Windows and Linux, network infrastructure and architecture,
    information security policies, compliance requirements and best practices.
     Support the Cyber Security Assessment Team (CSAT), in collaboration with various business and project teams,
    in gathering technical results for completed network penetration tests and prepare reporting for IT platform
    owner alignment meetings.
     Ensure all pentest findings are well documented, properly risk rated per established DTCC risk rating criteria, re-
    scored using the established risk rating and turned over into the remediation process.
     Collaborate with the CSAT Security Program Coordinator to ensure retesting is scheduled for findings that meet
    the requirements.
     Responsible for remediation coordination efforts, providing general administrative duties such as calendar
    monitoring, setting up meetings, and entering project time related to ongoing and upcoming network
    penetration tests and associated remediation efforts for these tests.
     Participate in meetings with team members, business members, and vendors and being able to identify
    additional follow up needs.
     This position works within a highly technical cyber security team and will play a key role in helping to further
    mature the security program and the team’s capabilities.

  • Penetration Testing Specialist/Security ConsultantTrustwave
    June 1, 2016 – July 30 2017

    Different testing environments were experienced in testing such as internal, and external
    applications and networks. Responsibilities include:
     Network Penetration Testing
     Web Application Penetration Testing
     Detailed Technical Report Writing
     Excellent working knowledge of computer networks and their vulnerabilities.
     Excellent working knowledge of layer-two and three networking issues.
     Excellent operating system knowledge in Windows-based and Unix-based systems.
     Knowledge of and demonstrable experience with a wide range of different attack tools.

  • Network Security EngineerTrustwave
    March 23, 2015 – May 31, 2016

    Currently deployed as a Security Analyst for Trustwave Holdings. My duties and responsibilities are:
     Helps businesses fight cybercrime, protect data and reduce security risk.
     Manage UTM devices and Firewalls (Cisco ASA, Juniper Netscreen, Linux UTM/IPTable.)
     Provide managed technologies which includes Juniper NetScreen, CiscoASA, and Linux based firewalls, web
    proxy and content filtering (Squid | Websense Cloud | PANDB), in-line network antivirus, IDS/IPS, IVS and NAC.
     Configure and troubleshoot connectivity and security issues on TrustOS, Cisco ASA, and Juniper Netscreen UTM
    firewalls with varying degrees of network architectural complexity
     Provide assistance during customer audits utilizing SIEM for log retrieval and security event management
     Provide exceptional direct customer facing support leveraging phone and support ticketing queues
     Document actions in cases to effectively communicate information internally and to customers
     Adhere to policies, procedures, and security practices
     Resolve problems independently and understand escalation procedure

  • Internet Helpdesk, Technical DivisionDocomo Intertouch
    August 13 2012- April 29 2014

     Addresses real-time enquiries about the Company’s Broadband Internet service from the hotel or guests via
    telephone.
     Assist 3-5 Star Hotel Guest or Staff to troubleshoot internet connection problem.
     Monitor and track technical issues to ensure accurate resolutions.
     Handle calls with first class quality.
     Monitor Hotel’s Network systems status.
     Report preparation and generation
     Cater to other requests from the subsidiaries, clients, supervisors, Quality Assurance Team, Training and
    Development Team, and Managers on any floor performance related data/metrics.
     Ensure attainment of high customer satisfaction, service level, schedule adherence, quality, minimal AHT and
    acceptable individual and team escalation targets.
     Was assigned as Subject Matter Expert (Technical Division) to guide newly hired employee for the job protocols.

Education
  • Bachelor of Science in Information TechnologyUniversity of Saint Louis Tuguegarao
    2008 - 2012