Guzin Dogru

Philadelphia, PA ***** · 585-***-**** · ad1ohz@r.postjobfree.com · in/guzindogru

· US Citizen · Open to Relocation

PROFESSIONAL SUMMARY

CompTIA Security+ certified Information Security Analyst with 1+ years of professional experience. Specialized in security analysis and incident response. Experience with hands-on projects in monitoring and analysis of potential and active threats using security tools. Currently working towards obtaining CompTIA CySA+ certification. TECHNICAL SKILLS

• Incident Response, Endpoint Security, Phishing Email Analysis, Malware Analysis, Vulnerability Scanning, Threat Intelligence

• Security: QRadar, Splunk, Trellix ETP, Trellix HX, Redline, Misp, Security Onion, Nessus, Nmap, Wireshark, Kali Linux, Metasploitable, Linux Command Line Tools, NIST-800, OWASP 10, The Hive, Jira

• Networking: Wireshark packet analysis, DNS, Whois, TCP/IP & OSI Layers, Firewall, IDS/IPS

• Operating Systems: Windows, Linux

• Languages: Bilingual in English and Turkish

PROFESSIONAL EXPERIENCE

Cyber Security Analyst 01/2022 - Present

CyberTech Labs, NJ

• Conduct log analysis on IBM QRadar SIEM solution and provide recommendations to the technical teams via The Hive ticketing system

• Monitor and analyze SIEM alerts through IBM QRadar and identify security anomalies for investigation and remediation such as firewall denies, authentication failures, connection to a known malware site, traffic from an untrusted network, and potential data loss

• Leverage Splunk to analyze logs and other security events to find targeted attacks against the network

• Create and manage dashboards and views in Splunk

• Acquire and analyze triages when necessary to gain insight on the incidents and consequently request containment for malicious machines and servers on Trellix HX EDR solution

• Analyze phishing emails on Trellix ETP email security solution

• Triage alerts on Security Onion and investigate the alerts on The Hive.

• Analyze network traffic flows, system logs, and packets using Security Onion to review the indicators of compromise (IOCs)

• Gather information about cyber threats using MISP Threat Intelligance Platform.

• Conduct analysis to determine the legitimacy of files, domains and emails using online resources such as VirusTotal, URLscan AbuseIPDB and MX Toolbox

• Conduct dynamic and static malware analysis on Trellix DoD Sandbox

• Review existing policies and guides to ensure compliance with National Institutes of Standards and Technology (NIST) Cybersecurity Framework (CSF)

• Knowledge of risk management, identity and access management, cyber threat intelligence (MITRE ATT&CK and Cyber Kill Chain), network technologies/tools, OWASP vulnerabilities

History Instructor 09/2006 - 06/2009

Serhat Fen Lisesi, Turkey

• Taught 9th graders various topics in World History (Ancient Egypt to Islamic Culture).

• Administrated periodic assessments to students.

• Taught 10th graders Ottoman Empire History (13th century to 18th century)

• Taught World History (The Industrial Age to The Russian Revolution) to 11th grade students.

• Taught World History (World War 1 and World War 2) to 12th grade. ADDITIONAL WORK EXPERIENCE

Language Instructor (Volunteer) 09/2010 - 06/2019

• Instruction through lectures, discussions, presentations and problem-based learning in Turkish language.

EDUCATION

Master of Arts (MA), Education, 2006 Ataturk University, Erzurum, Turkey Bachelor of Science (BS), History, 2004 Ataturk University, Erzurum, Turkey PROFESSIONAL DEVELOPMENT/AFFILIATIONS

• CompTIA Cyber Security Analyst (CySA+), In Progress, Expected 2023

• CompTIA Security+, 2021

• Splunk 8.x Fundamentals Part 1 (User), 2021

• Splunk User Behavior Analytics, 2021

• IBM QRadar SIEM Foundation, 2021

• Cyber Security Analyst Hands-on Training, 2021

Contact this candidate