Hermann Kodom
Network Security Analyst
Calgary,AB
Summary
Trusted network security analyst with ten years of diverse and extensive experience encompassing incident response, networking, and information systems. Serves as primary line of defense, has a strong track record in configuring and tuning security solutions to detect and block external threats. Resilient and flexible professional always ready to step in for emergencies, troubleshoot and fix issues that disrupt business operations.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Network Infrastructure Consultant
FX Innovation, Desjardins
Montréal, QC
05.2022 - 12.2022
- Created the infrastructure (VMware virtual machines & appliances) for rolling out a Database Activity Monitoring solution (IBM Guardium).
- Defined and set the firewall rules within a Software Defined Data Center (SDDC) using the NSX-T Distributed Level 4 Firewalls to allow secure network traffic between each virtual machine making up the solution (zero trust principle).
- Performed capacity and performance assessments of the solution infrastructure (servers and software) to ensure it fits the overall network setup.
- Carried out IAM-related activities, including setting up users and network service accounts and defining access following industry best practices (Principle of least privilege).
- Drew the network diagrams (prod, certification & dev environments) using Microsoft Visio and put together detailed documentation explaining the function of every single solution component.
- Supported and assisted other team members on issues related to my assignments.
Cybersecurity Specialist
Bell Canada, SOC
Montréal, QC
09.2017 - 03.2022
- Defined security policies to protect against threats and attacks targeting the network layer (Radware-DefensePro, Arbor Sightline, IPS, Firewalls).
- Set security policies to prevent web applications from being attacked using WAFs (BIG-IP F5).
- Set the SOC SIEM up (ArcSight) to receive security events (logs ingestions) and for alerting on the ticketing platforms (Maximo & Jira).
- Maintained the SOC defense systems (security policy adjustments and tuning) to detect actual attacks accurately.
- Carried out proactive IPS alerts and signature reviews (weekly) to issue reports and recommendations for defense hardening.
- Incident handling, troubleshooting, logs analysis, advanced forensics techniques (Wireshark and IP reputation script) & documentation.
- Administrated users' accesses and maintained email threats protection policies on the FireEye cloud platform.
Information Security Analyst
Hitachi Systems Security Inc. (SOC)
Blainville, QC
07.2016 - 08.2017
- Monitored network traffic for security events and incident reports using Snort-fed SIEM (Archangel).
- Analyzed security events logs (logs correlation) for malicious behaviors and indications of compromise.
- Supported and assisted customers in handling incident processes (containment & investigations).
- Performed recurrent security assessments and vulnerability scans (Qualys) on customers' critical assets.
- Issued monthly detailed security reports and recommendations to customers.
- Performed weekly Snort rules updates to increase the SOC SIEM detection capacity and accuracy.
- Monitored and maintained the IDS sensors' health to ensure logs were properly ingested into the SIEM.
Software Testing Consultant
CGI
Shawinigan, QC
05.2016 - 07.2016
- Assisted in defining and selecting criteria and test cases
- Assessed the test scopes and selected the variables to be tested
- Performed every single test case and scenario
- Reported defects to development teams for fixing and re-testing until no error remains
- Documented test results and issued reports
- Signed off the whole testing process before releasing it into production.
SAP Authorizations Consultant
Page Personnel (A Michael Page Group Company)
Paris, France
10.2013 - 06.2014
- Created users' authorizations from scratch during SAP's initial deployment phase.
- Conducted the authorization testing phase (profiles segregation testing).
- Performed the authorization roll-out and released them into the SAP production environment.
- Maintained user accounts (about 800 accounts).
- Assisted in carrying out other project deliverables, including SAP FICO initial settings.
- Assisted in writing documents and materials for end-user training.
SAP Administrator
Rio Tinto
Paris, France
07.2011 - 05.2013
- Carried out IAM-related duties on SAP and managed about 1800 user accounts company-wide (creations, updates, suppressions, etc.).
- Managed users' authorizations and rights following the principle of least privilege and ensured their profiles were segregated according to their assignments.
- Worked with a third party (Solution integrator) through a ticketing platform (i-Trac) to promptly track SAP technical issues and resolve them.
- Supported and troubleshot end-users with SAP technical and functional issues.
- Worked with the internal audit team to provide evidence and documents out the SAP system for SOX compliance controls (monthly, quarterly & annually).
- Worked with the internal audit team to remediate and fix issues identified by a third-party audit (Ernst & Young) to meet the requirements for SOX compliance.
Education
College Certificate - Information Security And Networking
Cegep De Bois-de-Boulogne
Montreal, QC06.2016
Master of Science - Business Information Systems
Emlyon
Lyon, France05.2013
Skills
- CISSP, GCIH, GCIA, CCSK v4, DefensePro Radware
- Networking fundamentals, switching & routing, TCP/IP, OSI model, LAN/WAN
- Incident Response (security events & logs analysis, intrusion detection & mitigation, forensics)
- Security solutions configuration and tuning (firewalls, IPS/IDS, WAFs)
- Vulnerability Assessments (vulnerability scans)
- Secure Communications (data encryption, PKI, Digital signature)
- Troubleshoot Malfunctions
- Virtualization solution (VMware) Cloud Computing (AWS)
- Security standards and frameworks (NIST, PCI-DSS, ISO 27001)
- Pragmatic, rational and independent
Certification
- CISSP - Certified Information System Security Professional
- GCIH - GIAC Certified Incident Handler
- GCIA - GIAC Certified Intrusion Analyst
- CCSK V4 - Certification of Cloud Security Knowledge
- DefensePro Level 1 (v8.x) Certification (RCSS)
- CCNA - Cisco Certified Network Associate
Timeline
Network Infrastructure Consultant
FX Innovation, Desjardins
05.2022 - 12.2022
Cybersecurity Specialist
Bell Canada, SOC
09.2017 - 03.2022
Information Security Analyst
Hitachi Systems Security Inc. (SOC)
07.2016 - 08.2017
Software Testing Consultant
CGI
05.2016 - 07.2016
SAP Authorizations Consultant
Page Personnel (A Michael Page Group Company)
10.2013 - 06.2014
SAP Administrator
Rio Tinto
07.2011 - 05.2013
College Certificate - Information Security And Networking
Cegep De Bois-de-Boulogne
Master of Science - Business Information Systems
Emlyon
Similar Profiles
Élise FilteauÉlise Filteau
Directrice des services gérés, ServiceNow at FX InnovationDirectrice des services gérés, ServiceNow at FX Innovation
Alain NombreAlain Nombre
Consultant MAC at FX InnovationConsultant MAC at FX Innovation
Hunter HollowsHunter Hollows
VFX Data Wrangler at Weta FXVFX Data Wrangler at Weta FX
Jacquie SparrowJacquie Sparrow
Senior Programs Coordinator at Parks Foundation CalgarySenior Programs Coordinator at Parks Foundation Calgary
Delina TesfazghiDelina Tesfazghi
Sales Associate/Customer Service Cashier at Mihreta BotiqueSales Associate/Customer Service Cashier at Mihreta Botique