Post Job Free
Sign in

Soc Analyst

Location:
Dumfries, VA
Posted:
May 29, 2024

Contact this candidate

Resume:

Carbon Black Cloud, Microsoft Defender ATP, Azure Sentinel, Splunk ES, Splunk Search and Reporting App, Forcepoint DLP Manager, McAfee Web Poxy, Nmap, Wireshark, Log Management, Anti-Virus Tools, Mimecast, Nessus

Software: Microsoft Office, Visio, MS Project, Adobe, Salesforce, SaaS, SharePoint

Operating System: Windows (2000,2007,10), Mac OS, Linux/Unix

Networking: LANs, WANs, VPNs, Routers, Firewalls, TCP/IP

Microsoft Tools: MS Word, Excel, Access, Power Point, SharePoint, Visio

Security Frameworks: NIST SP 800 Series including NIST 800-37, NIST 800-53, NIST 800-171 NIST 800-172; ISO 27000 Series including ISO 27001, ISO 27002, COSO/COBIT, Sarbanes-Oxley Act, SAS-70/SSAE 16, ITIL, ISO 27001, Privacy Act of 1974, Gramm–Leach–Bliley Act (GLB), HITECH/HIPAA

Ticket Systems: Service now, JIRA, Demisto (SOAR)

OSINT: VirusTotal.com, IBM X-Force Exchange and Palo Alto Networks URL filtering – Test A Site, AbuseIPDB, IPVoid, Hybrid Analysis

HHHSSSSJJJJJJJJJJJJJJJJJJJJJJ

JUNIOR SOC ANALYST, American Bureau of shipping May, 2024 -March, 2024

· Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions.

· Use Cisco Sourcefire to monitor network traffic to ensure malicious network traffic is dropped.

· Analyze and respond to security events and incidents from Firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Network Access Control and other client data sources.

· Utilize Splunk Enterprise Security for network, application and endpoint log analysis to identify indicators of compromise and perform the appropriate mitigation.

· Review and investigate endpoint alerts from Carbon Black, CrowdStrike and Cisco AMP.

· Proactively look for suspicious activity based on data alerts or data outputs from various toolsets and SIEM platforms.

· Continuously improve processes for use across multiple detection sets for more efficient Security Operations

· Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed

· Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc.

· Create and design customized Dashboards to monitor the performance of scanners and scan activities.

· Provide forensic analysis of network packet captures, DNS, proxy, NetFlow, malware, host-based security, and application logs, as well as logs from various types of security sensors

· Use Splunk to search and analyze email logs to confirm malicious emails were not delivered or are quarantined and malicious attachments are dropped.

· Perform Root cause analysis by reviewing and analyzing security incidents.

· Analyze potential threats, anomalies, triage security events, and perform preliminary analysis, validating the events.

JUNIOR SOC ANALYST, Osl retail services, july 2019 – april 2022

Document investigation results, ensuring relevant details are passed to SOC Lead, Incident management and stakeholders

· Search firewall, email, web, and DNS logs to identify and mitigate intrusion attempts.

· Investigate malicious phishing email, domains and IPS using open-source threat intelligence tools and recommend proper blocking based on analysis.

· Monitor, detect and investigate the operational status of monitoring components.

· Create and maintain operational reports for Key Performance Indicators and weekly-monthly metrics.

· Monitor and respond to network traffic for security events and triage analysis to identify security incidents

· Perform triage and response activities related to suspected phishing emails reported to the information security team.

· Investigate and advise on potential risks and active vulnerabilities identified within the monitored network environment

· Research attempted breach of data security and rectify security weaknesses.

· Provide 24/7/365 real-time monitoring of security tools, dashboards,

EDUCATION AND TRAINING

Msc Cybersecuirty & Information Assurance(On-going)

Western Governors University

Bsc. Chemical Engineering

Kwame Nkrumah University of Science and Technology, Ghana

CERTIFICATIONS

Cybersecurity Security Analyst(CySA+)

Security+

samudeen mustapha

Clearance type: Secret I Richmond, Virginia 347-***-**** *******.********@*****.***



Contact this candidate