Soc Analyst
Resume:
Richard Atta Boateng
Michigan, 48187
adrrmv@r.postjobfree.com/
adrrmv@r.postjobfree.com
Solution-driven and proactive professional with 2 years of experience as a SOC Analyst providing first level of response to security events, triage, analysis, and timely resolution with excellent work ethic. Experienced with a wide range of technologies with expertise in risk management, managing SIEM tools, EDR tools, threat intelligence, threat hunting, and vulnerability management of systems with the ability to learn quickly and adapt to new environment. Well versed with static and dynamic malware analysis with strong critical thinking, communications, and people skills. Experience in creating SOPs and Playbooks, transfer of knowledge and applying Cyber Kill Chain, MITRE ATT&CK Framework and Diamond Intrusion Framework in analyses TECHNICAL SKILLS
Security Technologies and
Threat Intelligence Tools
Cisco Sourcefire, Cisco Secure Endpoint, Falcon CrowdStrike, Carbon Black Cloud, Splunk ES, Splunk Search, Forcepoint DLP Manager, Wireshark, Anti- Virus Tools, Mimecast, VirusTotal, IBM X-Force Exchange and Palo Alto Networks URL filtering – Test A Site, AbuseIPDB, IPVoid, Hybrid Analysis, Mx Toolbox, Simple Email Reputation, Cyberchef, DNS Lookup, etc.. Ticket Systems JIRA
Software Microsoft Office (MS Word, Excel, Access, Power Point), MS Project, Adobe, working knowledge in Matlab, Python, R, SPSS, Stata, SAS and Minitab. Security Frameworks NIST SP 800 Series including NIST 800-61, Revision 2 Operating System Windows
Networking LANs, WANs, VPNs, Routers, Firewalls, TCP/IP Cloud Computing: AWS Solution Architect -in progress Civil Engineering Application Synchro/SimTraffic, Vissim, Cube, HSM, HCM, HCS, MUTCD, ArcGIS, TransCAD, ILWIS, Pythagoras, AutoCAD Civil 3D, GeoPak Microstation and Tableau. Total Station, Level Instrument, Theodolite, Static and Kinematics GPS facilities EDUCATION & CERTIFICATION
CompTIA Security + Certification May 2022
University of Virginia, Charlottesville, Virginia Aug 2016 - May 2021 Doctor of Philosophy (Ph.D.) in Civil Engineering
Major: Traffic/Transportation
Western Michigan University, Kalamazoo, Michigan Jan 2014 - May 2016 Master of Science in Civil Engineering
Major: in Traffic/Transportation
Kwame Nkrumah University of Science & Technology (KNUST), Ghana Aug 2002 - May 2006 Bachelor of Science in Geomatic Engineering
Major: Transportation and Surveying
WORK EXPERIENCE
Orchard, Hiltz & McCliment, Inc Incidence Response Analyst Livonia, Michigan 2021 - Date
- Conduct log analysis on Splunk and provide recommendations to the technical teams via The Jira ticketing system. 2
- Execute analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures
- Utilize and adhere to defined workflow using ThreatConnect and processes driving the Threat Monitoring and escalation/handoff actions
- Analyze potential cyber threats from a variety of intakes, taking appropriate response actions to include threat containment and/or escalation
- Follow escalation and handoff procedures to team members and leadership based on defined threat and priority determination
- Utilize a variety of security tools and technologies to analyze potential threats to determine impact, scope, and recovery
- Leverage network security tools and capabilities to support Cyber Threat Monitoring activities
- Document results of cyber threat analysis effectively and prepare a comprehensive handoff and/or escalation for IR/Intelligence Function teams
- Prioritize and differentiate between potential intrusion attempts and false alarms
- Monitor and analyze logs and alerts from a variety of different technologies across multiple platforms in order to identify security incidents affecting the organization
- Assess the security impact of security alerts and traffic anomalies to identify malicious actions in order to escalate up to senior members of the team
- Execute analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures
- Using Splunk search to analyze email logs to ensure that malicious emails and attachments are not delivered or dropped.
