Active Directory Social Media
Resume:
KOFI ASANTE
SOC Security Analyst
*************@*****.***
*** ********* ****** ********* **, 21703
Security Analyst with vast knowledge and experience with Security information technologies such as Splunk as SIEM to correlate logs from IPS, IDS, New Generation Firewall, Proxy to investigate network alerts or events. Searched an indexed logs from Splunk to investigate alerts and determine if the alerts are true positive or false positive. Extremely careful with OSINT tools not to spill sensitive information. The CIA triad are great SOC Analyst foundation I’m always considering.
MONITORING TOOLS: Splunk, FireEye NX, McAfee DLP Manager, Mimecast, Microsoft Azure, Crowdstrike, OSINT Framework Tools, Linux and Windows OS, Wireshark, ServiceNow
PROFESSIONAL EXPERIENCE:
●Network IOC’s investigation based on cyber kill chain
●TCP/IP, UDP, DNS, Telnet, SMTP and FTP Protocols, 3-way Handshake
●Familiar with Next- generation firewall that perform IPS function
●FireEye NX detecting and immediately stopping advanced, targeted, evasive attacks through the monitored network traffic
●Ensure the integrity and protection of networks by technical enforcement of organizational security policies through monitoring of vulnerability scanning device
●Nmap host discovery on the network, Such as Routers, Switches
●Able to identify Application IOC during an investigation
●Familiar with MITRE ATT&CK framework
●Familiar with users or application, processes connecting to network
●Familiar with network traffic volume, number of connections.
●Familiar with attachments, domains, source IPs source email Address
●Able to analyze email Header, sender’s email, the subject, SPF, DKIM and DMARC values
●Familiar with static malware analysis
●Endpoint detection and response (EDR) tool such as crowdstrike to investigate security alerts about malicious processes
●Familiar with dynamic malware analysis through Joe sandbox
●Familiar with endpoint IOC’s investigation based on cyber kill chain
●Familiar with Domains or URL
●Familiar with malware Analysis
●Familiar with powershell Script and Commands
●Familiar with auto run processes, exploitation and installation processes
●Familiar with malware scans through Malwarebytes
EMPLOYMENT
SOC Analyst
NET100 LTD, Virginia, 2021- current
●Conduct active monitoring, investigation and mitigation of security incidents on the endpoint, network or application.
●Analyze security alerts based on the network logs at firewall or SIEM to assess if that’s true positive or false positive
●Stayed current on the threat landscape through cyber security news
●Removed malware on infected endpoints through Malwarebytes product
●Performed static malware analysis on endpoint
●Performed dynamic malware analysis through Joe sandbox
●Search firewall, email, web or DNS logs to identify IOC and then mitigate
●Investigated phishing email headers SPF, DMARC DKIM values for spoofing
●Analyze the contend of email for malicious executables
●Rescan mitigated systems for further infections, if none commission systems back to network
●Search Splunk for correlated logs for analysis
●Identify suspicious/malicious activities or codes
●Verify file integrity through its hash
●Killed evil running processes through process hacker OR Crowdstrike
Help Desk Support
NET100 LTD, Virginia 2019-2021
●Added new users in Active Directory
●Added new users to group in Active Directory
●Deleted users in Active directory
●Reset user password
●Block users from accessing Social Media Sites
●Gave users access to files that pertains to their roles
●Resolve printer issues
●Resolve network connectivity issues
●Help user login
●Restated files users mistakenly deleted
●Sped up slow running machines
●Remove virus from users machine
●Helped user turned on their machine
EDUCATION
B.Sc. in computer science at the university of Buea Cameroon
June 15, 2010
CERTIFICATIONS
CompTIA Security+
Contact this candidate