Batholomew Forze

Washington D.C Metro Area

ad2j5r@r.postjobfree.com 301-***-****

Summary

I am an IT Security Specialist with excellent technical skills seeking a position of Cybersecurity Analyst, with over 5 years of experience in network monitoring, Firewalls, Intrusion analysis, Malware analysis, threat analysis and phishing email investigation. Experience utilizing SIEM tools to monitor, analyze incidents and investigate security related alerts and respond as needed.

Skills Summary

Cyber Security Incident Response

Encryption and Hashing

Experience with malware analysis

Network & System Security

Experience with Malicious PowerShell analysis

Experience Phishing Email analysis

Experience Performing incident response.

Experience with Sandbox analysis

Cyber Security awareness and training

Experience Working knowledge of TTPs used by threat actors.

Experience with endpoint analysis

Experience with ticketing applications

Understanding of PCL, HIPPA, GDRP, etc.

Great analytical and problem-solving skills as well as inter-personal skills.

Excellent Verbal and written communication skills, detailed oriented and able to precisely follow documented procedures.

Natural curiosity and ability to learn new skills quickly.

Strong attention to detail.

Education and Certification

Bachelor’s degree in business administration, Strayer University, 2016.

COMPTia Security+

TECHNICAL SKILLS

Cisco AMP for End Points •Cisco Threat Grid •Cisco Umbrella •Any.Run • Azure Security Center/Monitor •Splunk •Microsoft Email Header Analyzer• CyberChef •Microsoft Suite •JIRA •ServiceNow (SNOW) • Active Directory •TCP/IP • CrowdStrike • VirusTotal • AbuseIPDB • Whois • IPVoid • MS Defender • Thousandeyes •Tanium •Anomali Threatstream •Recorded future •C.O.R. E •Proofpoint Threat Response, Proofpoint TAP(URL), Proofpoint TRAP •Splunk ES •

PROFESSIONAL EXPERIENCE

RackSpace 11/2022 – Present

SOC Analyst II

Monitor global NIDS, FWs, and logs correlation tools for potential threats.

Initiates escalation procedures to counteract potential threats/vulnerabilities.

Provide incident remediation and prevention documentation.

Document and conform to processes related to security monitoring.

Provides performance metrics as necessary.

Supervise monitoring of security events and alerts received from ISOC security tools.

Manage end user reported incidents.

Responsible for the first line of security incident response within the Rackspace ISOC.

Hunt for suspicious activity base on anomalous activity and indicators of compromise from various intelligence and toolset.

Serve as the technical escalation point and mentor for lower-level analysts.

Provide communication and escalation throughout an incident per the ISOC SOP.

Report potential and actual security violations and provide recommendations.

Communicate directly with end users and asset owners.

Perform in-depth analysis of log files, systems, and network traffic.

Maintain a strong awareness of the current threat landscape.

Create knowledge base articles for handling different level security incidents.

Insight Global 03/2018 – 11/2022

SOC Analyst

Conduct proactive monitoring, investigation, and mitigation of security incidents.

Recognize potential, successful, and unsuccessful intrusion attempts and compromises, thorough reviews and analyses of relevant event detail and summary information.

Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business unit.

Monitored and analyzed network traffic, Intrusion Detection Systems (IDS), security events and logs.

Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall, SOC functions.

Investigate, process and resolved security alerts.

Prioritized and differentiate between potential intrusion attempts and false alarms.

Utilized Intrusion Detection and Prevention (IDS/IPS) to monitor malicious activities on the network. IPS and IDS logs to uncover malicious activity going on within the network.

Educate end users on phishing email attacks.

Conduct phishing Email analysis.

Used Cisco AMP for malware analysis.

Request for malicious domains and Ips to be blocked following company’s standard operation procedures.

Trinitech Consulting 03/2016 – 03/2018

Desktop Support Tech,

Perform troubleshooting and support of systems and Network devices.

Assemble new systems and replace defective hardware, installed all required operating system and application software.

Perform Systems Backup and Recovery

Install Anti-Virus and cleaning of infected systems.

Install and troubleshoot Peripherals (Printers, scanners, speakers, and wireless devices)

Install Oracle Virtual box on windows hosts and create, install, and configure guest OS.

Troubleshoot Systems and Network connectivity issues with the LAN and CAN

Troubleshoot and resolved connectivity problems with network devices.

Used stars ticketing system to manage tickets and track task progress.

Contact this candidate