- Using endpoint tools such as Cisco Secure Endpoint to search the host from the event logs to detect suspicious file or malware.
- Using Carbon Black Cloud to terminate and delete any suspicious file and place it in the banned or block list
- Conducting initial triage, containment, categorization, and escalation of suspicious events and incidents.
- Providing incident response activities.
Pimajoy Technology & Consulting LLC SOC Analyst Chantilly, Virginia 2020-2021
- Used Cisco Sourcefire to monitor network traffic to ensure malicious network traffic is dropped.
- Analyzed and responded to security events and incidents from Firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Network Access Control and other client data sources.
- Developed dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc.
- Investigated malicious phishing email, domains and IPS using open-source threat intelligence tools and recommend proper blocking based on analysis
- Ensured the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerabilities scanning devices.
- Monitored, detected and investigated the operational status of monitoring components.
- Performed proactive hunting for threats that may have escaped the monitoring system.
- Performed network security monitoring and incident response for a large organization
- Monitored and analyzed Security Information and Event Management SIEM to identify security issues for remediation.
- Performed triage and response activities related to suspected phishing emails reported to the information security team.
- Investigated and advised on potential risks and active vulnerabilities identified within the monitored network environment
- Researched attempted breach of data security and rectify security weaknesses.
- Utilized Splunk Enterprise Security for network, application, and endpoint log analysis to identify indicators of compromise and perform the appropriate mitigation.
- Created and maintained operational reports for Key Performance Indicators and weekly and monthly metrics. 3
- Contributed to security strategy and security posture by identifying security gaps, evaluate and implement enhancements.
- Evaluated and process Web Site Review Requests from internal users to access blocked websites using OSINT tools.
- Created reports on security trends, metrics, events, and incidents
- Providing escalation support and document resolutions for improvement
- Used Mimecast and Splunk to monitor phishing email alerts
- Conducting proactive monitoring, investigation, and mitigation of security incidents. University of Virginia /Virginia Transportation Research Council (VTRC)
- Incorporation of Accessibility into Transportation Project Prioritization Phase I & II
- Providing Traffic Control Device Information in a Connected and Automated Vehicle Environment.
- Investigating Cybersecurity Issues in Active Traffic Management Systems. HONORS AND AWARDS
- Furman W. Barton Award for Outstanding Achievement and Contribution as a Graduate Student, Virginia Transportation Research Council (VTRC). 2021
- Sweet Sixteen High Value Research Projects Winner 2016, "Evaluation of Michigan's Engineering Improvements for Older Drivers". https://research.transportation.org/wp- content/uploads/sites/31/2017/12/HVR_2016.pdf (Page 7) by AASHTO Research “Sweet Sixteen” Awards
2016
- First Place Award, 2015 ITE Michigan student paper. Title of the paper; “Evaluating the effectiveness of pedestrians Countdown signals on older drivers in Michigan”. The project was sponsored by MDOT.
https://www.itemichigan.org/Documents/Newsletters/Winter2015_Michiganite.pdf 2015
- First Place Award, 2015 ITE Great Lakes District student paper. Title of the paper; “Evaluating the effectiveness of pedestrians Countdown signals on older drivers in Michigan”. The project was sponsored by MDOT. https://wmich.edu/engineer/boateng 2015
REFEREES
John S. Miller, Ph.D, P.E., Principal Research Scientist, Virginia Transportation Research Council, 530
Edgemont Road, Charlottesville, VA 22903
Email: adrrmv@r.postjobfree.com
Tel: 434-***-****
Brian L. Smith, Professor and Chair, P.E, Ph.D.
Engineering Systems and Environment
PO Box 400747, Charlottesville, Virginia 22904
Email: adrrmv@r.postjobfree.com
Tel: 434-***-****
Contact this candidate