It Support Analyst
Resume:
Samba Jeng
Phone: 301-***-****
Email address: ad23ed@r.postjobfree.com
Address: 25901RidgeManorDR Unit D
Damascus, Maryland, 20872
Summary: Samba has Experience as an IT Support analyst with experience in investiatni network, applicaton, and endpoint alerts. iood knowledie in analyzini phishini emails includini email headers, and malware, and acts as a frst responder to security incidents and events. Samba has successfully Provided direct assistance to customers via telephone and email and investiated compromised systems to determine threat vectors and provide inital remediaton also has experience in performini tasks usini diferent SIEM tools to monitor and analyze incidents and work with diferent teams to resolve incidents. lluent in Enilish and Arrabic, have ireat communicaton skills, and a fantastc team player. He has experience in establishini and maintainini disaster recovery procedures and sites, Java, Gooile DLP, and Splunk.
Skills:
lireEye
IT Helpdesk
IronPort
Sourcefre
McArfee Web Gateway
Splunk
Splunk Express
McArfee DLP
Gooile DLP
Ariile
Gooile Ardmin
Java/GitHub
Gooile Vault
ArirWatch
Enable
Planview
Wireshark
Scrum
IDS/IPS
Norton, Symantec/Cylance
ServiceNow
Sop
Run book
Arutomatonn Experience related to Arnsible for performini administraton usini code and Git/Gitlab for workfow manaiement
lamiliarity with Windows and Linux inteiraton, SSL database technoloiies, troubleshootni, deployment, patchini, and administraton
Experience with Loistash and ability to collect, parse, and transform lois
Experience with the standards compliance process (e.i., NIST) and writni network security documentatonJIRAr
Remedy
Heat tcketni system
scale
VirusTotal.com
SSL Databases
zscaller.com
HTTP Requests
IBM-XlORCE
Project manaiement
Lookini Glass
URLSCArN
Biliniual (Enilish/Arrabic)
NIST RMl
Educaton:
University of Maryland, College Park, MD Jun 2020
Bachelor’s degree
Work Experience:
Visual Sof--ysons Corner, VA
SOC Analyst Aug2022-present
Security Analyst
Perform security event/alert monitorini and analysis. Remediate incidents and escalate as required.
Perform daily monitorini and analysis of suspicious email and web trafc.
Work closely with the Network Operatons Center and Helpdesk to analyze suspicious events, develop security awareness, and remediate incidents.
Monitor informaton security industry news and bloi posts for internal and external threats.
Monitor and identfy security risks to the Company and the relevant technoloiy or behaviors requirini chanie to mitiate those risks.
work with your team on projects such as optmizini the Jira/Confuence environments of our clients so that the experience of end-users improves, supportni Artlassian cloud miiratons, confiurini new Bitbucket environments, and so on.
Java used for Support to End of End ownership of applicatons and Hands-on support.
Ariile methodoloiy is used to help service desk teams focus on customer value and satsfacton by deliverini solutons that meet their needs and expectatons.
Planview sofware provides a sinile locaton to monitor tme, budiets, and expenses for your projects.
Respond to and, where appropriate, resolve or escalate reported security incidents.
Monitor system lois and network trafc for unusual or suspicious actvity. Interpret such actvity and make recommendatons for resoluton.
Research threats and vulnerabilites and, where appropriate, take acton to mitiate threats and remediate vulnerabilites.
GitHub is used to code of hostni platorm for version control and collaboraton
JIRAr/Confuence, Microsof Arzure ArD, LastPass, Gooile Standard suite, Slack, Go to Arssist, AArCE (Patch Manaiement), Arviiilon Video Surveillance, Arspera (IBM), Splunk, ServiceNow
Responsible for security monitorini of networks, websites, applicatons, databases, servers, data centers, and other infrastructures to protect them from cyber threats.
Provide 24/7/365 real-tme monitorini of security tools, dashboards, and email alerts.
Report security incidents usini the ServiceNow tcketni system for events that siinal an incident and require Tier 3 Incident Response review.
Perform triaie on alerts by determinini their critcality and scope of impact.
Investiate, analyze, and process endpoint alerts usini SIEM tools; lireEye HX, McArfee Arntvirus, Cylance, Splunk Enterprise Security (Splunk ES), and OSINT tools.
Review and collect asset data; indicators of compromise, lois, confiuratons, and runnini processes, on these systems for further investiaton and reportni.
Involve in plannini and implementni preventatve security measures and in buildini incident response and disaster recovery plans
Investiate, analyze, and process phishini email alerts from IronPort and lireEye followini standard operatni procedures.
Evaluate and process Web Site Review Requests from internal users to access blocked websites usini OSINT tools.
Arnalyze and resolve DLP alerts from McArfee DLP Manaier and Splunk Enterprise Security (Splunk ES) and escalate cyber privacy incidents to the Privacy Team.
lully document assiined tckets to show all work performed.
Perform Root Cause Arnalysis (RCAr) and make preventatve recommendatons.
Conduct forensics and investiatons as needed usini security tools such as Splunk, lireEye, Cisco IPS, OSINT, etc.
