Post Job Free
Sign in

Information Security Incident Response

Location:
Houston, TX
Posted:
May 20, 2024

Contact this candidate

Resume:

NAIN NDOB

913-***-**** ad5t5m@r.postjobfree.com linkedin.com/in/nain-n-a60524211

Profile

Experienced Information Security Analyst/SOC Analyst with more than 5 years track record in safeguarding organizations from cyber threats, ensuring data integrity, and implementing proactive security measures for compliance. Demonstrated proficiency in security event monitoring, incident response, threat hunting, vulnerability and risk mitigation. Recognized for mitigating complex security incidents through advanced analytical skills and deep knowledge of security frameworks. Effective leader in incident response, excelling in threat identification, prioritization, and precise escalation. Acknowledged for consistently delivering high-quality analysis and enhancing overall security postures. Possesses strong analytical and problem-solving abilities, committed to maintaining the highest security standards. Demonstrated proficiency in DNS, NTP, Citrix, TACACS, IDS, IPS, and various SIEMs, leveraging these technologies to monitor and detect security threats across the network infrastructure. Utilized working knowledge of protocols such as TCP, UDP, SSL, SMTP, NetBIOS, HTTPS, DNS, DHCP, FTP, and SNMP to analyze network traffic and identify potential security vulnerabilities or malicious activities. Seeking a challenging role to apply expertise in a dynamic cybersecurity environment.

Experience

Information Security Engineer / Capital One Financial Corporation - NY 12/2020 - Current

Proficient in various industry-standard compliance frameworks such as ISO 27001, SOC 2, HIPAA, NIST 800-53.

Reviewed and addressed security escalations originating from diverse tools and platforms, promptly resolving security incidents and vulnerabilities.

Developed and maintained custom scripts in Python and PowerShell to automate various security tasks, enhancing efficiency and reducing manual workload.

Analyzed and monitored network traffic using TCP/IP protocols to identify and resolve security vulnerabilities, enhancing overall network security and performance.

Utilized threat intelligence platforms and feeds to proactively identify and analyze potential security threats, enhancing overall threat detection and response capabilities.

Demonstrated proficiency in scripting and programming languages such as Python and PowerShell to automate security processes, streamline workflows, and improve efficiency.

Developed and implemented custom regular expressions (RegEx) for data pattern matching and analysis, enhancing threat detection capabilities and improving incident response efficiency.

Generated comprehensive reports on DLP incidents and trends, presenting findings to senior management and recommending improvements.

Conducted regular analysis of IDS/IPS logs and alerts to identify suspicious activities, enhancing the accuracy of threat detection and response measures.

Administered and optimized databases for performance, security, backup, and recovery, ensuring data integrity and high availability.

Implemented cloud security measures and DevSecOps practices to ensure the security of cloud environments and promote secure development practices within agile software development lifecycles.

Ensured compliance with industry regulations and standards such as GDPR, HIPAA, and PCI DSS through regular audits, risk assessments, and policy reviews, ensuring that organizational practices aligned with legal requirements and industry best practices.

Managed fraud incidents from detection to resolution, working closely with law enforcement agencies and legal teams to prosecute perpetrators and recover stolen assets.

Utilized RegEx to identify and classify sensitive data patterns within large datasets, ensuring compliance with regulatory requirements and data protection standards.

Led incident response efforts for data loss events, coordinating with IT and legal teams to manage and resolve security breaches effectively.

Implemented security tools and services within AWS environment to strengthen the overall security posture.

Analyzed malware samples to understand their functionality, behavior, and potential impact on systems, enabling effective threat detection and response strategies.

Utilized splunk in its powerful search and analytics capabilities to monitor, analyze, and visualize security events and logs for threat detection and incident response, including log data normalization, parsing, enrichment, infrastructure configuration, and cross-functional collaboration.

Cybersecurity Analyst / Molina Healthcare - Houston, TX 01/2018 - 12/2020

Proficient in various industry-standard compliance frameworks such as ISO 27001, SOC 2, HIPAA, NIST 800-53.

