Cyber Security Analyst

Conrad E Ekellem

SYLVER SPRING MD

Tell: 301-***-****

*****-*************@*****.***

Summary

A Cyber Security analyst with about 5 years experience and a thorough understanding of information technology. Proactive in network monitoring with SIEM(Splunk), a profound knowledge in identifying and analyzing threats and suspicious events as they pour in through tools. Has a mastery in using various security tools to perform logs and packet analyses and can further perform malware analyses with the overall objective to ensure confidentiality, integrity and availability of systems, network or data. Technical skills:

Wireshark, Nessus, Digital Guardian, PhishER, Resilient, Qualys, SolarWinds, ServiceNow, Crowdstrike, Proofpoint, Tenable.sc, and Qradar XDR, FireEye, Firewall Logs, TCPdump, Snort Certifications & Training:

CompTIA Certified Security+ Professional (2023)

CompTIA Cyber Security Analyst (CySA+)

PROFESSIONAL EXPERIENCE

Computer WareHouse :

Cyber Security Technical support (2018-2019

Diagnosed and resolved customer reported system incidents, problems, and events.

I also installed and configured hardware, software, and peripheral equipment for system users in accordance with organizational standards.

Troubleshoot system hardware and software.

Administered accounts, network rights, and access to systems and equipment.

Monitored and reported client-level computer system performance.

Developed and delivered technical trainings to educate others or meet customer needs. RIGIDGroup, Columbia, Maryland

SOC Analyst

● I was mainly responsible for collecting raw data as well as reviewing alarms and alerts.

● I confirmed, determined or adjusted the criticality of alerts and enrich them with relevant data.

● Did triage to identify whether alerts were justified or a false positive,

● An additional responsibility I had at this level is identifying other high-risk events and potential incidents.

● I did alerts prioritized according to their criticality. If problems occurring cannot be solved at this level, I made sure to escalate them to tier 2 analysts.

● I Collaborated in team problem-solving efforts to identify and mitigate potential threats or events.

● I did Partnered with Security Engineers to understand and improve monitoring, logging, and alert prioritization to enhance SOC investigation and response.

● I monitored SIEM logs (Splunk) for undetected events, equally created tickets for malicious logs, reporting information security concerns and problems, when necessary.

● I monitored security events correlating information from data center feeds and functional areas to identify incidents, issues, threats, and vulnerabilities.

● Analyzed network traffic files (PCAP) differentiating between potential intrusion attempts and false alarms and acting on these logs as needed.

● Assist in the creation and update of SOPs, information security policies, and other technical documentation.

● Investigated a variety of phishing email and make determination on whether they are malicious or not with email protection tools (PhishER/ProofPoint).

● Perform research on new threats happening and vulnerabilities using security blogs and news outlets and checking my environment using security tools.

● Analyzing EDR (Digital guardian, Crowdstrike ) logs to determine severity of logs and provided appropriate remediation.

● Investigate malicious IPs, Domains, and URLs using Open-Source tools and escalate to the network team for blocking using ticketing tool (SNow).

● Utilize vulnerability scanner (Qualys) to analyze discovery scan data and vulnerability data to determine unusual use configurations, discovery of aged software, and proper identification of high-severity vulnerabilities.

● Escalate potential security incidents to clients recommending further actions and operational improvements. CableNET Inc. Maryland

SOC Security Analyst/Incident and Response Soc Analyst

-Monitor and analyze security events and logs from various sources such as firewalls, IDSes, IPS and anti virus software

-Asisted in Performing vulnerability scans and penetration tests to identify security weaknesses

- Took part in developing and implementing security policies, procedures and best practices

- Was a team member in investigating security incidents and breaches, and provided recommendations for remediation

Monitored and responded to security alerts and or notifications that we got from Crowdstrick

( Our EDR),emails, or those that we got from our ticketing tool ( ServiceNow), or from Splunk.

-Researched and evaluated emerging security threats and vulnerabilities

- Was part of a team that configured and maintained security tools and systems.

-Developed and maintained awareness trainings and programs.

-Assisted in development of security architectures and designs

-Created and maintained security documentations

-Collaborated with other teams to ensure security requirements are met. BaselineTech, Virginia

Security Analyst

-Continuous monitoring and Interpretation of threats using the IDS and SIEM

-Used vulnerability assessment tools such as Nessus, Nmap to perform security testing

-Investigated phishing email, domains, IPs using open source intelligence like Virustotal, IPVoid, Speed guide, Spider foot,

-Conducted Network Security Monitoring on services including SIEM, IDS/IPS, Firewall, Web Application Firewalls, and Data Loss Prevention( DLP)

-Conducted log analysis using Splunk

-Monitored account access and ensured encryption of data

-Installed security patches and monitored system performance to identify potential threats

-Collected information from internal and external sources and investigate security breaches

-Performed vulnerability and risk assessments and conduct root cause analysis

-Monitored and recorded incidents and prepared disaster recovery plans.

Contact this candidate