Soc Analyst Active Directory

Ndip Ayuk Collins

Lexington, Kentucky

Cell: 859-***-****

Email: ****************@*****.***

Qualification Summary

Experience and highly motivated SOC analyst with over 5 years in threat detection, monitoring, and reporting of suspicious network events. Ensure organization cybersecurity posture, critical network assets are protected against insider and external malicious actors. Follow organization established SOP to safeguard the Confidentiality, Integrity, and Availability of data process by the information system. Possesses strong skills managing and reporting network, application, and OS related Vulnerability. Leverage Advance automation tool (SIEM) to correct, aggregate and parse log data from various endpoints effectively and on timely manner. Self-driven, highly motivated, Security Operation (SOC) Analyst with proven hands-on skill to handle complex tasks in a pressure environment, good written and verbal communication skills.

.

Skills

•

•Malware Analysis

•Crowd strike (Endpoint security)

•Wireshark

•Network Security Protocols/ TCP/IP

•Tenable Nessus Professional and Security Scenters

•Splunk Enterprise Security

•NIST SP 800-61, NIST SP 800-92

•US-Cert

•IBM X-Force Exchange

•ServiceNow/Demist

•Proofpoint

•Linux/Windows

•Active Directory/Microsoft Office

•Virus Total,

•Mx toolbox

•FireEye XDR

•McAfee DLP

Employment History

NEOTECC LLC

Washington, DC

SOC Analyst June 2019 – Present

•Monitor SIEM (Splunk) to detect security issues for remediation

•Document and track investigations to resolution, create security alert notifications to customers.

•Assist in Incident Response till resolution following organization establish (SOP).

•Prioritize and differentia between false positive and true positive alert

•Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall, SOC functions.

•Analyze and response to previously unknown software and hardware vulnerability.

•Use Mobile Device Management (MDM) to all managed enterprise mobile devices are reporting compliance

•Follow MITRE Attack Framework to investigate and analyze malicious attacks TTP

Tec2 IT Consulting

Cybersecurity SOC Analyst May 2016 – June 2019

•Consistently monitoring and working on alerts generating on SIEM

•Created Splunk dashboards to capture all customized logs generated by systems and applications.

•Assisted in creating new use cases and performing SOC testing, Cybersecurity threat hunt, Cybersecurity management, and policy creation.

•Reviewed and updating SOC run books as required.

•Performed endpoint detection and prevention

•Maintained records of security monitoring and incident response activities, leverage ticking system.

•Provided client recommendations on how to securely resolve escalated issues

•Developed follow-up action plans to resolve reportable issues and communicating with other IT teams to address security threats and incidents accordingly.

•Participated in Incident Response till resolution following Standard Operation Procedures (SOP).

•Generated end-of-shift report for documentation and Acknowledge transfer to on-board analyst on shift.

•Triage security events using Incident Response (IR) playbook.

Education

Associate Degree in Science

•CompTIA Security+ SYO-601 Certified

Languages:

English & French

Contact this candidate