Nicaury Francisco Ramirez, Developer in Santiago De Los Caballeros, Santiago Province, Dominican Republic
Nicaury is available for hire
Hire Nicaury

Nicaury Francisco Ramirez

Verified Expert  in Engineering

Security Engineer and Developer

Location
Santiago De Los Caballeros, Santiago Province, Dominican Republic
Toptal Member Since
November 2, 2022

Nicaury is a security engineer with 7+ years of experience in information security, cybersecurity, and systems administration. She has worked in fast-paced, remote environments for a couple of years, developing excellent communication and leadership skills. Nicaury is a certified professional with proven problem-solving and analytical skills, a fast learning curve, and the ability to adapt to any team.

Vulnerability ManagementFortinet Firewall ConfigurationASA FirewallsSecuritySecurity Policies & ProceduresLinuxWindows ServerPenetration TestingDevSecOpsWeb SecuritySecurity ArchitectureCloudWindows PowerShellTerraformAmazon Web Services (AWS)Incident ResponseOpen Web Application Security Project (OWASP)Palo Alto FirewallsISO 27001EncryptionCisco Certified Entry NetworkingSecurity SoftwareVulnerability Assessment

Portfolio

GeneDx, LLC c/o Sema4
Cybersecurity, IT Security, Cloud Security, CISSP, Security...
First American Title
Azure, Continuous Development (CD), Continuous Integration (CI)...
First American Title
Azure, Palo Alto Networks, ASA Firewalls, Symantec, Security...

Experience

Unified Endpoint Security (UES) - 7 yearsVulnerability Management - 7 yearsSecurity Policies & Procedures - 6 yearsIT Security - 6 yearsISO 27001 - 6 yearsRisk Assessment - 6 yearsSecurity - 6 yearsPenetration Testing - 4 years

Availability

Part-time

Preferred Environment

Linux, Amazon Web Services (AWS), Web Security, Vulnerability Management, Terraform, Secure Containers, Fortinet Firewall Configuration, ASA Firewalls, Windows Server, Secure Code Best Practices

The most amazing...

...project I've been in charge of was an enterprise's endpoint encryption tool, in which I kept 99% of endpoints securely encrypted every month.

Work Experience

Information Security Engineer (via Toptal)

2023 - PRESENT
GeneDx, LLC c/o Sema4
  • Contributed to the development of a cybersecurity governance program.
  • Managed the vulnerability scanner, endpoint security and response (EDR), and security information and event management (SIEM) solutions.
  • Increased the security posture of multiple cloud and on-premises services.
Technologies: Cybersecurity, IT Security, Cloud Security, CISSP, Security, Amazon Web Services (AWS), Azure, CISM, NIST, SIEM, SAML, Single Sign-on (SSO), SOC 2, Managed Security Service Providers (MSSP)

Security Engineer

2022 - 2023
First American Title
  • Provided tier-3 support to analysts in managing and troubleshooting endpoint security tools.
  • Performed vulnerability assessment reports and coordinated the implementation of remediation activities.
  • Implemented and documented required procedures to add new security tools to support the business.
  • Helped developers keep the software development lifecycle secure.
  • Developed a secure architecture design for the enterprise to be used as a standard.
  • Leveraged infrastructure-as-code practices to maintain efficiency and version control of changes.
Technologies: Azure, Continuous Integration (CI), Continuous Development (CD), Vulnerability Management, Vulnerability Assessment, Python 3, SonarQube, Docker, Windows Server, Penetration Testing, Security, Amazon Web Services (AWS), IT Security, Security Architecture, APIs, Vulnerability Identification, Cloud, OWASP, DevSecOps, Risk Assessment, Containers, Threat Modeling, Bash Script, Windows PowerShell, SecOps, Web Application Firewall (WAF), ISO 27001, SOC 2

Information Security Analyst

2021 - 2022
First American Title
  • Implemented security rules and policies in cloud environments like Azure and AWS and firewalls like Palo Alto and Cisco ASA.
  • Solved network and security incidents in Azure, AWS, Palo Alto, and Cisco ASA.
  • Took part in on-call rotation to keep business running in case of incidents during off-business hours.
Technologies: Azure, Palo Alto Networks, ASA Firewalls, Symantec, Security, Amazon Web Services (AWS), IT Security, Vulnerability Identification, Cloud, OWASP, DevSecOps, Risk Assessment, Bash Script, Windows PowerShell, SecOps, Web Application Firewall (WAF), ISO 27001

