High Level Incident Response

Gabriel Nnadi

Atlanta, GA *****

770-***-**** - ****.*****@*****.***

Websites, Portfolios, Profiles

www.linkedin.com/in/gabrielnnadi

Professional Summary

A forward-thinking Cybersecurity Engineer with over 5 years of extensive experience in the financial/software sectors at top performing fortune 500 companies. Assisted in implementing security controls to better protect the organization, mitigating network related exploits of internal vulnerabilities, while still providing uninterrupted service to high level clientele. It has also excelled in advanced system security monitoring and incident response which provides an efficient operational workflow for internal/external clients. This includes identifying, responding to, and resolving alerts that can affect production workflow.

Technical Profile

SIEM Platforms (Splunk Enterprise, SolarWinds, Chronicle)

Wireshark

SNMP tool management (Spectrum/Big Panda)

Linux Proficient (RHEL)

Windows Proficient

VPNs (Pulse, Zscaler)

NDR (ExtraHop)

Ticketing Platforms (ServiceNow, JIRA)

Microsoft (Azure, Defender)

SFTP Clients (Filezilla, WinSCP)

Patch Deploy Software (Dashboard, Rundeck)

Red Hat Enterprise Linux (RHEL)

PowerShell

Email Control Software (Proofpoint, Defender)

EDR (Crowdstrike, Carbon Black Cloud, Sentinel)

Google Cloud Platform

ORCA

Skills

High-level Incident Management

Risk/Malware Analysis

Basic Python Scripting

Threat Hunting/Intel

PowerShell Script Analysis

Technical Writing

Project Management

Email Security

Infrastructure Security Analysis

Industry Standard Frameworks Compliance (ISO, NIST, PCI)

Incident Response

Firewall Configuration Changes

Software Deployments/Changes

System Change Management

Device Hardening

Intrusion Detection

Network security monitoring and analysis

Work History

06/2023 to Current

Information Security Engineer II (Mid-Level Contract)

NCR – Atlanta, GA

Leverage the use of tools to respond to application/network security-related events.

Subject matter expert for email security tool that continuously scans incoming external traffic for malicious content.

Subject matter expert for recently implemented NDR.

Implemented and orchestrated company-wide security training.

Collaborate with multiple teams to run periodic testing to ensure business applications are sufficiently secured.

Periodic research and testing of new security tools that can replace or enhance current tools used in the environment to benefit the company’s security posture.

Daily threat hunting of malicious threat that potentially have the potential to disrupt production workflow.

Utilize SIEM for log management. Would also be used to create rules that would report out based on specific event patterns.

Proficient in application-based security by utilizing detections reported by the EDR.

Led monthly team reviews to ensure proper standards are being practiced for various security teams.

Bi-weekly high-level presentations to upper management to display current metrics and significant incidents.

01/2020 to 06/2023

Systems Security Analyst, Operations

New York Stock Exchange (ICE) – Atlanta, GA

System monitoring and incident management.

Managed hundreds of daily alerts/alarms through the use of our SNMP tool.

Assisted in migrating high-level clients to a new data center while ensuring security controls are migrated successfully as well.

Ran threat intelligence campaigns and actioned any findings relevant to the company.

Introduced automation points to better increase efficiency and prevent human error to limit internal vulnerability possibilities.

Routinely run threat hunting missions in the environment and excise any unfavorable results.

Assisted in research and implementation of new tools that aligned with vetted company use cases.

Configured and maintained application-based firewalls. (Imperva)

06/2018 to 01/2020

Network Technician

Peach State Federal Credit Union – Lawrenceville, GA

Managed internal network related incidents to ensure employees had constant and secured availability to PSFCU's network.

Implemented malware agent installation on employee nodes and manage regular scans/updates to prevent exploits.

Resolved 40+ tickets daily.

Responded to cyber-attacks by imploring different security techniques to eradicate issues while preserving company information.

Assigned application access, security roles and permissions.

Supported project planning team to promptly address hardware and software problems and network emergencies.

Monitored operational and security procedures for numerous computers in network, related systems administration, and maintenance protocols.

Assessed and responded to network system alerts, prioritizing serious faults to rapidly address downtimes.

Oversaw and managed operational and security requirements for numerous computers in network, related systems administration, and regular maintenance

Education

07/2018

Associate of Applied Science: Cybersecurity

Gwinnett Technical College - Lawrenceville

Accomplishments

Led projects to migrate sensitive applications and their corresponding clients to a new datacenter.

Implemented new, and more efficient procedures for system monitoring that both reduce the need for constant screen time and provide more accurate and detailed alert.

Facilitated the upgrade of numerous workstations from to Windows 10 across multiple branch sites.

Managed high severity incidents that impacted multiple financial exchanges/institutions.

Led the push for the integration and use of Splunk while documenting the process to better equip future analysts.

Licenses & Certifications

CompTIA A+ Certified

CompTIA Network+ Certified

CompTIA Security+ Certified

Palo Alto Firewall Certified (PCCET)

Splunk Core Certified Power User

ISC (CC) Certified in Cybersecurity

Contact this candidate