NOAH J ONIMISI

***** ******* **** ******

Bowie, Maryland, 20716

240-***-****

ad19r0@r.postjobfree.com

DoD: Top Secrete Clearance

Cyber Security Analyst for 8 years of experience in cyber security, information security, and IT operations. Threat and vulnerability analysis. Investigating, documenting, and reporting on any information security (InfoSec) issues as well as emerging trends. Analysis and response to previously unknown hardware and software vulnerabilities.

PROFESSIONAL EXPERIENCE

USCOURTS 04/15/2020 - Present

SOC Analyst/IR

Remote

Monitor and analyze network traffic and alerts, I search for the callback traffic and after traffic of the alert with splunk index search queries looking for indications of compromise. And also use SIEM tools to check the IOC.

Investigate intrusion attempts and perform in-depth analysis of exploits

Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident

Conduct proactive threat research

Working with MITRE ATT&CK or Cyber Kill Chain methodology, looking out for IOC and examine the attack, if is reconnaissance movement that means is in the initials stage I will sinkhole the domain or block the IP, while if is a lateral movement I will contain the machine then run a scan on the affected machine.

Perform Tier II initial incident triage

Document all activities during an incident and providing leadership with status updates during the life cycle of the incident

Create a final incident report detailing the events of the incident

Provide information regarding intrusion events, security incidents, and other threat indications and warning information to US government agencies

Data Endure July 2017 – April 2020

Cyber Security Analyst

Washington D.C

Working as a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) analyst.

Experience with Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Vulnerability Assessment tools and other security tools found in large enterprise network environments; along with experience working with Security Information and Event Management (SIEM) solutions.

Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages.

Performing monitoring and analysis, analyzing network traffic (i.e., PCAP) and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis

CSRA/GDIT at FAA March 2016– June2017

Cybersecurity Operations Analyst/IDS Analyst

Leesburg, VA

Perform daily Intrusion Detection Sensor (IDS) monitoring to ensure that all sensors are active.

Review the Security Information Management (SIEM) tool interface, as the tool correlates and aggregates alert data from multiple IDS sensor types and additional security devices.

Review alerts and packet-level data collected from sensors daily and report findings to the government Watch Officer (WO).

Provide incident response functions when appropriate and coordinate activities with field site personnel when directed by the government WO.

Support the government WO in publishing incidents, alerts, advisories and bulletins as required.

Assist the government WO with telephone calls when the WO is away from the Operations Center or handing a caller on another line.

Conduct research pertaining to the latest viruses, worms, etc. and the latest technological advances in combating unauthorized access to information.

Provide guidance and understanding into the Malicious or unauthorized Wireless

Activities.

Provide visualization, situational awareness and an up-to-date snapshot of wireless cyber events that are ongoing within the FAA’s facilities.

Provide surveillance and monitoring of the Wireless Intrusion Detection System FAA Facilities.

Provide Wireless rogue detection.

Provide performance reporting and trending functionality.

Submit an End-of-shift Report summarizing activities for each shift

EDUCATION

UNIVERSITY OF ABUJA,

Bachelor of Science, Computer science

WES, May 2019

CompTIA Security+ CE

Nigeria, Abuja

ADDITIONAL SKILLS

(RCA) Root Course Analysis. Updating ticket by getting responds from Per POC

MS Office; MS Outlook; Symantec Backup Exec; HBSS; McAfee; BMC Remedy; DAR; Guardian Edge, Symantec Endpoint Protection, Microsoft Office 365.

Arcsight, Splunk; Bit9, CarbonBlack, AirDefense, Triton(websense), FireEye (Ex,Nx,Ax),

ServiceNOW ticketing system, HPE, Wireshark, ThreatStream, PGP, Marimba, TripWire, Nessus,

RSA security analysis (NetWitness), Exchange365, DLP(Titus/Symantec), TCP / IP; Citrix.

Blue coat reporter, Azure cloud, Windows Defender, Cloud App Security. Azure Sentinel, Microsoft 365

Security Center, FireEye (Trellix) suite of products, Domain Tools, Industry name Firewall/IPS, and OSINT tools.

SOAR Phantom

Contact this candidate