Security Analyst Vulnerability Management
Resume:
Security Analyst/ SOC Analyst
YVES NOUNEMI TCHATCHOUANG
Mobile Phone: +1-240-***-****
Email: ********@*****.***
Immigration Status: Resident Permanent
LinkedIn Profile Link – Yves NOUNEMI TCHATCHOUANG
Washington DC, Baltimore Area
OBJECTIVE
Security Analyst with 3 years of professional experience and comprehensive skills in cyber defense activities. Proactively identifies network vulnerabilities through penetration testing, vulnerability scans, and vulnerability assessment reports. Recovers the network and implements an incident response plan. I am currently looking for an organization where I could bring my expertise through different defense tools and techniques. I- CERTIFICATIONS AND EDUCATION
A- CERTIFICATIONS
CompTIA Security Analytics Professional – CSAP
o CompTIA CySA+.
o CompTIA Security+.
Equivalent CompTIA Network+
Qualys Certified Specialist:
o File Integrity Monitoring
o Custom Assessment and Remediation
o CyberSecurity Asset Management
o Endpoint Detection and Response
o Scanning Strategies and Best Practices
o Vulnerability Management Detection and Response
Splunk Certificate of completion
o Introduction to Splunk (eLearning)
o Understanding Threats and Attacks (eLearning)
o The Cybersecurity Landscape (eLearning)
o Security Operations and Defense Analyst
B- EDUCATION
University of Yaounde no degree
Hight School Diploma
II- CORE TOOLS AND SKILLS
A- CORE TOOLS
Vulnerability Management Tools
• Qualys: Comprehensive vulnerability management, compliance, and threat protection.
• Nessus: A popular vulnerability scanner for identifying potential threats.
• Rapid7 InsightVM: Provides real-time vulnerability management and analytics.
• Tenable.io: Cloud-based vulnerability management platform. Patch Management Tools
• Ivanti Patch for Windows: Automated patch management for Windows environments.
• ManageEngine Patch Manager Plus: Multi-platform patch management solution.
• SolarWinds Patch Manager: Centralized patch management for Microsoft products and third-party applications. Web Application Security Tools
• Burp Suite: Comprehensive tool for web application security testing.
• Acunetix: Automated web vulnerability scanner.
• OWASP ZAP: Open-source tool for finding vulnerabilities in web applications.
• Palo alto: Test and categorize the website.
• Webroot Brightcloud (web reputation, web category and WhoIs informations).
• CyberChef: Provide a versatile and powerful web application for analyzing, manipulating, and converting data in various formats
Network Security Tools
• Wireshark: A network protocol analyzer that can capture and inspect packets sent over the network.
• Snort: Open-source network intrusion detection and prevention system.
• Cisco Firepower: Advanced threat protection for network security.
• NetworkMiner: A network forensics tool that can passively monitor network traffic and reconstruct files and sessions, making it easier to detect malicious activity.
• PRTG Network Monitor: Provides real-time monitoring and alerts for network health, ensuring optimal performance and availability of services.
• Maltego: OSINT, network mapping, investigation.
• Lansweeper: Network discovery, asset management.
• Nmap: Network discovery, vulnerability scanning.
• MxToolbox: Provide network diagnostic and lookup tools. Checking MX records, DNS diagnostics, blacklist monitoring, and more.
Endpoint Security Tools
• Symantec Endpoint Protection: Comprehensive endpoint security solution.
• CrowdStrike Falcon: Cloud-delivered endpoint protection.
• Microsoft Defender for Endpoint: Endpoint Detection and Response solution. SIEM (Security Information and Event Management) Tools
• Splunk: Advanced data analysis and SIEM capabilities.
• IBM QRadar: Security intelligence platform for detecting and responding to threats.
• ArcSight: Comprehensive SIEM solution for threat detection and response. Malware Sandboxes: Security Analysis Tools. These tools provide a secure environment to run and analyze suspicious files without risking the host system.
VirusTotal: Malware Scanning and Analysis Tool, VirusTotal is an online service that aggregates results from multiple antivirus engines and online scan tools.
Any.Run Interactive Malware Sandbox: Any.Run is an online interactive sandbox that allows real-time monitoring and interaction with malware.
Kali Linux: Penetration Testing Operating System / Security Toolset. Provides a complete platform for security testing and auditing.
Wildcards: Pattern Matching / Regular Expressions. Wildcards are special characters used in text searches to represent unknown or unspecified characters.
