Joseph Suleymanov

San Diego ***** California

619-***-****

ad0evy@r.postjobfree.com

PROFESSIONAL EXPERIENCE

BERNHARD, MCDERMOTT AND GREENFELDER

Senior Security Analyst

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in remediation of security incidents.

• Liaise with the Company's Security Operation Center to respond to emerging incidents in a timely manner.

• Perform analysis of log files of Firewall, IPS, IDS, Server and Proxy via Splunk SIEM solution.

• Analyze pcap files for Malware analysis and find details of the infected hosts and write IOC on executive summary reports.

• Provide analysis and containment of compromised systems and mitigate root causes.

• Assist in performing periodic access reviews/inactivity reviews.

• Identify, track, and investigate high-priority threat campaigns, malicious actors with the interest, capability and TTPs (Techniques, Tactics and Procedures).

• Analyze and review escalated cases until closure. This includes investigating and recommending appropriate corrective actions for cybersecurity incidents.

• Perform post-modern analysis on logs, traffic flows, and phishing activities to identify malicious actors.

Skills: Hypertext Transfer Protocol (HTTP) · Endpoint Security · Security · Malware Analysis · Dell XDR · Information Security · Cybersecurity · Wireshark · SIEM · ServiceNow · Wireshark · Splunk

Sephora Company

SOC Analyst

•Create and track incidents and requests with an integrated

ServiceNow (SNOW) ticketing system.

•Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of security incidents.

•Liaise with the Company’s Security Operation Center to respond to emerging incidents in a timely manner.

•Perform analysis of log files of Firewall, IPS, IDS, Server, and Proxy via Splunk SIEM solution.

•Analyze PCAP files for Malware analysis and find details of the infected hosts and write IOC on executive summary reports.

•Identify, track, and investigate high-priority threat campaigns, malicious actors with the interest, capability, and TTPs (Techniques, Tactics, and Procedures).

•Analyze and review escalated cases until closure.

•Conduct core information security activities: Security Information and Event Management (SIEM), Malware Detection, Vulnerability Management, Education & Awareness, Open-Source Intelligence (OSINT), Network Monitoring and Log Analysis.

•Monitor and analyze Security Information and Event Management (SIEM) alerts through Splunk/Azure Sentinel and identify security incidents for remediation and investigation.

•Document all activities during an incident and provide management with status updates during the life cycle of the incident.

•Provide information regarding intrusion events, security incidents, and other threat indications and warning information

New York, NY

Aug 2020 –July 2023

San Diego, CA

Dec 2019–July 2020

Santander Group

Cybersecurity Analyst

Warsaw, Poland

Sep 2017-Oct 2019

•Conducted log analysis on Splunk and IBM QRadar SIEM solutions.

•Conducted analysis to determine the legitimacy of files, domains and emails using online

resources such as VirusTotal, AnyRun, and MX Toolbox.

•Analyzed PCAP files, narrow down anomaly traffic with Wireshark, examine the details of the

infected hosts and write IOC on executive summary reports.

•Monitored and analyzed SIEM alerts through Splunk and IBM QRadar and identify security

anomalies for investigation and remediation.

•Familiarity with fundamentals of information security including network technologies and

tools, identity and access management, network security, implementing secure systems and

risk management.

•Study common cyber-attack types and create examples using tools such as Social-Engineer

Toolkit in Kali Linux

ACCENTURE COMPANY

IT Help Desk Engineer

WARSAW,PL

Jul 2015–Aug 2016

•Provided technical support to end-users in person, over the phone, and through email.

•Troubleshot and resolved hardware and software issues on desktops, laptops, and printers.

•Assistance in solving PC and related equipment issues such as desktop printers and phones

•Configured and maintained computer systems, including installing and updating software and hardware

components.

•Documented and tracked issues using a ticketing system.

•Escalated complex issues to higher-level IT staff when necessary.

•Assisted with the creation and maintenance of knowledge base articles.

EDUCATION

Polish Japanese Academy of Technology

Master of Science in Cyber Security

WARSAW, PL

September 2015

WARSAW UNIVERSITY of TECHNOLOGY

Bachelor of Science in Computer Engineering

WARSAW, PL

May 2012

TRAININGS & CERTIFICATIONS

● Microsoft Azure AZ-500: Microsoft Azure Security Technologies Training

● Real-Time Cyber Threat Detection and Mitigation by New York University

● Cybersecurity Compliance Framework & System Administration by IBM

●Comp TIA Security +

●Comp TIA

●Comp TIA PenTest +

Contact this candidate