NOAH J ONIMISI
Bowie, Maryland, 20716
ad19r0@r.postjobfree.com
DoD: Top Secrete Clearance
Cyber Security Analyst for 8 years of experience in cyber security, information security, and IT operations. Threat and vulnerability analysis. Investigating, documenting, and reporting on any information security (InfoSec) issues as well as emerging trends. Analysis and response to previously unknown hardware and software vulnerabilities.
PROFESSIONAL EXPERIENCE
USCOURTS 04/15/2020 - Present
SOC Analyst/IR
Remote
Monitor and analyze network traffic and alerts, I search for the callback traffic and after traffic of the alert with splunk index search queries looking for indications of compromise. And also use SIEM tools to check the IOC.
Investigate intrusion attempts and perform in-depth analysis of exploits
Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident
Conduct proactive threat research
Working with MITRE ATT&CK or Cyber Kill Chain methodology, looking out for IOC and examine the attack, if is reconnaissance movement that means is in the initials stage I will sinkhole the domain or block the IP, while if is a lateral movement I will contain the machine then run a scan on the affected machine.
Perform Tier II initial incident triage
Document all activities during an incident and providing leadership with status updates during the life cycle of the incident
Create a final incident report detailing the events of the incident
Provide information regarding intrusion events, security incidents, and other threat indications and warning information to US government agencies
Data Endure July 2017 – April 2020
Cyber Security Analyst
Washington D.C
Working as a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) analyst.
Experience with Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Web Proxies, Vulnerability Assessment tools and other security tools found in large enterprise network environments; along with experience working with Security Information and Event Management (SIEM) solutions.
Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages.
Performing monitoring and analysis, analyzing network traffic (i.e., PCAP) and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis
CSRA/GDIT at FAA March 2016– June2017
Cybersecurity Operations Analyst/IDS Analyst
Leesburg, VA
Perform daily Intrusion Detection Sensor (IDS) monitoring to ensure that all sensors are active.
Review the Security Information Management (SIEM) tool interface, as the tool correlates and aggregates alert data from multiple IDS sensor types and additional security devices.
Review alerts and packet-level data collected from sensors daily and report findings to the government Watch Officer (WO).
Provide incident response functions when appropriate and coordinate activities with field site personnel when directed by the government WO.
Support the government WO in publishing incidents, alerts, advisories and bulletins as required.
Assist the government WO with telephone calls when the WO is away from the Operations Center or handing a caller on another line.
Conduct research pertaining to the latest viruses, worms, etc. and the latest technological advances in combating unauthorized access to information.
Provide guidance and understanding into the Malicious or unauthorized Wireless
Activities.
Provide visualization, situational awareness and an up-to-date snapshot of wireless cyber events that are ongoing within the FAA’s facilities.
Provide surveillance and monitoring of the Wireless Intrusion Detection System FAA Facilities.
Provide Wireless rogue detection.
Provide performance reporting and trending functionality.
Submit an End-of-shift Report summarizing activities for each shift
EDUCATION
UNIVERSITY OF ABUJA,
Bachelor of Science, Computer science
WES, May 2019
CompTIA Security+ CE
Nigeria, Abuja
ADDITIONAL SKILLS
(RCA) Root Course Analysis. Updating ticket by getting responds from Per POC
MS Office; MS Outlook; Symantec Backup Exec; HBSS; McAfee; BMC Remedy; DAR; Guardian Edge, Symantec Endpoint Protection, Microsoft Office 365.
Arcsight, Splunk; Bit9, CarbonBlack, AirDefense, Triton(websense), FireEye (Ex,Nx,Ax),
ServiceNOW ticketing system, HPE, Wireshark, ThreatStream, PGP, Marimba, TripWire, Nessus,
RSA security analysis (NetWitness), Exchange365, DLP(Titus/Symantec), TCP / IP; Citrix.
Blue coat reporter, Azure cloud, Windows Defender, Cloud App Security. Azure Sentinel, Microsoft 365
Security Center, FireEye (Trellix) suite of products, Domain Tools, Industry name Firewall/IPS, and OSINT tools.
SOAR Phantom