Emmanuel Nche
Analyst
Fort Worth, Texas, United States
***********@*****.***
SUMMARY
I am a Passionate SOC Analyst with over 4 years of experience in detecting, triaging, investigating and remediating network, host, and email-based attacks. Proficient in phishing email analysis, incident response, data loss prevention and improving SOC processes by utilizing top industry enterprise security solutions. Ability to work independently as well as with team members. Prioritize and manage multiple tasks concurrently. Troubleshoot and resolve complex issues in a demanding work environment quickly and efficiently. WORK EXPERIENCE
February 2018-Current
SOC Analyst
Texas department of criminal justice
United States
Responsibilities:
• Triage and investigate incoming alerts generated from Splunk ES to determine the severity and impact of the event or incidents.
• Consistently monitor events generated on Splunk ES incident dashboard. Assist in creating Splunk dashboards to capture all customized logs generated by systems and applications.
• Investigate malicious embedded links, attachments obfuscated in phishing emails using Threat Grid, IronPort, O365 Threat explorer.
• Handle phishing email cases and triage the phishing submission mailbox.
• Prioritizing and categorizing between potential intrusion attempt and false positives.
• Developing follow-up action plans to resolve reportable issues and communicating with other IT teams to address security threats and incidents accordingly
• Escalating incidents to tier 2 and incident response analysts for further analysis
• Supporting Incident Response till resolution following Standard Operation Procedures
(SOP)
• Assisting with the development of processes and procedures to improve incident response times, analysis of incidents, and overall, SOC functions
• Responding to computer security incidents by collecting, analyzing, preserving digital evidence and ensuring that incidents are recorded and tracked in accordance with organizational SOC requirements
• Using McAfee DLP to protect intellectual property and ensuring compliance by safeguarding sensitive data
• Analyzing email logs to confirm that malicious emails were not delivered or are quarantined, and malicious attachments dropped.
• Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS), security events and logs to identify abnormal and suspicious activity
• Working with SOC Engineers and other SMEs to operate Intrusion detection and prevention systems (IDS/IPS) such as SNORT and Sourcefire to analyze, detect worms
and vulnerability exploit attempts
• Give Client recommendations on how to resolve, remediate and mitigate escalated issues.
• Staying up to date with current vulnerabilities, attacks, and countermeasures March 2016-February 2018
Technical Analyst
TDCJ
Palestine, Texas, United States
• Installed and repaired facility and division ITG equipment and software per TDCJ division ITG standards and guidelines, including but not limited to terminals, personal computers, printers, cabling, and related software products
• Responded and resolved inquiries and requests for assistance with division or facility computer systems while providing a superior customer support experience for division and facility users
• Analyzed and provided hands-on support for simple to moderate inquiries. Determined appropriate technical area or vendor to resolve the problem and coordinated with other technical areas, as needed
• Logged and tracked problems associated with tracking databases
• Performed facility-based moves, adds, and changes (MACs), as needed
• Maintained documentation for each incident or request, and escalated complex problems to the next level of support per documented procedures
• Provided 24x7 on-call support based on division IT staff rotation, and carried a pager as warranted
• Aided and trained users on division and facility technology
• Performed preventative maintenance
• Effectively worked with customers, Service Desk and Technical Services personnel
• Participated in meetings, committees, and continued education to improve individual, departmental and organizational performance
• Adhered and supported TDCJ ITG standards, policies, and procedures December 2013-March 2016
Correctional Officer
Texas Department of Criminal Justice
Palestine, Texas, United States
• Monitored inmate behavior and report unusual activity to ensure safety and security.
• Conduct regular searches of inmate areas like cells, recreation rooms and showers for unauthorized items.
• Assist other correctional supervisors with management of inmates.
• Escort inmates to job sites, medical facilities, classrooms or wherever they are needed in a timely and secure manner
• Read, reviewed and properly applied information found in inmate records related to health and security of the facility and TDCJ policies.
• Provided counseling and guidance to inmates.
• Supervised inmates performing technical skills such as construction, maintenance, laundry, food service and varied industrial and agricultural operations.
EDUCATION
-Current
Bachelor's degree in environmental sciences
University Of Yaoundé
Palo Alto, California, United States
University Of Yaoundé I - Cameroon
Bachelor's degree in environmental sciences.
TECHNICAL EXPERIENCE
• Malware Analysis/Phishing email analysis
• Incident Response/Cyber Threat Intelligence
• Network Security Protocols/TCP/IP
• Splunk,
• Wireshark
• Snort/Firepower/CrowdStrike/Carbon Black
• McAfee/Bluecoat/FireEye/
• Palo Alto/Cisco IronPort
• Linux/Windows/ Active Directory
• Archer/ServiceNow/Confluence/Jira
• Microsoft Office 356/SharePoint
• Virus Total, Domain Tools, IP/URL void, IBM X-Force
• Any. Run Sandbox
• TECHNICAL EXPERIENCE
SKILLS
Comptia DLP IDS IPS Snort Splunk Wireshark Cisco Firepower Threat Defense Firepower Intrusion Malware Active Directory Cisco Incident Response Network Security TCP/IP Customer Support Technical Services Confluence JIRA ServiceNow TCP Linux Microsoft Sharepoint Sharepoint Intrusion Detection Intrusion Detection Systems Computer Security SOP Documentation SOC Maintenance Cabling Service Desk Printers Intellectual Property Food Service Medical Facilities Operations Environmental Sciences Microsoft Office CERTIFICATIONS
CompTIA Security +
LANGUAGES
English - Intermediate
WORK AUTHORIZATION
I am authorized to work in the following countries:
• United States