Fabris Mbah, US Army Vet

Email: adxz15@r.postjobfree.com Tel: 214-***-****

EXPERIENCE SUMMARY:

Experienced SOC Analyst with an active Secret Clearance and about 4 years of experience in investigating and preventing network, host, and email-based attacks. Assisted in analyzing malware, incident response, data loss prevention and improving SOC processes by utilizing top industry security solutions. Highly organized, proactive and punctual with team-oriented mentality.

EDUCATION

University of Buea

Bachelor of Science, Information Technology

CERTIFICATIONS

CompTIA Security+

DOD Certs:

Safe Home Computing Course May 4, 2020

Cyber awareness challenge 2020

Personal Identifiable Information (PII) v3.0. May 2020

Portable Electronic Devices and removable storage media v2.0. May 2020

Thumb Drive Awareness Virtual Training Course. May 2020

Phishing Awareness v4. May 2020

Level I Antiterrorism Awareness Training. April 2020

SKILLS

Malware Analysis/Endpoint Security Incident Response/Cyber Threat Intelligence Network Security Protocols/TCP/IP Splunk SOAR/Demisto Snort/Firepower/FireEye/Crowdstrike/Carbon Black Jira/ServiceNow McAfee/Bluecoat/FireEye Palo Alto/Proof Point Cisco IronPort Linux/Windows/ Active Directory ServiceNow/Confluence Microsoft Office 356/Sharepoint/OneDrive VirusTotal DomainTools, IP/URL void, IBM X-Force Any.run/ThreatGrid Sandbox CyberChef URL encoding/decoding Nessus Tenable Cisco Umbrella/ Forcepoint

PROFESSIONAL EXPERIENCE:

Pitch Tech Consulting Dallas, TX

Security Operation Center (SOC) Analyst January 2019 to Present

Providing 24/7/365 real-time monitoring of security tools, dashboards, and email alerts.

Reporting security incidents using ServiceNow ticketing system for events that become a declared incident and require Tier 3 Incident Response review.

Performing triage on alerts by determining their criticality and scope of impact.

Investigating, analyzing, and processing endpoint alerts using SIEM tools; CISCO Firepower, FireEye HX, Symantec End Point Protection, Crowd-strike, Splunk Enterprise Security (Splunk ES) and OSINT tools.

Triaging and investigating alerts coming from cloud endpoints such as CloudTrail and GuardDuty.

Reviewing and collecting asset data; indicators of compromise, logs, configurations and running processes, on these systems for further investigation and reporting.

Involved in planning and implementing preventative security measures and in building incident response and disaster recovery plans.

Investigating, analyzing, and processing retroactive and reported phishing email alerts from IronPort while following standard operating procedures. Use O365 Threat Explorer to analyze, scope and determine the recipients of the phishing emails within the company.

Evaluating and processing Web Site Review Requests from internal users to access blocked websites using OSINT tools.

Analyzing and resolve DLP alerts from McAfee DLP Manager and Splunk Enterprise Security (Splunk ES) and Escalate cyber privacy incidents to the Privacy Team.

Working incidents from initial assignment to final resolution.

Assisting in building SOPs as needed or directed to facilitate SOC operations and processes

Fully documenting assigned tickets to show all work performed and attach the required artifacts in order to pass Security Lifecycle Review (SLR)

Monitoring the health of security devices and syslog instances and responding to anomalies as defined in the SOP

Performing email-based investigation and successfully containing phishing emails and potential email account takeovers

Performing threat intelligence including open-source investigations to identify current attacks that may target the client’s industry

Providing support in identifying malicious network activity, threats impacting network operations and developing appropriate countermeasures, eliminating network threats and vulnerabilities

Investigating alerts and performed searches on Splunk SIEM

Investigating phishing alerts up until containment and eradication.

Performing risk analyses to identify appropriate security countermeasures.

Establishing company-wide security best practices and protocols to mitigate risk of data breach.

Maintaining data management and storage systems to protect data from compromise.

Developing team communications and information for meetings

Participating in continuous improvement by generating suggestions, engaging in problem-solving activities to support teamwork

Assisting in performing Root Cause Analysis (RCA) and make preventative recommendations for incidents and events

Recognizing potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools

Creating, tracking, and working to resolution Normal and Standard job-related Change Requests

Assisting with the creation of the daily SOC report and Shift reports and pass down emails to the incoming shift members

Participating in daily security meetings with team members and customer teams

U.S Army, Fort Sill, Ok

IT Support Specialist September 2017 – February 2021

Resolved complex technical issues that arose on client computer using troubleshooting

Effectively made recommendations to IT users on selection of hardware and software

Successfully administered user accounts, Exchange mailboxes, and security and distribution

Installed and maintained Windows and desktop software, service packs, patches, and anti- virus updates.

Managed assets inventory and deployed desktop images to end users.

Worked directly with HR dealing with New Hire Onboarding Process and trained

Decreased laptop rollout deployment times by 50% by creating, documenting, and implementing updated load set for Windows 7 and Office 2010.

Diagnosed, troubleshoot and resolved a range of software, hardware and connectivity issues. Excel in asking probing questions and researching, analyzing and rectifying problems

Assisted in determining requirements and developing plans to ensure smooth installation and documentation of new software and applications

Performed analysis/troubleshooting of pcs peripheral devices including printers

Performed scans on PCs ensuring network devices are 100% compliant with latest security patches

Scheduled, tracked and deployed Windows 7 to over 250 desktops for employees on the network

Performed capture and restore of users profiles using Microsoft System Configuration Management (SCCM)

Installed software applications manually and through SCCM on desktops

Created a developing knowledge base of common user issues, descriptions and resolutions

Repaired computers, laptops, and networks, with knowledge of all the hardware and software involved in a dormitory environment

Participated in revolving on-call schedule to provide 24/7 service to users

Troubleshoot various technical issues dealing with printers, network, and phone systems

Worked with third party vendors to resolve issues with hardware or software covered by annual maintenance agreements.

Managed laptop and MacBook inventory and assisted in procuring new hardware, software and related supplies

Provided support in setting up audio and visual technology for conferences and meetings.

Contact this candidate