Information Security Analyst

Muhammed Cil, Security+

Clifton, VA ***** *********.**@*****.*** 571-***-**** in/gurkancil

INFORMATION SECURITY ANALYST

CompTIA Security+ certified Information Security Analyst with 15 years of professional experience in information technology, information security and international education. Specialized in security analysis and incident response. Experience on hands-on projects in monitoring and analysis of potential and active threats using security tools and processes. Currently working towards getting CEH certification. TECHNICAL SKILLS

Security: Splunk, FireEye, Nessus, QRadar, Carbon Black, Nmap, Wireshark, Kali Linux, VirtualBox, Metasploit, Metasploitable, Linux Command Line Tools, NIST-800, OWASP 10, Burp Suite, Phishing Analysis Networking: Wireshark/TCPView packet analysis, DNS, Whois, TCP/IP & OSI Layer Programming: Php, MySQL, HTML, CSS, Java Script, Joomla, WordPress, Drupal Operating Systems: Windows Server 2012, Linux, Windows 7,8,10 Certifications: CompTIA Security+ CEH (In Progress), IBM QRadar SIEM Foundation, Splunk 7.x Fundamentals PROFESSIONAL EXPERIENCE

Information Security Analyst Jan 2020 to Present

CyberNow Labs, Chantilly, VA

• Conduct log analysis on Splunk and IBM QRadar SIEM solutions and provide recommendations to the technical teams via The Hive ticketing system.

• Monitor and analyze SIEM alerts through Splunk and IBM QRadar and identify security anomalies for investigation and remediation such as firewall denies, authentication failures, connection to a known malware site, traffic from an untrusted network, and potential data loss.

• Analyze security incidents on SIEM solution Splunk for evidence of malicious behavior.

• Analysis of network activity logs using Splunk to identify root cause, malicious activity, and evidence of post- exploitation.

• Leverage Splunk to analyze logs and other security events to find targeted attacks against the network.

• Create advance queries methods in Splunk or advance Grep skills.

• Analyze network traffic flows, system logs, and packets using security appliances to review the indicators of compromise (IOCs).

• Conduct analysis to determine the legitimacy of files, domains and emails using online resources such as VirusTotal, AnyRun, and MX Toolbox.

• Familiarity with fundamentals of information security including network technologies and tools, identity and access management, network security, implementing secure systems and risk management.

• Analyze PCAP files, narrow down anomaly traffic with Wireshark, examine the details of the infected hosts and write IOC on executive summary reports.

• Acquire and analyze triages when necessary to gain insight on the incidents and consequently request containment for malicious machines and servers.

• Experience in using various tools like FireEye HX, Burp Suite, NMap, Tenable Nessus, Kali Linux and Metasploit.

• Study common cyber-attack types and create examples using tools such as SEToolkit in Kali Linux.

• Review existing policies and guidance to ensure compliance with National Institutes of Technology (NIST) Risk Framework.

• Conduct penetration testing using tools in Kali Linux such as Metasploit Framework against Metasploitable System and Network Administrator Feb 2019 to Jan 2020 Pinnacle Academy, Chantilly, VA

• Provided server maintenance, troubleshot technical problems and performed operating system administration with Windows-based computer systems.

• Troubleshot network devices including firewall, switches, and access points.

• Installed basic OS and various accessories such as office productivity tools, antivirus and other updates.

• Administered G-Suite.

• Managed web domain and hosting.

• Monitored network performance.

• Monitored network traffic for suspicious behavior.

• Ensured network security and connectivity.

• Troubleshot issues and outages.

• Set up accounts and workstations.

• Set up user accounts, permissions and passwords.

• Onboarded users to network.

• Trained users on hardware and software.

• Resolved problems reported by end users.

IT Administrator and Instructor Aug 2005 to Jan 2019 Paragon International School, Phnom Penh, Cambodia

• Redesigned school websites with Joomla and WordPress and updated regularly.

• Developed Student Information System (SIS) based on Php and MySQL.

• Managed domain and hosting.

• Integrated and administered G-Suite.

• Established a brand-new server room.

• Established NComputing system with VMware and Active Directory (AD) on the main server and integrated with smart boards in the classrooms.

• Provided server maintenance, troubleshot technical problems and performed operating system administration with Windows-based computer systems.

• Troubleshot network devices including firewall, switches, and access points.

• Installed basic OS and various accessories such as office productivity tools, antivirus and other updates.

• Monitored network performance and network traffic for suspicious behavior.

• Ensured network security and connectivity.

• Set up accounts and workstations.

• Resolved problems reported by end users.

• Taught a variety of Computer and Physics courses at the middle and high school level. EDUCATION

• Applied Educational Leadership and Management, MA 2017 - 2020 University of London, UK

• Physics, BS 2000 - 2004

Dumlupinar University, Turkey

CERTIFICATIONS

• CompTIA Security+

• IBM QRadar SIEM Foundation

• Splunk 7.x Fundamentals Part 1

TRAININGS

• CyberNow Labs Cyber Security Analyst Hands-on Training References available upon request

Contact this candidate