Security Operations Risk Management
Resume:
Arezoo Ghobadi 571-***-**** ******.*******@*****.***
Linked.com/in/arezoo-ghobadi/
Security Operations & Information Analyst
Team Collaborator Cyber Threat Hunting Critical Thinker
CORE COMPETENCIES
Risk Management & Assessment
Threat Detection
Vulnerability Assessment
Incident Response & Management
Security Operations Expertise
Security Infrastructure Knowledge
Security & Event Detection
Documentation & Reporting
Technical Problem Solver
CERTIFICATIONS
CompTIA Sec+; Armis Cyber Defense Core; Splunk Core Power User; ISC2 CC; Proof Point Certified Email Authentication, AWS Cloud Practitioner Certification.
TECHNOLOGY TOOLS
Productivity & Collaboration: MS Office (Word, Excel, Outlook, PowerPoint); Zoom
Open-Source Intelligence Techniques (OSINT) Tools: VirusTotal; Joe Sandbox; & IBM X-Force
Cybersecurity: Splunk Enterprise Security; IBM Qradar (SIEM); CrowdStrike Falcon; SentinelOne (EDR); Proofpoint; Jira; OSI Model, TCP/IP networking; IPS/IDS; DNS; Firewall; VPN; PeStudio; VirusTotal; AnyRun; MX Toolbox; Tenable.io; Nessus; Armis; AbuseIPDB; URLscan.io; Joe Sandbox; & Linux command line (basic)
Frameworks: OWASP; MITRE ATT&CK; Cyber Kill Chain; & SANS
SECURITY ANALYSIS & SECURITY OPERATIONS EXPERIENCE
Security Operations Center (SOC) Analyst, Cybernow Labs, Sterling, VA Jan 2023 – Present
Provide meticulous security analysis using expertise in monitoring and managing security alerts and events and Security Information and Event Management (SIEM) systems to detect and analyze potential real-time security incidents. Strong understanding of INFOSEC best practices around confidentiality, integrity, and availability. Use deep knowledge of operating systems, network protocols, firewalls, routers, and other security infrastructure to monitor, detect, protect, and respond to security threats effectively.
Work in a dynamic SOC center continuously monitoring, investigating, and analyzing security events and incidents using Splunk and generating effective solutions to mitigate risks and protect Cybernow’s data.
Safeguard organizational assets by mitigating cyber threats through the use and maintenance of software such as firewalls and data encryption programs, diligently protecting sensitive information.
Enhance organizational security by conducting skillful risk assessments, developing security protocols, and implementing robust defense strategies, significantly reducing vulnerability to threats.
Track and contain malicious activity using endpoint tools like CrowdStrike and SentinelOne, effectively identifying potential threats and vulnerabilities.
Understand compliance and contribute to a strong security strategy, protecting information systems in accordance with ISO and HIPAA frameworks.
Perform advanced technical problem-solving and in-depth analyses of security events and incidents, effectively identifying and mitigating potential threats and vulnerabilities.
Utilize advanced threat intelligence and EDR / XDR solutions such as CrowdStrike and SentinelOne to proactively identify and mitigate potential security risks.
Analyze security data using strong analytical skills and tools like SPL queries and Splunk knowledge objects to identify incidents, threats, and vulnerabilities, providing comprehensive insights and visualizations.
Stay updated on security threats and trends by taking courses, obtaining certifications, and sharing knowledge to enhance team skills and expertise, demonstrating a commitment to continuous learning.
Use OSINT techniques to detect and prevent signs of compromise in systems, employing tools such as VirusTotal, Joe Sandbox, and IBM X-Force.
Document findings and remediation steps in Jira tickets with keen attention to detail, providing detailed recommendations for the remediation of identified vulnerabilities.
Deliver consistent results in safeguarding organizational assets and mitigating cyber threats using and maintaining software, such as firewalls and data encryption programs, to protect sensitive information.
IT Security Awareness Trainer, Idea Pardazan, Teh, Iran Aug 2014 – Sep 2017
Developed and delivered a comprehensive security awareness training program for non-technical users and customers, focusing on recognizing and thwarting phishing attempts, smishing, and other social engineering tactics. Educated participants on differentiating between various cyber-attacks and emphasized the importance of avoiding links and attachments from untrusted sources.
Effectively collaborated with the SOC team, leveraging teamwork and relationship management skills to structure information and stay informed about emerging security threats impacting the organization.
Security Operations Center Analyst, Istasaze Tamjid, Teh, Iran Sep 2017 – Sep 2019
Utilized Splunk to monitor, investigate, and analyze security events and incidents across the organization's network infrastructure in real time, analyzing log data and other sources to understand the scope. Collaborated closely with other members of the SOC team, IT, and cybersecurity personnel to coordinate response efforts. Maintained a high level of efficiency and productivity to facilitate fast-paced operations.
Kept up-to-date knowledge of best practices and new technology trends, demonstrating a commitment to ongoing education and professional development.
Accurately prepared and delivered reports on security incidents, trends, and performance metrics to management and stakeholders.
MANAGEMENT & CUSTOMER SERVICE EXPERIENCE
Pharmacy Technician, Giant Pharmacy, Sterling, VA Jan 2020 – Present
Assist in filling prescriptions, provide excellent customer service, and answer phone calls while protecting customer privacy. Adept at ensuring medication accuracy, safety, and compliance with regulatory standards. Display a high level of organization and productivity in a busy, client-focused environment.
Workshop Manager, School of Art, Tehran, Iran Oct 1999 – Sep 2018
Led a team of 60+ students and four instructors, managing budgets, resources, and schedules. Coordinated class schedules, faculty assignments, and student enrollments. Updated curricula with faculty, aligned with educational standards and industry trends, and facilitated engagement with instructors and professionals.
EDUCATION & TRAINING
Associates of Applied Science, Cybersecurity, NVCC, Sterling, VA
Relevant Coursework: Intro, to Computer Applications and Concepts, Introduction to Telecommunications, Software Design, Network Security Basic
Credits Completed: 12 / 40
Master of Art, Education, Azad University, Teh, Iran
Bachelor of Arts, Psychology, Azad University, Teh, Iran
Contact this candidate