Create, track, and work to resolve Normal and Standard job-related Chanie Requests
Develop and conduct weekly tarietni trainini for the SOC team
Coordinate threat-huntni actvites across the network leveraiini intelliience from multple internal and external sources, as well as cutni-edie security technoloiies
Arssist with the creaton of the daily SOC report and brief customers as necessary
Partcipate in daily security meetnis with other contractor and customer teams
SOP and Run books experiences
Gap: He was looking for a job from Feb 2022 to Aug 2022. UPS- Gaithersburg, MD Jun 2017-Jan 2022
SOC Analyst
Perform daily monitorini and analysis of suspicious email and web trafc and tcketni systems.
Work closely with the Network Operatons Center and Helpdesk to analyze suspicious events, develop security awareness, and remediate incidents.
lully document assiined tckets to show all work performed.
Monitor and identfy security risks to the Company and the relevant technoloiy or behaviors requirini chanie to mitiate those risks.
SOP and Run book experiences
Respond to and, where appropriate, resolve or escalate reported security incidents.
Monitor system lois and network trafc for unusual or suspicious actvity. Interpret such actvity and make recommendatons for resoluton.
Research threats and vulnerabilites and, where appropriate, take acton to mitiate threats and remediate vulnerabilites.
Use Planview sofware to provide a sinile locaton to monitor tme, budiets, and expenses for your projects.
Worked in conjuncton with internal TlS support iroups in maintainini all mission-critcal systems such as Bloomberi, SSL databases, tradini wall content, and mobile solutons.
Responsible for security monitorini of networks, websites, applicatons, databases, servers, data centers, and other infrastructures to protect them from cyber threats.
Provide 24/7/365 real-tme monitorini of security tools, dashboards, and Text, and email alerts.
Report security incidents usini the ServiceNow tcketni system for events that siinal an incident and require Tier 3 Incident Response review.
Perform triaie on alerts by determinini their critcality and scope of impact.
Review and collect asset data; indicators of compromise, lois, confiuratons, and runnini processes, on these systems for further investiaton and reportni.
Involve in plannini and implementni preventatve security measures and in buildini incident response and disaster recovery plans.
Investiate, analyze, and process phishini email alerts from IronPort and lireEye followini standard operatni procedures.
Evaluate and process Web Site Review Requests from internal users to access blocked websites usini OSINT tools.
Perform proactve huntni for threats that may have escaped the monitorini system.
Arnalyze and resolve DLP alerts from McArfee DLP Manaier and Splunk Enterprise Security (Splunk ES) and escalate cyber privacy incidents to the Privacy Team.
Conduct forensics and investiatons as needed usini security tools such as Splunk, lireEye, Cisco IPS, OSINT, etc.
Investiate, interpret, and respond to complex security incidents.
Splunk Cloud experiencen Arrchitect, desiin, eniineer, support, confiure, administer content and maintain infrastructure for a hiihly available and disaster recovery confiuraton
Splunk experiencen Ardminister Splunk and Splunk Arpplicaton for Enterprise Security loi or event manaiement
Expertse with EDR toolsets – administraton, analysis, and inteiratons preferably CrowdStrike
lamiliarity with SOArR Products include Phantom and ThreatConnect
Experience with scriptni (e.i., PowerShell, bash/ksh/sh,python)
Arbility to assist team with Incident response and handlini
Excellent demonstrated experience in communicatni technical informaton to non-technical and technical audiences.
Experience workini directly with senior leadership and manaiement UPS- Gaithersburg, MD Jan 2017-Jun 2017
I- Helpdesk Support Analyst
Provide prompt and appropriate response to phone and e-tcket inquiries and requests for assistance with the associated computer systems; Perform inital problem analysis, triaie, identfy, and troubleshoot customer issues, provide advice and assistance and appropriately refer technical issues to the network team or subject mater experts when appropriate.
Jira is used for the help desk and support tcket system.
Plainview is fexible project manaiement sofware that ioes beyond basic tme-trackini and task manaiement
Provide direct assistance to customers via telephone and email.
Coordinate eforts with staf associates and subject mater experts to resolve problems; maintain liaison with network users and technical staf to communicate the status of problem resoluton; assist with monitorini network manaiement systems.
Use SSL To Help maintain code quality, orianizaton, and automatzaton.
Loi and track each request and appropriate demoiraphic data related to each request.
Arssist with compilini data and preparini reports setni forth proiress, adverse trends, and appropriate recommendatons based on informaton from the Call Manaiement Trackini System.
Arssist with compilini and reiularly maintainini a loi of lrequently Arsked Suestons (lArS) oriiinatni with all cateiories of customers.
GitHub essentals like repositories, branches, commits, and pull requests.
Jira Service Desk is reliable help desk sofware ofered by Artlassian and serves as a place where your customers can report buis, contact you for help, access your knowledie base, and request new chanies.
Arssist with providini and manaiini ofcial answers to all lArSs and distribute the same to all interested stakeholders.
Contribute to the preparaton of procedure manuals and documentaton for help desk use; conduct periodic customer satsfacton surveys and track customer problem trends; make recommendatons for improvements to customer experience and create reports based on informaton provided from customer surveys and trend analyses.
Arssist in the development of a comprehensive help desk trainini plan; assist in trainini personnel who provide backup coveraie and in trainini users related to the operaton and maintenance of systems.
Perform other related dutes includini unlockini user accounts and helpini with password reset support.
Revamped JIRAr instance to meet iroup’s needs in manaiini incident workfows based on service level aireements.
Contact this candidate