Batholomew Forze
Washington D.C Metro Area
ad2j5r@r.postjobfree.com 301-***-****
Summary
I am an IT Security Specialist with excellent technical skills seeking a position of Cybersecurity Analyst, with over 5 years of experience in network monitoring, Firewalls, Intrusion analysis, Malware analysis, threat analysis and phishing email investigation. Experience utilizing SIEM tools to monitor, analyze incidents and investigate security related alerts and respond as needed.
Skills Summary
Cyber Security Incident Response
Encryption and Hashing
Experience with malware analysis
Network & System Security
Experience with Malicious PowerShell analysis
Experience Phishing Email analysis
Experience Performing incident response.
Experience with Sandbox analysis
Cyber Security awareness and training
Experience Working knowledge of TTPs used by threat actors.
Experience with endpoint analysis
Experience with ticketing applications
Understanding of PCL, HIPPA, GDRP, etc.
Great analytical and problem-solving skills as well as inter-personal skills.
Excellent Verbal and written communication skills, detailed oriented and able to precisely follow documented procedures.
Natural curiosity and ability to learn new skills quickly.
Strong attention to detail.
Education and Certification
Bachelor’s degree in business administration, Strayer University, 2016.
COMPTia Security+
TECHNICAL SKILLS
Cisco AMP for End Points •Cisco Threat Grid •Cisco Umbrella •Any.Run • Azure Security Center/Monitor •Splunk •Microsoft Email Header Analyzer• CyberChef •Microsoft Suite •JIRA •ServiceNow (SNOW) • Active Directory •TCP/IP • CrowdStrike • VirusTotal • AbuseIPDB • Whois • IPVoid • MS Defender • Thousandeyes •Tanium •Anomali Threatstream •Recorded future •C.O.R. E •Proofpoint Threat Response, Proofpoint TAP(URL), Proofpoint TRAP •Splunk ES •
PROFESSIONAL EXPERIENCE
RackSpace 11/2022 – Present
SOC Analyst II
Monitor global NIDS, FWs, and logs correlation tools for potential threats.
Initiates escalation procedures to counteract potential threats/vulnerabilities.
Provide incident remediation and prevention documentation.
Document and conform to processes related to security monitoring.
Provides performance metrics as necessary.
Supervise monitoring of security events and alerts received from ISOC security tools.
Manage end user reported incidents.
Responsible for the first line of security incident response within the Rackspace ISOC.
Hunt for suspicious activity base on anomalous activity and indicators of compromise from various intelligence and toolset.
Serve as the technical escalation point and mentor for lower-level analysts.
Provide communication and escalation throughout an incident per the ISOC SOP.
Report potential and actual security violations and provide recommendations.
Communicate directly with end users and asset owners.
Perform in-depth analysis of log files, systems, and network traffic.
Maintain a strong awareness of the current threat landscape.
Create knowledge base articles for handling different level security incidents.
Insight Global 03/2018 – 11/2022
SOC Analyst
Conduct proactive monitoring, investigation, and mitigation of security incidents.
Recognize potential, successful, and unsuccessful intrusion attempts and compromises, thorough reviews and analyses of relevant event detail and summary information.
Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business unit.
Monitored and analyzed network traffic, Intrusion Detection Systems (IDS), security events and logs.
Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall, SOC functions.
Investigate, process and resolved security alerts.
Prioritized and differentiate between potential intrusion attempts and false alarms.
Utilized Intrusion Detection and Prevention (IDS/IPS) to monitor malicious activities on the network. IPS and IDS logs to uncover malicious activity going on within the network.
Educate end users on phishing email attacks.
Conduct phishing Email analysis.
Used Cisco AMP for malware analysis.
Request for malicious domains and Ips to be blocked following company’s standard operation procedures.
Trinitech Consulting 03/2016 – 03/2018
Desktop Support Tech,
Perform troubleshooting and support of systems and Network devices.
Assemble new systems and replace defective hardware, installed all required operating system and application software.
Perform Systems Backup and Recovery
Install Anti-Virus and cleaning of infected systems.
Install and troubleshoot Peripherals (Printers, scanners, speakers, and wireless devices)
Install Oracle Virtual box on windows hosts and create, install, and configure guest OS.
Troubleshoot Systems and Network connectivity issues with the LAN and CAN
Troubleshoot and resolved connectivity problems with network devices.
Used stars ticketing system to manage tickets and track task progress.