Soc Analyst Security

Page * of *

NKENGASONG GABRIEL KUNJU

Tel: 256-***-****

Tel: 514-***-****

*** ***** ******, **********, ******* 35811

*****************@**********.***

Objective

Technical Expertise

Experienced SOC Analyst with great experience working network, endpoint, and phishing investigations. Ability to perform Intrusion Detection, Vulnerability Assessment, Incident Response, and strategies needed to safeguard highly sensitive systems, data, and communications resources. Self-motivated and goal-oriented cyber security professional, with a demonstrated ability to handle complex responsibilities in a demanding environment. Skills:

Ability to multitask, Ability to work under pressure, Attention to detail, Creative, Excellent work ethic, Professional, Reliable, Strong interpersonal skills. Strong leadership skills, Exceptional workflow management, Security Guard License, Conflict resolution techniques

Technologies and Tools

SIEM: Splunk SIEM Tool

EDR: Crowdstrike, Cisco AMP, McAfee Endpoint Protection (ePO WAF: F5 ASM, Cisco Umbrella (Web gateway), McAfee Web Gateway Email Threat protection: Proofpoint

Ticketing System: Service Now, SOAR.

Other Tools: Strike Ready, Tenable Nessus, Netskope, FireEye Nx, Cisco SourceFire, McAfee DLP, Google DLP, NGF (New generation Firewall Fortinet, Palo Alto, Firepower) Symantec Endpoint, Wireshark, Nmap, OSINT, IAM, nslookup, Traceroute, Rapid7, Burp Suite. Qualys, Panorama. MS office (Word, PowerPoint, Excel, Access, Outlook), TCP/IP, SIEM, DDOS, DOS, IDS/IPS/ Network security, cyber kill chain/MITRE attack, DLP analysis, Phishing email analysis, Endpoint security, ports, SSO technology, protocols IPS, Firewall Logs, iOS, and Windows OS, Active Directory. Page 2 of 3

Professional Experience

Transamerica insurance company 03/2019 to 02/2023. Cyber Security Analyst/ SOC Analyst L2

• Threat Hunting.

• Threat Analyst.

• Expert in using Splunk to monitor, Searching, and Analyzing machine generated data.

• Investigating Incident escalated by SOC L1

• Analyzing Logs from Splunk and other SEIM tools.

• Handle brute force attacks, password spraying, and privilege escalation.

• Conduct malware analysis.

• Analyzing phishing email incidents.

• Developing and revising incident playbooks.

• Analyze and report different policies violation.

• Perform the site review request to prevent users from accessing malicious websites.

• Analyze the traffic on various ports and protocols (HTTP, HTTPS, SSH, DNS, SMTP, etc).

• Accurately identify and escalate DLP events based on the sensitivity of data types.

• Understand and follow established data protection incident response playbooks.

• Identify opportunities to improve existing monitoring and response processes.

• Contribute to the development of new incident response playbooks.

• Train Juniors SOC analysts and help them during the onboarding process. Activation specialist Rogers Telecommunication. 03/2012 to 02/2019 Security Analyst 1

• Monitoring Security alerts generated by SIEM.

• Analyzing SIEM alerts by following runbooks and using various tools.

• Generating tickets for validating incidents to SOC L2

• Assist in identifying Root Causes of incidents and follow-up with SMEs for incident closure.

• Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.

• Assist the team lead in generating weekly reports.

• Documentation of alerts.

• Experience in working with security guides, procedures, policies, methodologies, frameworks,

• Experience with Malware Protection software and IDS/IPS tools, cyber kill chain/MITRE attack DLP analysis, Phishing email analysis, Endpoint security, ports, protocols IPs.

• Firewalls, Intrusion Detection/Prevention Systems (Snort, Bro, McAfee IPS, Sourcefire), Proxies, WAF (F5 ASM, McAfee Web Gateway).

Page 3 of 3

• Performing Disaster Recovery Planning, Cloud Computing, and Virtualization.

• Provide real-time guidance to clients on network configuration, security settings, policies, and attack mitigation procedures.

• Analyze network flow data for anomalies and detect malicious network activity.

• Incident Response, Investigation, and escalation

• Availability for rotating on-call shifts, and self-starter.

• Capability to effectively multi-task, and strong customer service.

• Prioritize work and handle competing interests.

• Good analytical and logical skills, Problem-solving.

• Conduct site review requests.

Education

Bachelor of Applied Science University of Maryland College Park, 2023 Master of Arts: Centre Européen de recherche internationals et strategies (belguim) May 2012

Bachelor of sciences: University of Dschang - July 2002 Certifications

CompTIA Security+ Ce Certification (SYO 601) CompTIA CISSP. In progress

Languages

Fluent in oral and written English and French

Contact this candidate