Security Analyst Cyber
Resume:
Guzin Dogru
Philadelphia, PA ***** · 585-***-**** · *****.*.*****@*****.*** · in/guzindogru
· US Citizen · Open to Relocation
PROFESSIONAL SUMMARY
CompTIA Security+ certified Information Security Analyst with 1+ years of professional experience. Specialized in security analysis and incident response. Experience with hands-on projects in monitoring and analysis of potential and active threats using security tools. Currently working towards obtaining CompTIA CySA+ certification. TECHNICAL SKILLS
• Incident Response, Endpoint Security, Phishing Email Analysis, Malware Analysis, Vulnerability Scanning, Threat Intelligence
• Security: QRadar, Splunk, Trellix ETP, Trellix HX, Redline, Misp, Security Onion, Nessus, Nmap, Wireshark, Kali Linux, Metasploitable, Linux Command Line Tools, NIST-800, OWASP 10, The Hive, Jira
• Networking: Wireshark packet analysis, DNS, Whois, TCP/IP & OSI Layers, Firewall, IDS/IPS
• Operating Systems: Windows, Linux
• Languages: Bilingual in English and Turkish
PROFESSIONAL EXPERIENCE
Cyber Security Analyst 01/2022 - Present
CyberTech Labs, NJ
• Conduct log analysis on IBM QRadar SIEM solution and provide recommendations to the technical teams via The Hive ticketing system
• Monitor and analyze SIEM alerts through IBM QRadar and identify security anomalies for investigation and remediation such as firewall denies, authentication failures, connection to a known malware site, traffic from an untrusted network, and potential data loss
• Leverage Splunk to analyze logs and other security events to find targeted attacks against the network
• Create and manage dashboards and views in Splunk
• Acquire and analyze triages when necessary to gain insight on the incidents and consequently request containment for malicious machines and servers on Trellix HX EDR solution
• Analyze phishing emails on Trellix ETP email security solution
• Triage alerts on Security Onion and investigate the alerts on The Hive.
• Analyze network traffic flows, system logs, and packets using Security Onion to review the indicators of compromise (IOCs)
• Gather information about cyber threats using MISP Threat Intelligance Platform.
• Conduct analysis to determine the legitimacy of files, domains and emails using online resources such as VirusTotal, URLscan AbuseIPDB and MX Toolbox
• Conduct dynamic and static malware analysis on Trellix DoD Sandbox
• Review existing policies and guides to ensure compliance with National Institutes of Standards and Technology (NIST) Cybersecurity Framework (CSF)
• Knowledge of risk management, identity and access management, cyber threat intelligence (MITRE ATT&CK and Cyber Kill Chain), network technologies/tools, OWASP vulnerabilities
History Instructor 09/2006 - 06/2009
Serhat Fen Lisesi, Turkey
• Taught 9th graders various topics in World History (Ancient Egypt to Islamic Culture).
• Administrated periodic assessments to students.
• Taught 10th graders Ottoman Empire History (13th century to 18th century)
• Taught World History (The Industrial Age to The Russian Revolution) to 11th grade students.
• Taught World History (World War 1 and World War 2) to 12th grade. ADDITIONAL WORK EXPERIENCE
Language Instructor (Volunteer) 09/2010 - 06/2019
• Instruction through lectures, discussions, presentations and problem-based learning in Turkish language.
EDUCATION
Master of Arts (MA), Education, 2006 Ataturk University, Erzurum, Turkey Bachelor of Science (BS), History, 2004 Ataturk University, Erzurum, Turkey PROFESSIONAL DEVELOPMENT/AFFILIATIONS
• CompTIA Cyber Security Analyst (CySA+), In Progress, Expected 2023
• CompTIA Security+, 2021
• Splunk 8.x Fundamentals Part 1 (User), 2021
• Splunk User Behavior Analytics, 2021
• IBM QRadar SIEM Foundation, 2021
• Cyber Security Analyst Hands-on Training, 2021
Contact this candidate