Cyber Security Analyst
Resume:
Shumaila S.
********.****@*****.***
Professional Summary
As an IT Professional who has worked as a Cyber Security Analyst for the past six years, I have gained a wealth of knowledge and expertise in the areas of identifying and mitigating cyber security threats. My technical abilities are well-honed, and include conducting and implementing security protocols, and analyzing network traffic in order to quickly detect and respond to security incidents. I am also skilled in performing risk assessments, creating and enforcing security policies, and educating end-users on best practices for information security. I am proud of my record of success with past projects and am committed to staying up-to-date with the latest industry developments. I am confident that my experience and dedication make me a valuable addition to any organization seeking a skilled and committed Cyber Security Analyst.
Technical Competencies
TrendMicro MS Defender Vade Secure ThreatSpike
M365 Azure CarbonBlack CrowdStrike ProofPoint (Trap/ Tap/ Pod/ CASB)
Cortex XDR/ Palo Alto Sentinel Vectra QRadar
XSOAR IronPort Tanium CryoServer
Recorded Future SharePoint Confluence Heat / Remedy/ JIRA/ ServiceNow
Technical Certifications
CompTIA Security+ CE 2023
Information Technology Infrastructure Library, Version 3 Certified. (ITIL V3) 2015
Education
Bachelors of Science 2007
Jinnah University
Professional Experience
Worldwide Flight Services (WFS) 10/2020- Present
Cybersecurity Analyst
Monitor SIEM (Security Information and Event Management) and other security tools for detecting and responding to security incidents.
Conduct detailed analysis of security events from various sources to identify indicators of compromise (IOCs) and determine the extent of potential threats.
Investigate alerts generated by security systems, performing triage and escalating confirmed incidents to appropriate teams for resolution.
Perform threat hunting activities using threat intelligence sources and proactive searching techniques to detect advanced threats.
Collaborate closely with MSSP analysts to validate incidents, review investigations, and ensure timely incident response.
Monitor and analyze security events and alerts generated by Cortex XDR and Splunk to identify potential threats and incidents.
Perform incident response and investigation workflows using Cortex XDR, ensuring timely containment, eradication, and recovery from security incidents.
Develop and manage automated playbooks in XSOAR to streamline and enhance SOC processes, including phishing analysis and threat hunting.Collaborate with customers regularly to evaluate and enhance their Cybersecurity Governance, Risk, and Compliance (GRC) programs.
Provide ongoing reports and feedback to the SOC Manager to identify opportunities for improving Cybersecurity GRC services and aligning them with customer needs.
Analyze and respond to phishing attempts and other email-based threats through email security tools.
Monitor and manage security incidents through to resolution, documenting actions taken and lessons learned.
Lead oversight of the Managed Security Services Provider (MSSP) managing 24x7 Global Threat Hunting & Incident Response Processes, including Managed Detection & Response (MDR) services.
Maintain extensive operational knowledge of WFS IT environments and security mechanisms.
Configure Security Tools, Platforms, and Processes to optimize performance.
Translate WFS security requirements into ISMS Policies & Controls for internal implementation.
Delegate basic security checks and daily/low-level remediations to local IT teams.
Coordinate with global IT teams to execute complementary steps during and after security alerts.
Proactively identify and mitigate threats across the organization, deploying countermeasures as needed, and escalating issues for further resolution.
Provide operational input to security projects and initiatives.
Identify gaps and vulnerabilities in current security measures and processes, documenting them in improvement plans.
Gather feedback and insights from business units, IT teams, MSSP, and past incidents/pen-tests to enhance cybersecurity strategies.
Ensure timely application of critical security patches by coordinating with WFS IT teams worldwide.
Manage endpoint security solutions for servers and workstations, optimizing alerts, minimizing false positives, and generating comprehensive reports.
Stay informed about the latest threats, security trends, and Threat Intelligence Feeds to prioritize security efforts effectively.
Participate in major security projects such as proxy replacements and cloud security implementations.
Collect relevant KPIs to measure cybersecurity effectiveness and operational efficiency.
Collaborate with the CISO to provide inputs for Risk Management and Information Security Strategy.
Perform administrative tasks as needed, including accessing file cabinets and office machinery.
LVMH. 12/2017- 10/2020
SOC Analyst
Respond to security incidents, perform triage and escalation, analyze threat data, and recommend remediation actions.
Conduct proactive security monitoring to detect and analyze security events, vulnerabilities, and threats across the LVMH’s network and systems.
Conduct vulnerability assessments, identify and analyze vulnerabilities, and recommend remediation strategies.
Manage security operations, monitor security systems and tools, and ensure compliance with security policies and procedures.
Work with the security architecture team to design and implement security controls, solutions, and technologies.
Ensure compliance with regulatory and industry standards such as NIST, FISMA, and PCI.
Prepare and submit incident reports and security briefings to senior management and other stakeholders.
Help with creating security awareness training to employees, contractors, and other stakeholders to improve security awareness and reduce security risks.
Collaborate with other teams such as network engineering, application development, and system administration to ensure security best practices are integrated into all aspects of LVMH’s IT environment.
Monitor and analyze security events and alerts from multiple sources, including security information and event management (SIEM) software, network and host-based intrusion detection systems, firewall logs, and system logs (Windows, Linux, and Unix), and databases.
Separate true threats from false positives using network and log analysis and escalate possible intrusions.
Maintain a strong awareness of the current threat landscape
Track and document cyber defense incidents from initial detection through final resolution.
Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness).
Gather and analyze information for defining requirements, specifications and issues to support the development of new policies, standards and procedures or update existing ones.
Provide clear updates to management on security incidents; Investigate, document, and report on forensic investigations
Proficient in reporting and answering analytical questions using vulnerability data
References
Available Upon Request
Contact this candidate