Security Analyst

2017 - 2021
9-1-1 Dominican Republic
  • Maintained 99% of the company's EDR solution endpoints fully protected.
  • Provided guidance and second-level support to newer team members, training them in the security solutions and tools we manage.
  • Led the development and application of security policies, standards, and procedures.
  • Architectured the network security, access, event monitoring, and response policies.
  • Managed servers and systems as part of the IT department and cybersecurity team.
  • Protected the company's information assets by ensuring compliance with the rules and procedures for accessing the information systems.
Technologies: Antivirus Software, Encryption, Windows Server, Cisco, Fortinet Firewall Configuration, Security, IT Security, Vulnerability Identification, Risk Assessment, Bash Script, Windows PowerShell, SecOps, Web Application Firewall (WAF), ISO 27001

Quality Assurance (QA) Analyst

2017 - 2017
Intellisys D. Corp.
  • Tested web applications to ensure they met all the product owner's quality requirements and that security best practices were accomplished.
  • Maintained Docker containers to replicate the environments and test the applications' behavior.
  • Helped in the configuration and maintenance of equipment for the proper network operation.
Technologies: Docker, Amazon Web Services (AWS), Python 3, Selenium

Development of Security Standards and Procedures

As a security engineer, I worked with the team to develop the security procedures and standards for the whole enterprise. We integrated those procedures into the software development lifecycle (SDLC), thus improving software security.

Antimalware Tool Implementation

An antimalware tool to scan files uploaded into a public-facing application used on the business to receive customer documents. The device accesses the files in malware databases and examines them using different mechanisms. If a file is considered malicious or infected, it will be prevented from uploading to the infrastructure.

Internal Penetrating Testing

As a Security Engineer, I was in charge of regular internal security assessments of the enterprise, performing different penetration tests, using tools like NMAP, Nessus, and Metasploit, and presenting the results and analysis to relevant stakeholders to take further actions.
2012 - 2017

Bachelor's Degree in Telecommunications

Pontificia Universidad Católica Madre y Maestra (PUCMM) - Santiago de los Caballeros, Dominican Republic

AUGUST 2023 - AUGUST 2026

AWS Solutions Architect – Associate

Amazon Web Services

FEBRUARY 2023 - PRESENT

Microsoft Certified: Security, Compliance, and Identity Fundamentals

Microsoft

DECEMBER 2022 - DECEMBER 2025

Certified Incident Handler (ECIH)

EC-Council

NOVEMBER 2021 - NOVEMBER 2023

AWS Certified Cloud Practitioner

AWS

AUGUST 2020 - AUGUST 2023

Certified Ethical Hacker (CEH)

EC-Council

JANUARY 2020 - JANUARY 2023

CompTIA CySA+

CompTIA

AUGUST 2019 - JANUARY 2023

CompTIA Security+

CompTIA

MAY 2019 - PRESENT

CompTIA Linux+

CompTIA

MAY 2018 - MAY 2020

CCNA CyberOps

Cisco

SEPTEMBER 2017 - SEPTEMBER 2019

Cisco Certified Entry Networking Technician

Cisco

Paradigms

Penetration Testing, DevSecOps, Secure Code Best Practices, Continuous Development (CD), Security Software Development, Continuous Integration (CI)

Platforms

Linux, Windows Server, Docker, Amazon Web Services (AWS), Azure

Other

Vulnerability Management, Fortinet Firewall Configuration, ASA Firewalls, Vulnerability Assessment, Security, Security Policies & Procedures, Secure Software Development Lifecycle (SSDLC), IT Security, Risk Assessment, SecOps, Web Application Firewall (WAF), ISO 27001, Unified Endpoint Security (UES), Web Security, Security Architecture, Vulnerability Identification, Cloud, OWASP, Containers, Threat Modeling, SOC 2, Managed Security Service Providers (MSSP), Secure Containers, Encryption, Antivirus Software, Cisco, Palo Alto Networks, Symantec, Ethical Hacking, Certified Ethical Hacker (CEH), Networking, IP Routing, Analysis, SIEM, System-on-a-Chip (SoC), User Permissions, IoT Security, Computer Science, Electronics, Programming, Software Development, IT Networking, Malware Analysis, APIs, Server Management, AWS Cloud Architecture, Cloud Security, Incident Response, Incident Management, Identity & Access Management (IAM), CISSP, CISM, NIST, Single Sign-on (SSO)

Languages

Python 3, Bash Script, SAML

Frameworks

Windows PowerShell, Selenium

Tools

Terraform, SonarQube

Storage

Azure Active Directory

Industry Expertise

Cybersecurity

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring