Soc Analyst Support
Resume:
Yvonne Mforneh
Tel: 678-***-**** Email: **********@*****.***
EXPERIENCE SUMMARY:
Mrs. Yvonne Mforneh is a persistent and well oriented Cyber Security Analyst with experience in Network, Application and Operating Systems monitoring. She has analyzed phishing emails including email headers, malware, source code, act as a first responder to incidents to determine threat vectors and provide initial remediation. She also has experience in utilizing SIEM tools to monitor, analyze and investigate incidents. She has experience working with stake holders to resolve incidents and escalates when necessary following policies and procedures.
TECHNICAL SKILLS/TOOLS
Cyber Kill chain Mitre Att&ck TCP/IP VPN Palo alto Incident Response Malware analysis phishing email vulnerability management Wireshark Triage IronPort O365 MX Toolbox FireEye Nessus Cisco IBM X-Force Splunk ES Carbon Black MS Defender AWS Cisco Firepower Threat Crowd URL void Virus Total IP void
Mine cast Sourcefire McAfee Web Gateway McAfee DLP Google DLP Google Admin Google Vault AirWatch Infoblox, Redline \ Nessus Security Center Nmap, Wireshark, IDS/IPS; Anti-Virus Tools; (Norton, Symantec).
PROFESSIONAL EXPERIENCE:
Think Tech Consulting
Responsible for security monitoring of networks, analyze important security alarms,web sites, applications, databases, servers, data centers and other infrastructures to protect them from cyber threats.
Provide incident response for phishing malware, virus etc.
Developed advanced correlation rules in Qradar.
Developed and fine-tuned content rules for security events.
Provided cyber security solution with the integration of ATAR (Automated Threat Analysis and Response).
Manage multiple security tools such as (SIEM, Firewalls, Proxy devices, Active directory)
Provide 24/7/365 real-time monitoring of security tools, dashboards, and email alerts.
Report security incidents using ServiceNow ticketing system for events that signal an incident and require Tier 3 Incident Response review.
Perform triage on alerts by determining their criticality and scope of impact.
Investigate, analyze, and process endpoint alerts using SIEM tools; FireEye HX, McAfee Antivirus, Cylance, Splunk Enterprise Security (Splunk ES) and OSINT tools.
Review and collect asset data; indicators of compromise, logs, configurations and running processes, on these systems for further investigation and reporting.
Involve in planning and implementing preventative security measures and in building incident response and disaster recovery plans.
Investigate, analyze, and process phishing email alerts from IronPort and FireEye following standard operating procedures.
Evaluate and process Web Site Review Requests from internal users to access blocked websites using OSINT tools.
Perform functional data analysis to develop profiles of adversaries to identify tactics, techniques & procedures (TTPs) derived from analysis of malware, actions taken on compromised hosts & attempted data theft
Perform proactive hunting for threats that may have escaped the monitoring system.
Analyze and resolve DLP alerts from McAfee DLP Manager and Splunk Enterprise Security (Splunk ES) and escalate cyber privacy incidents to the Privacy Team.
Work incidents from initial assignment to final resolution.
Investigate, interpret, and responds to complex security incidents.
Develop SOP (Standard Operation Procedure) and playbooks for different incidents as needed or directed to facilitate SOC operations.
Fully document assigned tickets to show all work performed to pass SLRs.
Perform Computer Security Incident Response activities for a large global enterprise, coordinate with other enterprise IT teams to record and report incidents
Work incidents from initial assignment to final resolution
Perform Root Cause Analysis (RCA) and make preventative recommendations
Conduct forensics and investigations as needed using security tools such as Splunk, FireEye, Cisco IPS, OSINT, etc.
Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools
Investigate, interpret, and responds to complex security incidents
Author SOPs as needed or directed
Create, track, and work to resolution Normal and Standard job-related Change Requests
Develop and conduct weekly targeting training for the SOC team
Coordinate threat hunting activities across the network leveraging intelligence from multiple internal and external sources, as well as cutting-edge security technologies
Perform functional data analysis to develop profiles of adversaries to identify tactics, techniques & procedures (TTPs) derived from analysis of malware, actions taken on compromised hosts & attempted data theft.
•Analyze network and host-based security appliance logs (Firewalls, Workstations, Active Directory) to determine the correct remediation actions and escalation paths.
Providing regular updates and communications to key stakeholder management
ProviD= periodic major incident metrics reports
IT Helpdesk Support Analyst January 2017 - May 2018
Golden Tech Consulting
Duties Included
Provide prompt and appropriate response to phone and e-ticket inquiries and requests for assistance with the associated computer systems; Perform initial problem analysis, triage, identify, troubleshoot customer issues, provide advice and assistance and appropriately refer technical issues to the network team or subject matter experts when appropriate.
Provide direct assistance to customers via telephone and email.
Coordinate efforts with staff associates and subject matter experts to resolve problems; maintain liaison with network users and technical staff to communicate the status of problem resolution; assist with monitoring network management systems.
Log and track each request and appropriate demographic data related to each request.
Ensuring all administration and reports are maintained and up to date, including contacts information, technical diagrams, post major incident reviews
Form collaborative action plans with specific actions, roles, and deadlines, and ensuring these are completed
Assist with compiling data and prepare reports setting forth progress, adverse trends, and appropriate recommendations based on information from the Call Management Tracking System.
Assist with compiling and regularly maintaining a log of Frequently Asked Questions (FAQ) originating with all categories of customers.
Assist with providing and managing official answers to all FAQs and distribute same to all interested stakeholders.
Providing periodic major incident metrics reports
Contribute to the preparation of procedure manuals and documentation for help desk use; conduct periodic customer satisfaction surveys and track customer problem trends; make recommendations for improvements to customer experience and create reports based on information provided from customer surveys and trend analyses.
Assist in the development of a comprehensive help desk training plan; assist in training personnel who provide backup coverage and in training users related to the operation and maintenance of systems.
Perform other related duties including unlocking user accounts and helping with password reset support.
Operating Systems: Unix-Based Systems (Solaris, Linux); Windows.
Networking: LANs, VPNs, Routers, Firewalls, TCP/IP
Software: MS Office Azure, (Word, Excel, Outlook, Access, PowerPoint)
Ticket Systems: Archer, ServiceNow, Remedy & JIRA, IRT
Open-Source Site Check tools (OSINT): URLVOID.COM, VirusTotal.com, zscaller.com,
IBM-XFORCE, Looking Glass, URLSCAN, Threatstream etc.
EDUCATION
University of Buea, Cameroon: Bachelor’s Degree in Computer Science
CERTIFICATIONS
CompTIA Security+
CompTIA CYSA+ In progress
Splunk Fundamental 1
Contact this candidate