cyberSecurity Analyst
Resume:
PATRICK OLISE
Bowie, MD
202-***-**** ***********@*****.***
SUMMARY
To obtain a position as a cybersecurity analyst within a prominent organization as this where I can put all my security skills into accomplishing any given task. Experienced in incident management, triage, investigation, analysis and reporting. I can recognize and analyze suspicious events such as phishing campaigns, IOC trends, log analysis, packet captures, and more. Finally, I can perform email and domain analysis. Knowledge of NIST 800-59, NIST 800-60, NIST 800-171.
EDUCATION AND PROFESSIONAL COURSES
University of Maryland University College
Masters. in Cybersecurity – in progress
University of Maryland Eastern Shore
B.Sc. in Biology
CITIZENSHIP
U.S. Citizen
KNOWLEDGE & SKILLS
TCP/IP, DNS, WINS, Microsoft office 00/03/07/10 Outlook, Word, Excel, Internet Explorer, HTML, DHCP
McAfee Nitro, ePO ArcSight, Splunk, FireEye, Snort, NMAP, Nessus, Firewall Logs, Kali Linux, RSA (Net Witness), Wireshark, TCPdump, JIRA, Archer, SharePoint, ServiceNow, Carbon Black, Proofpoint, Cylance, O365 CLOUD application security, Nexpose, Squert, Security Onion, Solarwinds, Symantec Endpoint, Trendmicro, Fireeye, Proofpoint TAP, LOGRhythm, kibana.
PROFESSIONAL EXPERIENCE
FUND, Washington DC October 2018 – Present
SOC Security Analyst / Incident Response SOC Analyst
●Identify and ingest indicators of compromise (IOC’s) (e.g., malicious IPs/URLs, etc.) into network security tools/applications.
●Conduct proactive monitoring, investigation, and mitigation of security incidents
●Analyze security event data from the network
●Triage incidents according to procedure and SOP
●Perform domain analysis and monitor for trends on latest IOCs
●Utilize proofpoint for organizations data loss preventions, target attack protection, social media, mobile devices, digital risk, email encryption, electronic discovery, and email archiving
●Research new and evolving threats and vulnerabilities with potential to impact the monitored environment
●Conduct log analysis using Arcsight
●Utilize carbon black bit9 endpoint security to detects malicious behavior and prevent malicious files from attacking our organization
●Identify suspicious/malicious activities and codes
●Monitoring and analysis of security events to determine intrusion and malicious events.
●Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts.
●Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis.
●Conduct research on new and evolving threats and vulnerabilities using security blogs.
●Continuous monitoring and interpretation of threats using the IDS and SIEM tools
MK CYBER, Greensboro, Va July 2016 – August 2018
SOC Security Analyst / Incident Response SOC Analyst
●Conduct proactive monitoring, investigation, and mitigation of security incidents based on use cases in splunk
●Analyze security event data from the network (IDS, SIEM).
●Perform static malware analysis on isolated virtual servers
●Rescan mitigated systems for further infections. If none, commission systems back to the network.
●Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
●Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
●Research new and evolving threats and vulnerabilities with potential to impact the monitored environment using security blogs
●Conduct log analysis using Splunk
●Identify suspicious/malicious activities, IOC and ingested into Cylance..
●Responded to incidence about Impossible travel activity; fraudulent inbox rule creation as well as activity from infrequent countries with business email compromise (BEC)
●Use Vulnerability Assessment tools such as Nessus, NMAP to perform security testing
●Monitoring and analysis of security events to determine intrusion and malicious events.
●Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts.
●Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis.
●Continuous monitoring and interpretation of threats using the SIEM as well as updating clients on infected endpoints.
●Made recommendations to clients regarding infected endpoints and continued monitoring for activities
●Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
●Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems. Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks.
●Recommend changes to Standard Operating Procedures and other similar documentation
●Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
●Attended hand over meetings
MICROSOFT, Ashburn Va.
Inventory Asset /Cloud Data Center Technician April 2015- June 2016
● Receive cloud servers for colocation and ensure to ship RMF as well as dispose of equipment properly
●Maintain and update property management databases, expendable items and local procurement funds.
●Upgrade and manage local and program operating instructions for logistics.
●Head responsibility for complete disposition as well as Property Turn In procedures (PTI).
●Conduct technical logistic analysis and provide expertise in program support.
●Supports Global Datacenter Operations
●Executing work-orders via ticketing queues and systems
●Supports deployment of on-site DC physical infrastructures – such as Servers, NetDevices, SANs, Windows Server OS Support, physical cabling, parts/component replacement, and physical hardware troubleshooting
●Participating with inventory, spare, cable, and related asset management tasks
●Provide excellent customer service with technical abilities to support Microsoft’s future success
Contact this candidate