Samsoor Alikhail

Cyber Security Analyst

ad3exr@r.postjobfree.com 571-***-**** Manassas/ Virginia Green Card Holder

PROFESSIONAL SUMMARY:

● Dedicated and highly skilled Cybersecurity Professional with a comprehensive range of certifications and hands-on experience in security operations, penetration testing, and incident response.

● Adept at leveraging a diverse skill set to analyze, assess, and enhance organizational security postures. Proven expertise in managing security incidents, implementing secure coding practices, ensuring robust network defenses, and continuously expanding knowledge base through ongoing professional development, including obtaining certifications from reputable organizations such as Range Force, Fortinet, Cisco, Splunk, CompTIA, and Amazon Web Services.

● Have experience in log analysis, alert triage, and vulnerability management. Led three assessment projects in completing three security audits, identifying and remedying 26 significant security risks.

● My background has prepared me for a position to solve mission-critical problems and time-sensitive tasks while maintaining high standards. Technical Skills:

Alert Triage, Command Line Tools, Compliance Management, Cyber Threat Hunting, Event Log Management, Incident Analysis, Incident Response, MITRE ATT&CK Implementation, Networking, OSINT Gathering, Penetration Testing, Security Analysis, Threat Intelligence, Vulnerability Management, Vulnerability Scanning, AWS (Lambda, IAM, EC2), Microsoft Defender 365, OpenAI (Codex, ChatGPT), OS (Linux, Windows, Mac), SIEM (Splunk, QRadar, FortiSIEM), Sandbox Analysis (Joe, Any.Run, Hybrid Analysis), Firewall (Checkpoint, Palo Alto), SOAR (xSOAR, Phantom), Endpoint (CrowdStrike, Microsoft Defender). WORK EXPERIENCE:

CYDEO, McLean, VA

Cybersecurity Analyst / Mentor Jul 2023 – Present

● Ranked Top 1% in the world in Try Hack Me.

● Performed vulnerability scans on Windows and Linux devices, identifying and patching vulnerabilities to improve system security.

● Leveraged Splunk and Security Onion to triage, investigate events, and carry out incident response measures.

● They conducted real-time security event monitoring as a Tier I-II SOC Analyst utilizing Splunk and Security Onion.

● Investigated various APTs better to understand common Tactics, Techniques, and Procedures.

● Performed network and system scans for vulnerabilities in a simulated penetration test.

● Utilized publicly available databases to search for exploits that match a found vulnerability.

● Conducted exploits on various targets running different Operating Systems.

● Determine indicators, including command and control channels, for malicious code.

● Active real-time security monitoring of alerts and escalating critical alerts to compliance with the appropriate service levels.

● Monitored and analyzed network traffic with Wireshark

● Performed open-source research to identify overall public-facing attack surface. QOMPLX, Tysons, VA

SOC Analyst-II / Incident Response Analyst Oct 2022 – Jul 2023

● Monitored networks and systems for security breaches.

● Investigated escalated security alerts and analyzed incidents.

● Executed incident response plans and conducted forensics analysis.

● We utilized SIEM tools and fine-tuned correlation rules.

● Collaborated with IT for vulnerability patching.

● Shared insights and improved security posture.

● Documented incident details and generated reports.

● Analyze security event data from the network (IDS, IPS, SIEM).

● Search firewall, email, web, or DNS logs to identify and mitigate intrusion attempts. Security Operations Center (SOC) Analyst-I Dec 2021 – Oct 2022

● Conducted weekly security operations for phishing alerts, Security Operations Center

(SOC) alerts, and other security events.

● IDS monitoring and analysis through SIEM.

● Analyze network traffic for potential threats.

● Complete log analysis as needed, prioritizing and differentiating between potential intrusion attempts and false negatives.

● Create and track investigations to resolution.

● Compose security alert notifications.

● Ensure searches for Indicators of Compromise (IOCs) are completed when reported through EDR tools.

● Advise incident responders on steps to take to investigate and resolve computer security incidents.

● Review violations of computer security procedures and develop mitigation plans.

● Monitor computer virus reports to determine when to update virus protection systems. CERTIFICATIONS:

● CompTIA Network+ ce.

● CompTIA Security+ ce.

● CompTIA Advanced Security Practitioner (CASP+) ce.

● Splunk Core Certified User.

● Splunk Core Certified Power User.

● Google Cybersecurity.

● AWS Certified Cloud Practitioner.

● Ethical Hacker by Cisco.

● Microsoft Cybersecurity Analyst.

Contact this candidate