Marynelly L. Njobe

ad3ry4@r.postjobfree.com

240-***-****

Glenarden MD, 20706

Knowledgeable and performance driven security operation center (SOC) analyst with 4+ years of experience in analyzing and responding to network, application, and endpoint-based security breaches. Good knowledge in analyzing phishing emails, DLP alerts, malware authentication-based alerts; just to name a few, and act as a first responder to security incidents and events. Investigating compromised systems, determining threat vectors as well as providing firsthand remediation and mitigation. Experience using SIEM Tools like Splunk in monitoring, analyzing, and resolving incidents together with different teams. I am fluent in English language, awesome communication skills and a reliable team player.

TECHNICAL SKILLS

Experience with security monitoring tools (SIEM Tools) like: IronPort, FireEye ETP, McAfee DLP Manager, Splunk, FireEye NX, Microsoft AZURE, Microsoft Defender ATP, Crowd strike, Carbon Black.

Determine threat vectors by investigating compromised systems and providing real time remediation.

Software /apps: Windows Active Directory, MS Server, Microsoft Office, Splunk, and Wireshark.

Work in a 24/7 rotating shift environment.

Experience using ServiceNow ticketing systems to document findings and contact the client, if need be, to escalate a ticket.

Systems: Windows OS, Windows Server, and Virtual Machines.

Great communication skills and a good team player.

Protocols: TCP/IP, DNS, Kerberos, Telnet, SSH, RDP, SMTP, FTP, LDAP, DHCP, HTTPS

Strong understanding of networking (TCP Flags, TCP 3-way Handshake, IP addressing, Firewalls, Proxy).

Experience with the Cyber Kill chain model and the MITRE Att&ck framework.

Strong understanding of security incident management, malware management and vulnerability management processes Security monitoring experience with one or more SIEM technologies – Splunk and intrusion detection technologies

Excellent English both written and verbal skills.

Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Antivirus products

Able to analyze network traffic, IDS/IPS/DLP events, packet capture, and firewall logs.

Experience in capturing intelligence on threat actor TTPs and developing first level countermeasures in response to threat actors.

Experience with Splunk Enterprise Security (ES) to monitor, detect, and isolate incidents happening in the organization’s security products, network devices, end-user devices and systems.

Experience conducting analysis of network traffic and host activity across a wide array of technologies and platforms.

PROFESSIONAL EXPERIENCE

SOC Analyst at TEKGLOBAL. January 2021-Present

Conducts packet level analysis using TCPdump or Wireshark on the session and surrounding traffic of an IDS alert.

Working with protocols at layers 2 and higher in the OSI model, to include ARP, TCP, UDP, ICMP, DNS, Telnet, SSH, HTTP, SSL, SNMP, SMTP, and other common protocols that use the well-known ports.

Knowledge in basic security concepts and terminology such as the CIA triad, industry best practices, risk, vulnerability, threat, attack vectors, encryption, encoding, and various types of threat actors.

Knowledge in basic security concepts and terminology such as the CIA triad, industry best practices, risk, vulnerability, threat, attack vectors, encryption, encoding, and various types of threat actors.

Perform security event/alert monitoring and analyzing, rendering remediations to identified incidents and escalating as required.

Monitor and analyze suspicious email and web traffic daily.

Monitor system logs and network traffic for unusual or suspicious activities.

Monitor network, websites, applications, database servers, data centers and other infrastructures to protect them from cyber threats.

Provide 24/7 real-time monitoring of security tools, dashboards, and email alerts.

Monitor and investigate systems network alerts that come in through email and via SPLUNK Express.

Investigate, analyze, and process phishing email alerts from iron port and fire eye following standard operating procedures.

Perform triage on alerts by determining their criticality and scope of impact.

Investigate, analyze, and process endpoint alerts using SIEM Tools such as FireEye Hx, McAfee Antivirus, Cylance, Splunk Enterprise Security (Splunk ES) and OSINT tools.

Investigate, interpret, and respond to complex security incidence.

Perform basic IDS (Trend Micro, Palo Alto, Cortex, etc.) rule creation and tuning based on indicators in network traffic.

Recognize potential successful and unsuccessful intrusion, attempts and compromises through reviews and analysis of security tools.

Involved in planning and implementing preventive security measures, and in building incident response and disaster recovery plans.

Monitor information security industry news and blogs posts for internal and external threats.

Develop and conduct weekly targeting training for the SOC team.

Junior SOC Analyst TEKGLOBAL January 2020- December 2020

Conducted security monitoring and reporting, at different levels of the system such as network, application, and endpoint levels with the help of tools such as fire eye Nx, Microsoft defender, mimecast, Microsoft O365, crowdstrike, splunk, and google DLP.

Analyzed security alerts and escalated security incidents to local support teams.

Responded to security incidents and escalated when necessary.

Developed and delivered security awareness and compliance training programs.

Identified, reviewed, and analyzed potential intrusion attempts and compromise.

Knowledge in basic security concepts and terminology such as the CIA triad, industry best practices, risk, vulnerability, threat, attack vectors, encryption, encoding, and various types of threat actors.

Ongoing review of SIEM dashboards, system, application logs, and custom monitoring tools

Malware and threat analysis.

Engage with Clients to build and maintain good, professional relationships.

Recognizing and categorizing types of vulnerabilities and associated attacks.

Implement action plan and provide result.

Perform steps till issues are resolved or need escalation.

IT HELP DESK Support Analyst FedEx December 2018- December 2019

Assisted in compiling data and prepared reports there by setting forth progress, adverse trends and appropriate recommendations based on information from the Call Management Tracking System.

Provided direct assistance to customers through email and telephone.

Assisted with compiling and regularly maintaining a log of frequently asked questions (FAQ)

Coordinated efforts with staff associates and subject matter experts to resolve problems, maintained liaison with network users and technical staff to communicate the status of problem resolution, assisting with monitoring network management systems.

Provided prompt and appropriate response to phone and e-ticket inquiries and requests with associated computer systems.

Performed initial problem analysis, triage, identify, troubleshoot customer issues.

Appropriately escalated technical issues to the network team or subject matter experts as needed.

Performed duties such as unlocking user accounts and helping with password reset support.

Assisted in the development of a comprehensive help desk training plan.

CERTIFICATIONS:

CompTIA Security+ SYO 601 October 2023.

EDUCATION:

B.Sc. in Computer science, University of Buea June 2017.

Contact this candidate