Andrei Cocan
Cybersecurity & Information Technology
Cybersecurity & IT graduate with a strong passion for offensive security. Experienced in policy compliance, audits, incident response, and access management in simulated environments. Skilled in analyzing system needs while ensuring confidentiality, integrity, and availability of information. Proficient in system and network installation, configuration, deployment, documentation, and troubleshooting. Familiar with NIST 800-53 and risk management, with hands-on experience in simulated penetration testing.
Technical Skills:
Certifications:
Cloud Platforms:
Amazon Web Services, Microsoft Azure
Compliance:
GDPR, HIPAA, PCI DSS, SOX
Databases:
MariaDB, MySQL
Frameworks:
CIS Controls, CMMC, MITRE ATT&CK, NIST 800-53 R5, NIST CSF, NIST Privacy Framework, Software/System Development Life Cycle
Networking:
Active Directory, DHCP, DNS, LAN/WAN, TCP/IP, VPN
Operating Systems:
Linux, Mac OSX, Windows Server 2016/2019/2022, Windows Workstation 8/10/11
Programming/Scripting:
Bash, PowerShell, Python
Security:
Cyber Crime and Incident Response, Disaster Preparedness and Recovery, Identity and Access Management, Security Compliance and Privacy, Threat Intelligence and Defense
Tools:
Ansible, Burp Suite, CyberChef, Event Viewer, Jira, Metasploit, Nessus, Nmap, OpenSSL, OWASP, VirusTotal, Wireshark
Virtualization:
KVM, UTM, VirtualBox, VMware Fusion/Workstation
Web Servers:
Apache, NGINX
Education:
BACHELOR OF SCIENCE, CYBERSECURITY | Full Sail University - Valedictorian
ASSOCIATE OF SCIENCE, INFORMATION TECHNOLOGY | Full Sail University - Valedictorian
September 2024
June 2023
Project Experience:
Conducted comprehensive analysis and delivered detailed presentations to upper management on compliance and security controls required for a local eyecare provider, leveraging knowledge of PCI DSS, the NIST Privacy Framework, and the seven domains of IT.
Produced comprehensive documentation on data backup, data retention, IAM, password, patch management, SDLC, security maturity, PCI DSS compliance policies, and a security plan for a growing ecommerce organization, utilizing the NIST 800-53 framework.
Performed authenticated and unauthenticated vulnerability scans using Nessus on exposed machines and conducted simulated penetration testing scenarios using Metasploit.
Established a new system and structure for a migrating law firm by creating a network topology, evaluating pricing and quality of assets, configuring initial network setup and access management, documenting procedures for IT staff, and delivering presentations to upper management throughout the process.
Relevant Coursework:
Identity & Access Management, Network Security & Software, Security Compliance & Privacy, Threat Intelligence & Defense, Software Security, Threat Protection, Cyber Crime & Incident Response, Disaster Preparedness & Recovery