Professional Summary

A Cyber Security Analyst with proficient, vast experience and a good understanding of information technology. Specialized in proactive network monitoring of SIEM (Splunk) with a deep knowledge in identifying and analyzing suspicious events. Able to use various security tools to perform logs and packet analysis. Experience with performing malware analysis with the overall objective to ensure confidentiality, integrity and availability of the systems, networks, and data.

Technical Skills

Malware Analysis/Endpoint Security, Incident Response/Cyber Threat Intelligence, Network Security Protocols/TCP/IP, Splunk, CrowdStrike, Nessus, O365, Snort/Firepower/FireEye, Jira/ServiceNow, McAfee/Bluecoat/FireEye, Palo Alto/Cisco IronPort, Linux/Windows/ Active Directory, ServiceNow/Confluence, Microsoft Office 356/Sharepoint/OneDrive, VirusTotal, Domain Tools, IP/URLvoid, IBM X-Force, Any.run/Threat Grid Sandbox, Cloud Computing, Authorization-To-Operate (ATO) Process, PO&AM Management, Risk Management, Security Assessment & Authorization, Fax Solution, PCI-DSS, I AM, SSO, 2FA, OWASP, Nmap, python

Professional Experience

Pitch Tech - Austin, TX July 2019 - Present

Security Operations Center (SOC) Analyst

Working in a 24x7 Security Operations Center.

Continuous monitoring and interpretation of threats using the IDS and SIEM.

Using Vulnerability Assessment tools such as Nessus to perform scheduled and manual scans as required.

Investigating malicious phishing emails, domains and IPs using Open-Source tools and recommending proper blocking based on analysis.

Rescanning mitigated systems for further infections using CrowdStrike and Symantec AV and commissioning systems back to the network.

Conducting research on new and evolving threats and vulnerabilities using different OSINT sources.

Researching new and evolving threats and vulnerabilities with potential to impact the monitored environment.

Conducting log analysis using Splunk.

Identifying suspicious/malicious activities or codes.

Monitoring and analyzing security events to determine intrusion and malicious events..

Searching firewall, email, web, or DNS logs to identify and mitigate intrusion attempts..

Investigating VPN alerts and following up with users to determine legitimacy of such activity.

Investigating possible brute-force attempts and followed up with mitigation strategies based on user feedback.

Creating, tracking, and working to resolution normal and standard job-related change Requests.

Analyzing and resolve DLP alerts from McAfee DLP Manager and FireEye Smart vision and Escalating cyber privacy incidents to the Privacy Team.

Working incidents from initial assignment to final resolution.

Investigating, analyzing, and processing retroactive and reported phishing email alerts from IronPort while following standard operating procedures. Use O365 Threat Explorer to analyze, scope and determine the recipients of the phishing emails withing the company.

Evaluating and processing Web Site Review Requests from internal users to access blocked websites using organization policies and OSINT tools.

Assisting in building SOPs as needed or directed to facilitate SOC operations and processes.

Fully documenting assigned tickets to show all work performed and attach the required artifacts in order to pass SLRs.

Assisting with the creation of the daily SOC reports and shift reports and pass down emails and tickets to the incoming shift team.

Investigating traffic to suspicious domains and IPs and submitted a block to the NOC per the investigation results.

Using Firepower IPS/IDS and FireEye NX to investigate possible intrusion attempts .

Pitch Tech Consulting - Austin, TX August 2017 - July 2019

IT Support Specialist

Resolved complex technical issues that arose on client computer using troubleshooting.

Effectively made recommendations to IT users on selection of hardware and software.

Installed and maintained Windows and desktop software, service packs, patches, and anti- virus updates.

Managed assets inventory and deployed desktop images to end users.

Worked directly with HR dealing with New Hire Onboarding Process and trained.

Decreased laptop rollout deployment times by 50% by creating, documenting, and implementing updated load set for Windows 7 and Office 2010.

Participated in revolving on-call schedule to provide 24/7 service to users.

Troubleshoot various technical issues dealing with printers, network, and phone systems.

Managed laptop and MacBook inventory and assisted in procuring new hardware, software, and related supplies.

Provided support in setting up audio and visual technology for conferences and meetings.

Shell GTL - Qatar October 2015 - March 2017

Network Security Analyst

Expect with access list, IPsec tunnels, NAT, SSL Headers, HTTP headers for layer 7 traffic filtering

Deployed an intrusion detection system (IDS) to monitor network traffic for suspicious behavior

Extensive knowledge on the implementation of cisco ASA checkpoint R75 and juniper SRX firewall

I Dealt with monitoring tools network packet capture like Wire-shark

I implement security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS and AAA

I Install, configure and administration of window servers 2000/2003, Active Directory, FTP, DNS, DHCP under various LAN and WAN environment

Responded to emergency situation such as DDos attack and malware infections when necessary

I monitor network traffic to detect potential threat and then responding to these threats promptly

Well-rounded knowledge of layers of the OSI Model & TCP/IP

Good knowledge of troubleshooting LAN/WAN

I used Email gateway to block phishing and social engineering attempts targeting employees

We used integrated firewall to block hostile network attacks

Education

Master’s Degree, Cyber security Technology, Present

University of Maryland Global Campus

Associates Degree in Computer Science, (Cyber security) December 2021

Oklahoma City Community College Oklahoma City

Bachelor of Science, cybersecurity Law and Policy, May 2011

University of Yaounde II Cameroon

Certifications

CompTIA CYSA + (certified)

CompTIA Security+ (Certified)

CompTIA CSAP Security Analytics professional

Computer Network Support Analyst

Contact this candidate