Security Aws

Jennifer Mbibe

Email: adilgh@r.postjobfree.com Tel: 469-***-****

EXPERIENCE SUMMARY:

Passionate SOC/IR Analyst with 2+ years of Experience in investigating and preventing network, host and email-based attacks. Proficient in malware analysis, incident response, data loss prevention and improving SOC processes by utilizing top industry security solutions. 3+ years of experience with AWS IT Infrastructure operations and Knowledgeable in AWS Services: Ec2,, EFS, VPC, RDS, S3, Glacier, IAM, CloudFront, Cloud Watch, Cloud Trail, Cloud Formation, DynamoDB, Route53, SNS, SQS, API Gateway. Effortlessly adapt to various environments and workplaces. Operates well while working independently as well with team members. Self-motivated, goal-oriented, and customer-focused with excellent communication. Prioritize and manage multiple tasks concurrently. Troubleshoot and resolve complex issues in a demanding work environment quickly and efficiently.

CERTIFICATION

AWS Certified Cloud Practitioner

AWS Certified Solution Architect- Associate

AWS Certified Security Specialty

CompTIA Security

Splunk Fundamental 1

PROFESSIONAL EXPERIENCE:

Amazon 8/2018 to Present

Security Operation Center (SOC) Analyst

Duties included:

Responsible for security monitoring of networks, web sites, applications, databases, servers, data centers and other infrastructures to protect them from cyber threats.

Provide 24/7/365 real-time monitoring of security tools, dashboards, and email alerts.

Report security incidents using ServiceNow ticketing system for events that signal an incident and require Tier 3 Incident Response review.

Perform triage on alerts by determining their criticality and scope of impact.

Investigate, analyze, and process endpoint alerts using SIEM tools; FireEye HX, McAfee Antivirus, Cylance, Splunk Enterprise Security (Splunk ES) and OSINT tools.

Review and collect asset data; indicators of compromise, logs, configurations and running processes, on these systems for further investigation and reporting.

Involve in planning and implementing preventative security measures and in building incident response and disaster recovery plans.

Investigate, analyze, and process phishing email alerts from IronPort and FireEye following standard operating procedures.

Evaluate and process Web Site Review Requests from internal users to access blocked websites using OSINT tools.

Perform proactive hunting for threats that may have escaped the monitoring system.

Analyze and resolve DLP alerts from McAfee DLP Manager and Splunk Enterprise Security (Splunk ES) and Escalate cyber privacy incidents to the Privacy Team.

Work incidents from initial assignment to final resolution.

Investigate, interpret, and responds to complex security incidents.

Author SOPs as needed or directed to facilitate SOC operations.

Fully document assigned tickets to show all work performed in order to pass SLRs.

Perform Computer Security Incident Response activities for a large global enterprise, coordinate with other enterprise IT teams to record and report incidents

Work incidents from initial assignment to final resolution

Perform Root Cause Analysis (RCA) and make preventative recommendations

Conduct forensics and investigations as needed using security tools such as Splunk, FireEye, Cisco IPS, OSINT, etc.

Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools

Investigate, interpret, and responds to complex security incidents

Fully document assigned tickets to show all work performed in order to pass SLRs

Create, track, and work to resolution Normal and Standard job-related Change Requests

Develop and conduct weekly targeting training for the SOC team

Coordinate threat hunting activities across the network leveraging intelligence from multiple internal and external sources, as well as cutting-edge security technologies

Assist with the creation of the daily SOC report and brief customer as necessary

Participate in daily security meetings with other contractor and customer teams

Amazon Web Services

InfraOps support Engineer - Oct 2017 – August 2018

Point of Contact for over 28,000 sever/network racks and over half a million customer instances for AWS data centers and their service owners.

Knowledgeable in AWS Services: Ec2,, EFS, VPC, RDS, S3, Glacier, IAM,, CloudFront, Cloud Watch, Cloud Trail, Cloud Formation, DynamoDB, Route53, SNS, SQS, API Gateway

Performed break\fix work in multiple clusters within the region.

Provided deep level Linux diagnostics, Cisco/Junos/EPMS/BMS diagnostics and remediation. Advised hardware engineers with risk assessments to help mitigate potential future security vulnerabilities.

On-call technician for multiple data centers. Work and meet SLA’s against assigned trouble tickets via a directed workflow. First line touch point for hardware troubleshooting and technical issues.

Perform regular server hardware repairs (GPUs, CPUs, PDBs, drives, motherboards etc)

Performed fiber testing and troubleshooting on newly implemented proprietary fiber technology.

Performed break\fix work on different server types and models in high temperature environments.

Provided subject matter expertise on two site-wide power issues affecting thousands of customers to remedy major communication blockers and to customers.

Proficient in Server Booting: POST, BIOS, PXE, GRUB/LILO, RAID

Repaired virtual host, data base, production, and data sensitive priority devices.

Performed installations and replacements of routers and switches in SLA based tickets.

Proficient in network troubleshooting and repairs to include port security issues, reload and wipes, and configuration issues.

Data Center Physical Security Area Supervisor - Command Security, Manassas

September 2015 – October 2017

Provide assistance to customers, employees, and visitors in a courteous and professional manner

Monitor alarms and electronic security systems

Track employee time and attendance and help create training modules for new hires.

Document significant incidents and facilitate in incident response efforts

Enforce rules, regulations, policies, procedures, and respond to emergency situations requiring security assistance

Track the progress of security patrols

Initiate notification and escalation procedures on all security related incidents

Respond to client requests and perform primary analysis on operational procedures

Technical Experience

Malware Analysis/Endpoint Security

Incident Response/Cyber Threat Intelligence

Network Security Protocols/TCP/IP

Nessus/Nmap

Security Test & Evaluation

Splunk, Qradar, LogRhythm/ ArcSight

Wireshark

PCI-DSS/FIPS/NIST 800 Series

Snort/Firepower/FireEye

Jira/ServiceNow

CrowdStrike/ McAfee/Bluecoat/FireEye/ Carbon Black

Risk Management/Security Control Assessment

Vulnerability Assessment

Palo Alto/Cisco IronPort

Linux/Windows/ Active Directory

Jira/ServiceNow/Confluence

Microsoft Office 356/Sharepoint/OneDrive

VirusTotal, DomainTools, IP/URLvoid, IBM X-Force

Any.run Sandbox

EDUCATION

George Mason University 12/2022

Bachelor of Science, Information Technology and Systems

Northern Virginia Community College, VA

Associates of Science, Information Technology

Contact this candidate