Francis Forgha Azongwa

Wichita, Kansas *****

Cell: 310-***-****

adurqx@r.postjobfree.com

Profile

Security professional seeking a position as a security Information Assurance Analyst, SOC Analyst and other security related positions. About 6 years of Cybersecurity and Information Assurance experience, security concepts, project development and management. Concentrations on enterprise Security Risk Management with in-depth knowledge in, implementing and auditing Information Systems using NIST RMF. Provide security solutions for Data and Networks of DoD Information Assurance 8570 including, FISMA, NIST, FedRAMP,knowledge of cloud computing and network protocols. Core skill

LogRhythm admin Splunk admin Malware Analysis/Endpoint Security Incident Response/Cyber Threat Intelligence Network Security Protocols/TCP/IP Splunk CrowdStrike Nessus O365

Snort/Firepower/FireEye/ Jira/ServiceNow McAfee/Bluecoat/FireEye Palo Alto/Cisco IronPort Linux/Windows/ Active Directory ServiceNow/Confluence Microsoft Office 356/SharePoint/OneDrive Virus Total Domain Tools, IP/URL void, IBM X-Force Any. Run/Threat Grid Sandbox Cloud Computing Authorization-To-Operate (ATO) Process PO&AM Management Risk Management Security Assessment & Authorization Microsoft Office Information Assurance System Risk Assessment System Development Analysis and reporting Meticulous attention to detail

Team player mentality

Professional Experience

Information Security Analyst

November 2020 – September 2022

Novacoast Inc, Wichita, Kansas

• Work as part of a growing team, to disseminate information to others – which makes us continually improve

• Ensure the analyst team is providing excellent customer service and support

• Influence and improve upon existing processes through innovation and operational change

• Evaluate existing technical capabilities and systems and identify opportunities for improvement

• Interpret information provided by tools to form a sound hypothesis regarding the root cause of an event

• Perform incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts

• Creates new ways to solve existing production security issues

• Research and test new security tools/products and make recommendations of tools to be implemented in the environment

• Observe security solutions; SIEMs, firewall appliances, intrusion prevention systems, data loss prevention systems, analysis tools, log aggregation tools

• Technical analysis of network activity, monitors and evaluates network flow

• Provide real-time guidance to customers on network configuration, security settings and policies, and attack mitigation procedures

• Provide real-time guidance to clients on network configuration, security settings and policies, and attack mitigation procedures

• Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics

• Analyze network flow data for anomalies and detect malicious network activity

• Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall, functions

• Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident

• Document all activities during an incident and providing leadership with status updates during the life cycle of the incident

• Document all activities during an incident and provide support with status updates during the life cycle of the incident

• Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident

• Provide information regarding intrusion events, security incidents, and other threat indications and warning information

SOC Information Security Analyst

September 2016 - March 2018

Annelise – Zane Global Solutions LLC

• Working in a 24x7 Security Operations Center

• Continuous monitoring and interpretation of threats using the IDS and SIEM

• Using Vulnerability Assessment tools such as Nessus to perform scheduled and manual scans as required

• Investigating malicious phishing emails, domains and IPs using Open-Source tools and recommending proper blocking based on analysis

• Rescanning mitigated systems for further infections using CrowdStrike and Symantec AV and commissioning systems back to the network

• Researching new and evolving threats and vulnerabilities with potential to impact the monitored environment

• Conducting log analysis using Splunk

• Identifying suspicious/malicious activities or codes

• Monitoring and analyzing security events to determine intrusion and malicious events.

• Searching firewall, email, web, or DNS logs to identify and mitigate intrusion attempts.

• Investigating VPN alerts and following up with users to determine legitimacy of such activity

• Investigating possible brute-force attempts and followed up with mitigation strategies based on user feedback

• Creating, tracking, and working to resolution normal and standard job-related change Requests

• Analyzing and resolve DLP alerts from McAfee DLP Manager and FireEye Smart vision and escalating cyber privacy incidents to the Privacy Team.

• Working incidents from initial assignment to final resolution.

• Investigating, analyzing, and processing retroactive and reported phishing email alerts from IronPort while following standard operating procedures. Use O365 Threat Explorer to analyze, scope and determine the recipients of the phishing emails within the company.

• Evaluating and processing Web Site Review Requests from internal users to access blocked websites using organization policies and OSINT tools.

• Assisting in building SOPs as needed or directed to facilitate SOC operations and processes

• Fully documenting assigned tickets to show all work performed and attach the required artifacts to pass SLRs

• Assisting with the creation of the daily SOC reports and shift reports and pass down emails and tickets to the incoming shift team

• Investigating traffic to suspicious domains and IPs and submitted a block to the NOC per the investigation results

• Security review of encryption policies, sensor policies for IDS/IPS, Firewalls, web security gateway, logging

• Detects the full spectrum of known cyber-attacks (e.g., DDoS, malware, phishing, ransomware & others) along with any security and compliance violations

• Collaborated in teams of technical and non-technical experts

• Experience in working with security guides, procedures, policies, methodologies, frameworks, and standards such as ISO/IEC 27001, NIST 800 series, FISMA, DISA IA Policy

• Heavily involved with incident response, and resolving issues related to compromised systems, phishing, data loss, PII, and intrusion analysis

• Capability to effectively multi-task, prioritize work, and handle competing interests

• Vulnerability assessment from scanning to remediation using tools like Nessus and Qualys and implementing Central tracking and management of enterprise vulnerabilities.

• Keep current with vulnerabilities, attacks, and countermeasures as well as devoting time to research and development activities

• Implement processes and manage tools used to identify vulnerabilities and track their remediation within the GM environment

• Drafted various policies and procedures

• Ensured compliance of Information Technology Security Policies and utilized vulnerability tools

• Fostered security-focused tools and training programs

• Identified and recommended solutions for various risks and security issues

• Maintained regulatory requirements

• Managed and facilitated information security related projects

• Moderated workshops and interviewed key stakeholders to determine technical threats and risk

• Monitored compliance with organization's information security policies and procedures

• Participated in tier 2/3 security operations support

• Planned security standards/compliance assessment projects based on a standardized offer and adapted to specific needs of our customers.

Education

● Bachelor’s in marketing – University of Buea, Cameroon

● Diploma in Computer Application Paul’s Computer, Bamenda, Cameroon Certifications

CompTIA Security+

Cysa+ in progress

Contact this candidate