Fabris Mbah, US Army Vet
Email: adxz15@r.postjobfree.com Tel: 214-***-****
EXPERIENCE SUMMARY:
Experienced SOC Analyst with an active Secret Clearance and about 4 years of experience in investigating and preventing network, host, and email-based attacks. Assisted in analyzing malware, incident response, data loss prevention and improving SOC processes by utilizing top industry security solutions. Highly organized, proactive and punctual with team-oriented mentality.
EDUCATION
University of Buea
Bachelor of Science, Information Technology
CERTIFICATIONS
CompTIA Security+
DOD Certs:
Safe Home Computing Course May 4, 2020
Cyber awareness challenge 2020
Personal Identifiable Information (PII) v3.0. May 2020
Portable Electronic Devices and removable storage media v2.0. May 2020
Thumb Drive Awareness Virtual Training Course. May 2020
Phishing Awareness v4. May 2020
Level I Antiterrorism Awareness Training. April 2020
SKILLS
Malware Analysis/Endpoint Security Incident Response/Cyber Threat Intelligence Network Security Protocols/TCP/IP Splunk SOAR/Demisto Snort/Firepower/FireEye/Crowdstrike/Carbon Black Jira/ServiceNow McAfee/Bluecoat/FireEye Palo Alto/Proof Point Cisco IronPort Linux/Windows/ Active Directory ServiceNow/Confluence Microsoft Office 356/Sharepoint/OneDrive VirusTotal DomainTools, IP/URL void, IBM X-Force Any.run/ThreatGrid Sandbox CyberChef URL encoding/decoding Nessus Tenable Cisco Umbrella/ Forcepoint
PROFESSIONAL EXPERIENCE:
Pitch Tech Consulting Dallas, TX
Security Operation Center (SOC) Analyst January 2019 to Present
Providing 24/7/365 real-time monitoring of security tools, dashboards, and email alerts.
Reporting security incidents using ServiceNow ticketing system for events that become a declared incident and require Tier 3 Incident Response review.
Performing triage on alerts by determining their criticality and scope of impact.
Investigating, analyzing, and processing endpoint alerts using SIEM tools; CISCO Firepower, FireEye HX, Symantec End Point Protection, Crowd-strike, Splunk Enterprise Security (Splunk ES) and OSINT tools.
Triaging and investigating alerts coming from cloud endpoints such as CloudTrail and GuardDuty.
Reviewing and collecting asset data; indicators of compromise, logs, configurations and running processes, on these systems for further investigation and reporting.
Involved in planning and implementing preventative security measures and in building incident response and disaster recovery plans.
Investigating, analyzing, and processing retroactive and reported phishing email alerts from IronPort while following standard operating procedures. Use O365 Threat Explorer to analyze, scope and determine the recipients of the phishing emails within the company.
Evaluating and processing Web Site Review Requests from internal users to access blocked websites using OSINT tools.
Analyzing and resolve DLP alerts from McAfee DLP Manager and Splunk Enterprise Security (Splunk ES) and Escalate cyber privacy incidents to the Privacy Team.
Working incidents from initial assignment to final resolution.
Assisting in building SOPs as needed or directed to facilitate SOC operations and processes
Fully documenting assigned tickets to show all work performed and attach the required artifacts in order to pass Security Lifecycle Review (SLR)
Monitoring the health of security devices and syslog instances and responding to anomalies as defined in the SOP
Performing email-based investigation and successfully containing phishing emails and potential email account takeovers
Performing threat intelligence including open-source investigations to identify current attacks that may target the client’s industry
Providing support in identifying malicious network activity, threats impacting network operations and developing appropriate countermeasures, eliminating network threats and vulnerabilities
Investigating alerts and performed searches on Splunk SIEM
Investigating phishing alerts up until containment and eradication.
Performing risk analyses to identify appropriate security countermeasures.
Establishing company-wide security best practices and protocols to mitigate risk of data breach.
Maintaining data management and storage systems to protect data from compromise.
Developing team communications and information for meetings
Participating in continuous improvement by generating suggestions, engaging in problem-solving activities to support teamwork
Assisting in performing Root Cause Analysis (RCA) and make preventative recommendations for incidents and events
Recognizing potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools
Creating, tracking, and working to resolution Normal and Standard job-related Change Requests
Assisting with the creation of the daily SOC report and Shift reports and pass down emails to the incoming shift members
Participating in daily security meetings with team members and customer teams
U.S Army, Fort Sill, Ok
IT Support Specialist September 2017 – February 2021
Resolved complex technical issues that arose on client computer using troubleshooting
Effectively made recommendations to IT users on selection of hardware and software
Successfully administered user accounts, Exchange mailboxes, and security and distribution
Installed and maintained Windows and desktop software, service packs, patches, and anti- virus updates.
Managed assets inventory and deployed desktop images to end users.
Worked directly with HR dealing with New Hire Onboarding Process and trained
Decreased laptop rollout deployment times by 50% by creating, documenting, and implementing updated load set for Windows 7 and Office 2010.
Diagnosed, troubleshoot and resolved a range of software, hardware and connectivity issues. Excel in asking probing questions and researching, analyzing and rectifying problems
Assisted in determining requirements and developing plans to ensure smooth installation and documentation of new software and applications
Performed analysis/troubleshooting of pcs peripheral devices including printers
Performed scans on PCs ensuring network devices are 100% compliant with latest security patches
Scheduled, tracked and deployed Windows 7 to over 250 desktops for employees on the network
Performed capture and restore of users profiles using Microsoft System Configuration Management (SCCM)
Installed software applications manually and through SCCM on desktops
Created a developing knowledge base of common user issues, descriptions and resolutions
Repaired computers, laptops, and networks, with knowledge of all the hardware and software involved in a dormitory environment
Participated in revolving on-call schedule to provide 24/7 service to users
Troubleshoot various technical issues dealing with printers, network, and phone systems
Worked with third party vendors to resolve issues with hardware or software covered by annual maintenance agreements.
Managed laptop and MacBook inventory and assisted in procuring new hardware, software and related supplies
Provided support in setting up audio and visual technology for conferences and meetings.