LESLIE NGONG
West Chester Ohio
Email: *************@*****.***
Tel: 513-***-****
EXPERIENCE SUMMARY:
Experienced SOC Analyst with 19months of experience in investigating and preventing network, host, and email-based attacks. Assisted in analyzing malware, data loss prevention and improving SOC processes by utilizing top industry security solutions.
CERTIFICATIONS
● CompTIA Security+
PROFESSIONAL EXPERIENCE:
AT&T, Cincinnati Ohio
Security Operation Center (SOC) Analyst June 2020 to Present
● Providing 24/7/365 real-time monitoring of security tools, dashboards, and email alerts.
● Reporting security incidents using ServiceNow ticketing system.
● Performing triage on alerts by determining their criticality and scope of impact.
● Investigating, analyzing, and processing endpoint alerts using SIEM tools; CISCO Firepower, FireEye EX, FireEye NX, FireEye HX .Symantec EndPoint Protection, Crowstrike, Defender for endpoint, Splunk Enterprise Security (Splunk ES) and OSINT tool
● Reviewing and collecting asset data; indicators of compromise, logs, configurations and running processes, on these systems for further investigation and reporting.
● Involved in planning and implementing preventative security measures and in building incident response and disaster recovery plans.
● Investigating, analyzing, and processing retroactive and reported phishing email alerts from IronPort while following standard operating procedures. Use O365 Threat Explorer to analyze, scope and determine the recipients of the phishing emails within the company.
● Evaluating and processing Web Site Review Requests from internal users to access blocked websites using OSINT tools.
● Analyzing and resolving DLP alerts from McAfee DLP Manager and Splunk Enterprise Security (Splunk ES) and Escalate cyber privacy incidents to the Privacy Team.
● Working incidents from initial assignment to final resolution.
● Assisting in building SOPs as needed or directed to facilitate SOC operations and processes
● Fully documenting assigned tickets to show all work performed and attach the required artifacts in order to pass SLRs
● Thorough understanding of IDS/IPS and a good knowledge of TCPIP stack.
● Assisting in performing Root Cause Analysis (RCA) and make preventative recommendations for incidents and events
● Recognizing potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools
● Creating, tracking, and working to resolution Normal and Standard job-related Change Requests
● Assisting with the creation of the daily SOC report and Shift reports and pass down emails to the incoming shift members
● Participating in daily security meetings with team members and customer teams
T Mobile, Cincinnati, Ohio
IT Support Specialist September 2017 – June 2020
● Resolved complex technical issues that arose on client computer using troubleshooting
● Effectively made recommendations to IT users on selection of hardware and software
● Successfully administered user accounts, Exchange mailboxes, and security and distribution
● Installed and maintained Windows and desktop software, service packs, patches, and anti- virus updates.
● Managed assets inventory and deployed desktop images to end users.
● Worked directly with HR dealing with New Hire Onboarding Process and trained
● Decreased laptop rollout deployment times by 50% by creating, documenting, and implementing updated load set for Windows 7 and Office 2010.
● Participated in revolving on-call schedule to provide 24/7 service to users
● Troubleshoot various technical issues dealing with printers, network, and phone systems
● Worked with third party vendors to resolve issues with hardware or software covered by annual maintenance agreements.
● Managed laptop and MacBook inventory and assisted in procuring new hardware, software and related supplies
● Provided support in setting up audio and visual technology for conferences and meetings.
Skills
Malware Analysis/Endpoint Security Incident Response/Cyber Threat Intelligence Network Security Protocols/TCP/IP Splunk Snort/Firepower/FireEy/ Jira/ServiceNow McAfee/FireEye Palo Alto/Cisco IronPort Linux/Windows/ Active Directory ServiceNow/Confluence Microsoft Office 356/Sharepoint/OneDrive VirusTotal DomainTools, IP/URLvoid, IBM X-Force Any.run/ThreatGrid Sandbox
EDUCATION
● University of Buea
Bachelor’s in Information Technology 10/2009