Utilized Microsoft Purview for comprehensive data discovery and classification, ensuring regulatory compliance and data protection standards across the organization's data estate.

Conducted comprehensive audits and forensic investigations to identify vulnerabilities, compliance gaps, and security risks, providing detailed reports and recommendations for remediation.

Conducted penetration tests using industry-standard methodologies and tools, Burp Suite, Metasploit, and Nmap to identify vulnerabilities and assess overall security posture of systems and networks.

Analyzed malware samples to understand their functionality, behavior, and potential impact on systems, enabling effective threat detection and response strategies.

Managed and configured endpoint security solutions including antivirus (A/V) software and Endpoint Detection and Response (EDR) tools, ensuring comprehensive protection against malware threats.

Conducted thorough assessments and audits of existing security protocols, identifying vulnerabilities and implementing DLP controls to mitigate risks.

Experienced in email gateway security controls, email analysis, and conducting 3rd party email account compromise (EAC) investigations, with an offensive security mindset and knowledge of threat actor Tactics, Techniques, and Procedures (TTPs).

Implemented and managed Imperva Web Application Firewall (WAF) solutions to protect against web-based threats, ensuring the security and availability of critical applications by configuring security policies, performing regular updates, and analyzing security alerts.

Assisted in the development and execution of a comprehensive phishing program, including creating simulated phishing campaigns, and providing targeted training to improve employee awareness.

Applied knowledge across multiple security disciplines, including Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, databases, wireless security, and data networking.

SOC Analyst / Global Linking Solutions - Charlotte, NC 01/2014 - 12/2017

Reviewed, triaged, and prioritized vulnerabilities and security incidents based on severity, impact, and exploitability using established frameworks and methodologies.

Provided detailed documentation and status updates of incidents, vulnerabilities, and remediation progress, maintaining accurate records for compliance and reporting purposes.

Conducted proactive threat hunting activities to identify potential security threats and vulnerabilities within the organization's network and systems.

Utilized expertise in SIEM (Security Information and Event Management), EDR (Endpoint Detection and Response), vulnerability management, network traffic analysis, and other industry-standard security technologies to conduct thorough event investigations.

Conducted security awareness training sessions for employees, improving overall security posture and adherence to security protocols.

Implemented and monitored security controls, including firewalls, intrusion detection and prevention systems (IDS/IPS), and access control mechanisms, to prevent unauthorized access and data breaches.

Education and Certification

University of Buea- Bachelor of Computer Engineering

Houston Community College – Associate in computer science

Certified Information Systems Security Professional (CISSP)

Cyber Security Analyst certificate level 1 and 2

CompTIA Security +

Certified Ethical Hacker

Certified Cloud Security Professional (CCSP)9

Certified SAFe Scrum Master

Project Management Professional

Technical Skills

Cloud (EC2, S3, VPC, RDS, AWS IAM, Azure AD, GCP IAM, Security Groups, Network ACLs, Encryption)

Firewalls, Routers, and Switches

High Understanding of DNS, DHCP, NTP, Citrix, TACACS, IDS, IPS, SIEM, CSA

SDLC, JIRA, Confluence, Waterfall, DBA

Languages: SQL, PL/SQL, shell Scripting, Python,JSON, BASH, Linux, java,power shell c/c++ GO, pulumi

Tools: Splunk, QRadar, Trellix, ArcSight, ServiceNow, Palo Alto, ELK Stack, Nessus, Qualys Wireshark, Microsoft Sentinel

Skills: Detail Oriented, Security Monitoring, Intrusion Detection and Prevention (IDP), Security Incident Response, Vulnerability Management, Network Security, Malware Analysis, Threat Intelligence, Endpoint Security, Risk Management, Access Control and Identity Management, Security Auditing and Compliance, Cloud Security, Security Awareness and Training, Fraud Detection & Prevention, Incident Reporting and Documentation, Scripting and Automation, Office 365 Security and compliance, Analytical and problem-solving mindset, Highly organized and efficient, Strategic and tactical thinking, Forensic Analysis, Team Collaboration.will be a cyber security specialist with background in analysis, security monitoring, and Incident Response for a cloud-based services environm



Contact this candidate