Post Job Free
Sign in

Incident Response Soc Analyst

Location:
Forney, TX
Posted:
June 14, 2025

Contact this candidate

Resume:

Paul Ngaibe Wirngo

Forney Tx

Email: **********@*****.***

Phone Number: 331-***-****

PROFESSIONAL SUMMARY

An experienced SOC analyst with more than 4 years of experience performing SOC monitoring, Intrusion Detection, Threat, and Malware Analysis, and participating in the Security Incident Response process until remediation. Self-motivated and goal-oriented cyber security professional, with demonstrated ability to handle complex responsibilities in a demanding environment. A team player with good written and verbal communication. TECHNICAL SKILLS/TOOLS

Active Directory/Microsoft Office VirusTotal, DomainTools, IP/URLvoid, IBM X-Force Cyber Kill chain Mitre Att&ck TCP/IP VPN Palo alto Incident Response Malware analysis phishing email vulnerability management Tenable Triage IronPort O365 MX Toolbox FireEye Nessus any. run IBM X-Force Splunk ES Carbon Black Cisco Firepower URLvoid CrowdStrike

EDUCATION & CERTIFICATIONS

Bachelor’s degree in accounting National Polytechnic Institute of Bamenda, Cameroon CYSA+

AWS Certified Security – Specialty

SC-200 Microsoft Certified: Security Operations Analyst Associate y

.

EMPLOYMENT HISTORY

SOC Analyst

McAfee June 2020 – Present

• Consistently monitor and work on alerts generated.

• Assisting in creating new use cases and performing SOC testing

• Create and update SOC run books as required.

• Investigating attachments and links for embedded malware using FireEye ETP, IronPort, and ThreatGrid

• Client’s recommendations on how to resolve escalated issues securely.

• Training new employees on how to handle investigations and safely deal with phishing emails.

• Developing follow-up action plans to resolve reportable issues and communicating with other IT teams to address security threats and incidents accordingly.

• Escalating incidents to incident response analysts for further analysis.

• Responsible for monitoring the security of networks, websites, applications, databases, servers, data centers, and other infrastructures to protect them from cyber threats.

• Monitor and analyze network traffic, intrusion detection system (IDS), security events, and logs.

• Working with security operation center engineers to operate IDS/IPS, such as SNORT, to analyze and detect worms, vulnerabilities, and exploit attempts.

• Utilizing Security Information and Event Management (SIEM), Intrusion Detection and Prevention (IDS/IPS), and Data Leakage Prevention (DLP).

• Investigating, analyzing, and processing endpoint alerts using Splunk SIEM, Cisco Firepower, FireEye HX, Symantec Endpoint Protection, Crowd Strike, and OSINT tools.

• Appling incident handling processes, including preparation, identification, containment, eradication, and recovery to protect enterprise environments.

• Providing 24/7/365 real-time monitoring of security tools, dashboards, and email alerts.

• Blocking malicious domains, hashes, and IPs following the company’s Standard Operation Procedures.

• Using Splunk to search and analyze email logs to confirm that malicious emails were not delivered or quarantined and that malicious attachments were dropped.

• Reporting security incidents using the ServiceNow ticketing system for events that signal an incident and require Tier 3 or 2 Incident Response review.

• Investigated processes and resolved security email alerts from SIEM tools like FireEye and Source Fire.

• Coordinating with the CIRT team to investigate and resolve security incidents.

• Responding to computer incidents by collecting, analyzing, and preserving digital evidence and ensuring that incidents are recorded and tracked according to organizational SOC requirements.

• Staying current with vulnerabilities, attacks, and countermeasures.

• Prioritizing and differentiating between potential intrusion attempts or false alarms.

• Assisted with developing processes and procedures to improve incident response times, incident analysis, and overall, SOC functions.

• Trigging and investigating alerts from cloud endpoints such as Azure and AWS.

• Monitor security logs and alerts from various sources, including intrusion detection systems, Endpoint Detection and Response (EDR) systems, and security information and event management (SIEM) tools.

• Investigate and analyze security incidents, identify root causes, and develop appropriate mitigation strategies.

• Monitor security logs and alerts from various sources, including intrusion detection systems, Endpoint Detection and Response (EDR) systems, and security information and event management (SIEM) tools.

• Investigate and analyze security incidents, identify root causes, and develop appropriate mitigation strategies.

• Execute security response actions, including complete remote remediation of endpoints.

• Collaborate with cross-functional teams, including product, engineering, and support, to resolve customer incidents or issues.

• Mentor and provide guidance to junior security analysts, sharing knowledge and best practices.

• Conduct health checks and architecture reviews, using technical expertise and real-life experience to create solutions, designs, and recommendations.

• Demonstrated communication skills, including written documentation of troubleshooting and required responses.

• Proven ability to work in a fast-paced environment with strict SLAs for response time.

• Identification of attacker tools, tactics, and procedures (TTPs).

• Security data analysis from a variety of sources and tools.

• Network traffic analysis.

• Understanding network security, cloud security, encryption, logging and monitoring, authentication, authorization, DLP, etc.

• Experience with network security and networking technologies and system, security, and network monitoring tools.

• Thorough understanding of the latest security principles, techniques, and protocols

• Evaluated and processed Web Site Review Requests from internal users to access blocked websites using OSINT tools and business justification. IT Support Specialist April 2019 – May 2020

COGNIZANT

• Installed and maintained Windows and desktop software, service packs, patches, and anti- virus updates.

• Managed assets inventory and deployed desktop images to end users.

• Worked directly with HR dealing with the New Hire Onboarding Process and trained.

• Decreased laptop rollout deployment times by 50% by creating, documenting, and implementing updated load sets for Windows 7 and Office 2010.

• Participated in a revolving on-call schedule to provide 24/7 service to users.

• Troubleshoot various technical issues with printers, network, and phone systems.

• Worked with third-party vendors to resolve issues with hardware or software covered by annual maintenance agreements.

• Managed laptop and MacBook inventory and assisted in procuring new hardware, software, and related supplies.

• Provided support in setting up audio and visual technology for conferences and meetings.

• Resolved complex technical issues that arose on the client's computer using troubleshooting.

• Effectively made recommendations to IT users on the selection of hardware and software

• Successfully administered user accounts, Exchange mailboxes, and security and distribution



Contact this candidate