Security Analyst Support

HELTON

DIRANE B.

MOYO

IT SECURITY ANALYST (SOC)

CONTACT

341-***-****

****.******@*****.***

CA

CAREER OBJECTIVE

Detail-oriented professional with

more than 4 years of experience in

investigating and preventing

network, host, and email-based

attacks. Performing malware

analysis, incident response, data loss

prevention, and improving SOC

processes by utilizing top industry

security solutions. Self-motivated,

goal-oriented, and

customer-focused with excellent

communication. Aiming to leverage

my skills to successfully fill a

challenging Security Operations

role.

EXPERIENCE

February 2018 - Present

IT Security (SOC) Analyst

BlueVoyant

● Apply incident handling processes-including preparation, identification, containment, eradication, and recovery to protect enterprise environments

● Investigating, analyzing, and processing endpoint alerts using different tools; Service Now ticketing tool, FireEye NX, Symantec End Point Protection, Crowdstrike, SIEM (Splunk ES) and OSINT tools

● Investigating, analyzing, and processing phishing email alerts from IronPort and FireEye EX following standard operating procedures

● Evaluating and processing Web Site Review Requests from internal users to access blocked websites using OSINT tools

● Analyzing and resolving DLP alerts from McAfee DLP Manager and Splunk Enterprise Security (Splunk ES) and escalate cyber privacy incidents to the Privacy Team

● Continuously monitoring and interpretation of threats using the IDS and SIEM

● Using Vulnerability Assessment tool as Nessus to perform scans and security testing

● Monitor and analyze network traffic, Intrusion detection system

(IDS), security events, and logs

● Utilized Splunk SIEM, Firepower and FireEye NX (IPS/IDS), McAfee

(DLP), and bro network sniffer to perform triage of certain investigations

● Block malicious domains, hashes, and IPs following the company's Standard Operation Procedures (SOP)

● Use Splunk to search and analyze email logs to confirm malicious emails were not delivered or are quarantined and malicious attachments dropped

● Coordinate with the CIRT team to investigate and resolve security incidents

● Prioritize and differentiate between potential intrusion attempts or false alarms

● Assists with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions

● Work with security operation center engineers to operate IDS/IPS such as SNORT to analyze and detect worms, vulnerabilities exploit attempts

● Perform monthly and scheduled vulnerability scans with Nessus

● Investigate intrusions on tools like Carbon Black (CB) and TrendMicro associated with suspicious activity on endpoints

● Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment

● Pick up service tickets within established SLAs and escalate to Tier Three as needed

● Stay current with vulnerabilities, attacks, and countermeasures. January 2017 - February 2018

Technical Support Analyst

Breeze End Technology

● Troubleshooting endpoints

Monitored network performance to determine if adjustments were required

● Planned and recommended network hardware, systems management software and architecture

● Recommended modifications of basic IT systems to improve and simplify business systems and reduce operating cost

● Responsibility for network planning, design, security, and optimization

● Installed/Reimaged, configured and maintained staff computers, file servers, ethernet networks and network cabling

● Established and developed procedures for proper utilization of IT technology

● Developed strategies and direction for network systems solutions

● Implemented and maintains security strategies for internal network

● Ensured maximum system uptime by performing

routine/preventative maintenance tasks

● Tested new software for bugs before deployment/provisioning EDUCATION

August 2018

Frontend Developer (HTML, CSS, JS, REACT )

Bay Valley Tech Academy, CA

Relevant Coursework

● Bootcamp

June 2010

Bachelor Of Science In Information Technology

University Of Yaounde I.

ADDITIONAL SKILLS

● IDS/IPS, FireEye NX, Firepower SIEM-Splunk ES, Qradar EDR- Crowdstrike Email Security-IronPort, FireEye EX, Office 365 Vulnerability Scanner-Nessus Port Scanner- Nmap DLP- McAfee Data Loss

Prevention Pcap and analysis-Wireshark Firewall

-Palo Alto, Imperva Proxies- Bluecoat, McAfee Web Gateway OSI Model OSINT- Ticketing- Demisto, Service Now AV-Microsoft Defender, McAfee ePolicy

MS Office) Sandboxing- ThreatGrid, Anyrun

Network Protocols Cyber Kill chain Mitre Att&ck TCP/IP VPN Palo alto Incident Response Malware analysis phishing email vulnerability management Nessus Triage IronPort O365 MX Toolbox

FireEye Cisco CrowdStrike Trend Micro bro Threat Crowd URLvoid VirusTotal IPvoid

CERTIFICATIONS

● CompTIA Security+ SYO-601

● Currently working on CompTIA CYSA+

Contact this candidate