Cyber Security Analyst

MESGANA DESTA

Cybersecurity Analyst

************@*****.*** +1-301-***-**** Silver Spring, MD USA

WORK EXPERIENCE

Security Operations Center Analyst

Aon Corpration April 2022 - present

• Monitored and analyzed security events from SIEM, IDS/IPS systems, endpoint agents, etc. to identify threats and incidents in real-time.

• Provided 24 7 support for the Security Operations Center (SOC) by monitoring network activity using various tools such as Splunk, Arcsight, Solarwinds, etc.

• Analyzed and reported on security incidents, including malware attacks, phishing emails, spam messages and other threats to the company’s network

• Investigated alerts generated by SIEM or other security solutions to determine if an incident has occurred and escalated issues appropriately based on severity of impact.

• Assisted with Incident Response activities including malware analysis and remediation efforts when applicable.

• Participated in SOC maintenance tasks such as patching servers and workstations, software installation & upgrades, hardware replacement & repair, etc., as required to ensure optimal performance at all times. Cybersecurity Analyst

Raytheon Technologies (Space and Intelligence) June 2021 - June 2022

• Perform deep investigations for malicious activity across the network and digital assets

• Created and continuously improved standard operating procedures used by the SOC

• Perform hunting for malicious activity across the network and digital assets

• Create, manage, and dispatch incident tickets

• Established and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units

• Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment

• Analyzed threat intelligence (e.g. actors, tools, exploits, etc.) and determine techniques, tactics, and procedures (TTPs) of Threat Actors, including detailed technical analysis of the TTPs

• insider events/ data feeds for event detection, correlation from monitoring solutions, triage and classify the output using automated systems for further investigation Security Analyst

Tiber creek Consulting 2019 - May 2021

• Implemented network, cryptographic and endpoint security procedures and hardened network infrastructure to achieve Defense in Depth.

• Caught malware and threat actors faster by Performing Event / Log / packet analysis from different network devices such as Next Generation Firewalls, IDS and Syslog servers.

• Monitored and optimized SIEM Solution to aid in efficient correlation and triage activities.

• Communicated with cross functional teams to reach to the best solution during correlation of security incidents.

• Automated redundant tasks using python scripts to help the incident response team focus on other important tasks.

Jr. Security Analyst

Broadcom 11/ 2018 -08/ 2019

• Conducted vital vulnerability analysis, network and application penetration testing throughout all agency systems; avoided network downtime and minimized impact of attack vectors by 25%.

• Performed network traffic analysis using raw packet data from Azure Sentinel, Snort Intrusion Detection System (IDS), and custom sensor output from communication networks decreasing the time between infection, detection and resolution of threats by half.

• Partnered with senior security analysts in overseeing SIEM functions, ensuring accurate identification and categorization of infrastructure incidents and events, while designing and researching of SIEM use cases to strengthen monitoring potential.

I

SKILLS

Python Scripting TCP/IP

Malware Rule writing with YARA Layer 2 -7 analysis C Programming Windows /Linux Internals

Reverse Engineering Malware Active Directory, Azure Penetration Testing

SIEM (Splunk, Sumologic, Netwiteness)

EDUCATION

BSc in Cyber Security

UMUC October 2020

AAS in Cybersecurity

Montgomery College May 2017

SECURITY CERTIFICATIONS

SANS GSEC: GIAC SECURITY ESSENTIALS December 2018 to December 2022 SANS GCIH: GIAC CERTIFIED INCIDENT HANDLER February 2019 to February 2023 SANS GPEN: GIAC CERTIFIED NETWORK PENETRATION TESTER Expected Dec 2021

Contact this candidate