TheHarvester is an OSINT tool focused on gathering publicly available information about targets, typically used for reconnaissance during penetration testing engagements. ServiceNow: IT Service Management (ITSM) / Workflow Automation / Enterprise Service Management (ESM)A platform for automating IT service management, business workflows, and improving service delivery across departments.
B- SKILLS
Security Operations: Improve processes in security operations and differentiate between threat intelligence and threat hunting concepts; identify and analyze malicious activity using the appropriate tools and techniques.
Threat Detection and Analysis: Detect and analyze indicators of malicious activity using the most up-to-date methods and tools, such as threat intelligence, security information and event management (SIEM), endpoint detection and response (EDR), and extended detection and response (XDR).
Vulnerability Management: Implement and analyze vulnerability assessments, prioritize vulnerabilities and make recommendations on mitigating attacks and vulnerability response.
Incident Response and Management: Apply updated concepts of attack methodology frameworks, perform incident response activities and understand the incident management lifecycle.
Reporting and Communication: Apply communication best practices in vulnerability management and incident response as it relates to stakeholders, action plans, escalation and metrics.
• Email analyze SPF/DKIM/DMARC These are email authentication protocols designed to enhance email security and prevent spoofing and phishing attacks.
General Security Concepts: Understanding basic cybersecurity terminology and core concepts to create a common language for communication within the industry.
Threats, Vulnerabilities, and Mitigations: Being aware of common threats, attacks, and vulnerabilities, and knowing how to respond with appropriate mitigation techniques.
Security Architecture: Familiarity with different types of security architecture models and the principles of securing enterprise infrastructure.
Security Operations: Proficiency in day-to-day tasks like monitoring systems, finding vulnerabilities, hardening systems, and incident response.
Security Program Management and Oversight: Knowledge of security program management, including governance, risk management, and compliance.
Install a windows server and setup Active Directory and list privilege.
Setup a Remote Desktop Service.
Install IT equipment and operating systems and applications.
Strong knowledge and demonstrable experience of information security technologies and methods.
Knowledgeable with IP networks and network infrastructure experience.
Administering and managing a computer network.
Troubleshooting a computer network.
Microsoft Office Word, Excel, PowerPoint, Publisher and OneNote. III- EXPERIENCE
Security Analyst – Pani digital LLC – April 2023 – Present
Monitoring and Surveillance: Continuously monitor security systems, logs, and alerts to detect and respond to potential threats in real-time. I use Wireshark, NetworkMiner, PRTG Network Monitor.
Incident Response: Investigate security breaches and incidents, identify their root causes, and implement corrective measures to prevent future occurrences. To form this task, I use SolarWinds Security Event Manager, Splunk SOAR, CrowdStrike Falcon.
Vulnerability Management: Conduct regular vulnerability assessments and penetration testing to identify and remediate security weaknesses in systems and applications. I use Nessus, OpenVAS
Threat Analysis: Analyze security threats and vulnerabilities, staying up to date with the latest cybersecurity trends and threat intelligence. I use the tools like VirusTotal, Any.Run and Cuckoo Sandbox.
Security Policies and Procedures: Develop, implement, and enforce security policies, procedures, and best practices to protect sensitive information.
Collaboration: Work with other IT and security teams to ensure a cohesive and integrated approach to cybersecurity across the organization.
Documentation and Reporting: Maintain detailed records of security incidents, vulnerabilities, and response actions, and generate reports for management and stakeholders. IT Helpdesk Support at Teamer Computer 2015 – 2019
Technical Support: I Provided technical assistance and support to users experiencing IT-related issues, such as hardware malfunctions, software problems, and network connectivity issues.
Troubleshooting: I diagnosed and resolve technical problems by identifying the root cause and implementing appropriate solutions.
Incident Management: I log and manage incidents and service requests in a ticketing system, ensuring timely resolution and accurate documentation.
System Maintenance: I Performed routine maintenance on IT systems, including updates, patches, and backups, to ensure optimal performance and security.
Remote Support: I provided remote support to users who are not physically present, using remote desktop tools and other technologies.
Hardware and Software Installation: I Installed, configured, and maintained hardware and software components, ensuring compatibility and functionality.
Escalation: I escalated complex technical issues to higher-level support teams or specialists when necessary, ensuring prompt resolution.
Documentation: I Maintain detailed records of support requests, troubleshooting steps, and resolutions to create a knowledge base for future reference.
IV- REFERENCES
Available upon request.
V- LANGUAGES
English and French
Contact this candidate