With continuous monitoring, I can interpret and prioritize threats on the Security Incident/Event Management (SIEM) tool. I can analyze packets using various security tools and recognize potential, successful, and unsuccessful intrusion attempts.

EDUCATION

PGCC

Cybersecurity Certificate/Associate Degree.

UNN

B.Sc – Mechanical Engineering (Minor in Computer Networking)

CERTIFICATION

CompTIA Security+

CompTIA Advanced Security Practitioner+ (CASP+)

Certified Ethical Hacker (CEH)

CLEARANCE & CITIZENSHIP

U.S Citizen

Secret Clearance

KNOWLEDGE, SKILLS AND TOOLS

Splunk, Sentinel, Microsoft 365 Defender, Forcepoint, Nitro, NetWitness, FireEye, Snow, ArcSight, WireShark, FISMA, NIST, Nmap, TCPdump, Metaspoilt, Threatgrid, Sourcefire, Nessus, MS tools, Mitre att&ck, Firewall Logs, FirePower, EnCase, Remote Administration (Putty, SSH), Archer, McAfee ePO, Tenable Security, DbProtect, Solarwinds, Talos, Office O365 Security & Compliance, Web Application Firewall (WAF), Palo Alto Wildfire, Azure DevOps.

PROFESSIONAL EXPERIENCE

Monitoring Analyst September 2022 – Present

General Dynamics in support of Federal Aviation Administration

Monitoring and responding to alerts triggered in Splunk and ticketing in CSIMS.

Write and publish FAA security advisories, alerts and bulletins.

Ensure that data is transferred to a latest version in the Database Management System.

Assist FAA employees and contractors to resolve internet access issues and other issues while maintaining security within the enterprise.

Assist in the documentation and planning of risk mitigation associated with current IT technologies.

Assist in the configuration, installation and troubleshooting of IPS/IDS devices like Endpoint protection, FireEye and Splunk.

Assist the technical team in application software and hardware installation.

Review USCERT and DOT security bulletins and alerts including latest Malware trends analysis to determine behavior and observe the IOCs and recommend enterprise-wide solutions and policies

Proactive monitoring of emerging threats and vulnerabilities and ingesting their solutions to the enterprise for a better security environment.

Evaluate security incident response policies and identify possible changes according to new security technologies or growing threats.

Triaging security incidents. This involves extensive research using Open-Source tools to research into certain incidents and understand certain terms before deciding on remediation procedures.

Investigate Suspicious emails / Phishing emails and block malicious sites and email addresses.

Using Microsoft Defender security tools to monitor for malicious activities on the network.

Security Analyst (SOC)

Deepwatch January 2022 – August 2022

Proactively monitor and respond to alerts triggered in the Splunk.

Review tickets in servicenow and provide additional analysis.

Analyze and document phishing emails and provide best course of action to customers.

Provide event tuning recommendations to engineers.

Document and review incident notification, Perform QA on and resolve tickets.

Perform a daily research on security websites such as Virus Total, IpVoid etc., and CVEs to determine the latest vulnerabilities identified by the security community and to monitor for such activities on the network

Identify potential successful and unsuccessful intrusion attempts thorough reviews of relevant event details.

Analyze firewall, email, web and DNS logs to identify and mitigate intrusion attempts.

Intrusion detection and analysis of security events; threat hunting and intelligence to proactively seek out IOCs. This also includes compiling cyber threats and vulnerabilities via research and other open source means and performing analysis and correlation on what was found.

Incident Response Analyst

ProSec Solutions October 2016 – December 2021

Analyze security event data and logs from the network (IDS, firewall).

Analyze events in ArcSight to determine if it’s a true or false positive and remediate true positives.

Log analysis, proactive monitoring, mitigation, and response to network and security incidents

Continuous monitoring and interpretation of threats through use of intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed.

Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.

Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.

Research new and evolving threats and vulnerabilities with potential to impact the monitored environment.

Proactive monitoring of emerging threats and vulnerabilities and ingesting their solutions to the enterprise for a better security environment.

Identify suspicious/malicious activities or codes.

Report malicious activity to client locations with recommendations for remediation.

Performed adhoc server scans using Nessus and provided compliance to Projects.

SPECIAL SKILLS

Excellent verbal and written communication skills.

Great Customer Support Service.

Work efficiently with little or no supervision, independently or in groups.

Strong analytical, research skills and decision-making background.

REFERENCE

Available upon request.

Contact this candidate