Post Job Free
Sign in

Security Loss Prevention

Location:
Fort Worth, TX
Posted:
November 28, 2022

Contact this candidate

Resume:

Chi SMON

PERMANENT RESIDENT

Contact: 214-***-**** Email: **********@*****.***

EXPERIENCE SUMMARY:

•Over the past 3 years, I have worked in the field of Information Technology as Security Operation Center (SOC) Analyst.

•My skill sets revolve around networking, Threat Intel, Endpoint protection and monitoring as well as data loss prevention using different SIEM tools.

•I have experience in utilizing SIEM tools to monitor/analyze incidents and work with stakeholders to resolve incidents and escalate incidents when necessary following policies and procedures.

•I possess a deep understanding of hacker techniques, vulnerabilities, attacks, and countermeasures.

CERTIFICATION

CompTIA Security+

Working on ETHICAL HACKING

EDUCATION

Associate degree city and guilds London in construction management

PROFESSIONAL EXPERIENCE

Advantage Resources 5/21to Present

Security Operation Center (SOC) Analyst

•Analyze, investigate and process Malicious/Phishing Email alerts from IronPort, O365, Proofpoint and FireEye following standard operating procedure.

•Contribute to security strategy and security posture by identifying security gaps, evaluate and implement enhancements.

•Prioritize and differentiating between potential intrusion attempts and false alarms.

•Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall, SOC functions.

•Provide Incident Response (IR) support when analysis confirms actionable incident.

•Strong working knowledge of network security monitoring and incident response, good written and technical communications skills.

•Provide continuous monitoring of Security defenses and functions for the Agency.

•Provide triage analysis and initial preventive response in significant incidents including basic response remediation techniques.

•Analyzing and escalating security incidents to clients and stakeholders both written and verbally.

•Responding to technical security questions and concerns from clients.

• Maintain a strong awareness and understanding of the current threat landscape.

•Conduct research on emerging security threats and potential customer impact.

•Provide incident data gathering, quality control and validation of required data via tickets.

•Correlate data analysis from different sources for escalation or validation.

•Prepare and maintain SOPs for triage and escalation of most common types of incidents.

•Escalate cybersecurity incidents to Tier 3/CSIRT for further forensic analysis.

•Detect and track critical and high vulnerabilities and verifies and validates remediation.

•Use Splunk Enterprise Security (ES) to monitor and investigate alerts from different data sources.

TechLink (Dept. of labor) 4/2019 to PRESENT

Security Operation Center (SOC) Analyst

Duties included:

•Provide 24/7/365 real-time monitoring of security tools, dashboards, and email alerts.

•Provide continuous monitoring of Security defenses and functions for the Agency.

•Provide triage analysis and initial preventive response in significant incidents including basic response analysis, quarantine and escalation.

•Assessing the security impact of security alerts and traffic anomalies on customer networks.

•Creating comprehensive security write-ups which articulate security issues, analysis and remediation techniques.

•Analyzing and escalating security incidents to clients and stakeholders both written and verbally.

•Responding to technical security questions and concerns from clients.

• Maintain a strong awareness and understanding of the current threat landscape.

•Conduct research on emerging security threats and potential customer impact.

•Provide incident data gathering, quality control and validation.

•Analyze and resolve DLP alerts from McAfee DLP Manager, escalate procedures.

•Analyze, investigate and process Malicious/Phishing Email alerts from IronPort and FireEye following standard operation procedure.

•Contribute to security strategy and security posture by identifying security gaps, evaluate and implement enhancements.

•Prioritize and differentiating between potential intrusion attempts and false alarms.

•Assist with the development of processes and procedures to improve incident

Defense Process, ensuring that technical, operational and management control securing sensitive security systems are in place and being followed according to the Federal Guidelines.

•Accomplished continuous monitoring of security controls as a guide by testing a portion one-third of the Applicable Security controls annually and performing periodic Vulnerability Scan.



Contact this candidate