Erika D Senkpeni

Louisville KY 502-***-**** ad3esm@r.postjobfree.com https://www.linkedin.com/in/erika-senkpeni

SUMMARY

Results-driven SOC Analyst with 5+ years of experience in networking and analyzing security attacks on enterprise networks. Proven ability to effectively respond to phishing emails, AD attacks, and other network attacks’ Ensure confidentiality, integrity, and availability of systems, networks, and data. Ability to recognize unexpected processes, prohibited traffic, threat activity, known threats, and breaches utilizing various SIEM, EDR, and detection tools including IBM QRadar, Splunk Enterprise Security, Nessus, Proofpoint, CrowdStrike, FortiGate, and network monitoring solutions. Multiple recognitions were received for my contributions to the SOC team from SOC team-mates and SOC Leads.

Education & Certifications

University of Liberia BBA Bachelor of Business Administration 04/2009

AWS Certified Solutions Architect — Associate

CompTIA Security+ Certificate

Splunk Core Certified User, Power User, Certified Admin

Technology

Frameworks: NIST Cybersecurity Framework, HIPAA, PCI DS, ISO 27001 & ISO 27002, GDPR, FISMA, CIS, CISA, MITRE ATT&CK, SANS

Platforms: Visual Studio Code, Windows Desktop/Server OS, Active Directory Defense, Linux OS, VMware, AWS, IDS/IPS, Log Analysis & Pen-Testing

Security Tools: Proofpoint, ONSIT, Jira, PowerShell, CrowdStrike Falcon, SOAR, AI, IBM QRadar, Splunk Enterprise Security, FortiGate, ManageEngine (OpManager), Tenable Nessus, Qualys, Acunetix, Armis, Wireshark, ServiceNow, GuardDuty, SecurityHub, and CloudTrail

Experience

Security Analyst Medasource/Nortonhealthcare Louisville KY 11/04/23 - Present

Create accounts in ADManager for employees, contractors and vendors. Also, disable employees and contractors who have been discharged from their duties and whose contracts are over.

Add new users to accounts that have already been created and assign permissions to those accounts etc.

Work on several insurance websites for new and existing providers

Reset employee password that has been locked

SOC Analyst CyberNow Labs Sterling, VA Part Time 01/2023 - Present

Identify and block over 1,000 phishing emails by scrutinizing email headers for signs of spoofing, examining URLs and attachments in the body of emails through static and dynamic analysis, and following SOC playbooks.

Successfully analyze, escalated, and assisted in the remediation of over 100 critical phishing email security incidents by following detailed processes and procedures.

Harnessed Proofpoint TAP to identify and mitigate email threats

Effectively communicate findings and providing recommendations for remediation of phishing email threats.

Utilized CrowdStrike Falcon Platform to investigate and respond to potential security incidents, prioritizing IOA and IOC.

Ensured effective incident response and threat mitigation by leveraging Splunk Security Enterprise to triage and investigate notable events.

Utilized the powerful search and analysis capabilities of Splunk Security Enterprise to review and analyze notable events generated by various security data sources, including logs, network traffic, and system events.

Actively monitored offensive activities within QRadar SIEM, ensuring timely response and resolution. Conducted investigations on offensive activities by utilizing QRadar centralized log management, network flow analysis, and threat intelligence integration to gain a holistic view of potential threats.

Utilize MITRE ATT&CK, to research and analyze potential security threats and risks

Collaborated with cross-functional teams, sharing insights gained from packet analysis using Wireshark.

Conducted vulnerability scanning using Tenable Nessus to identify and mitigate network and infrastructure risks.

Stayed updated with emerging threat intelligence trends and technologies through continuous learning.

SOC Analyst Touching Hearts Home Healthcare Services Louisville, KY 07/2019 – 01/2023

Monitored and analyzed Active Directory logs using IBM QRadar SIEM, enhancing detection

Conducted in-depth analysis of logs, system events, and network traffic to identify signs of compromise.

Collaborated with the vulnerability management team to ensure timely patching and remediation.

Enhanced detection capabilities and proactive threat hunting for Active Directory attacks.

Implemented security controls, policies, and procedures to protect client data and applications.

Monitored AWS infrastructure and applications for security incidents, responding effectively.

Implement security controls, and intrusion detection using GuardDuty, Inspector, VPC flow log, CloudWatch, and CloudTrail for monitoring user login.