Security Analyst Incident Response
Resume:
George Achu
Phone: +1-513-***-****
Email: **************@*******.***
Cincinnati, Ohio
PROFESSIONAL SUMMARY
Passionate Senior SOC, Cyber Threat Intelligence and Incident Response Analyst with extensive experience in investigating, containing, and preventing network, host, and email-based attacks. Proficient in malware analysis, incident response, data loss prevention and improving SOC processes by utilizing top industry security solutions.
SKILLS
CrowdStrike Tanium Microsoft Defender for Endpoint Cisco Umbrella IpVoid AbuseIPDB SNORT Palo Alto Networks Symantec Bluecoat FortiGate O365 Proofpoint Malware Analysis Nessus Wireshark Virus Total Url scan Joe Sandbox PCAP Analysis PCIDSS/FIPS/NIST Splunk Cyber Threat Intelligence Cyber Kill Chain Methodology
Confluence ServiceNow SOAR JIRA Any.run Windows Linux Active Directory Azure AWS Endpoint TCP/IP MITRE ATT&CK Network Security Protocols Nessus Confluence Virus Total Firepower DomainTools IBM X-Force
AREA OF EXPERTISE
Security Tools: Splunk, Snort, CrowdStrike, Microsoft Defender ATP, Proofpoint, Cisco Umbrella
Threat Detection & Response: Malware Analysis, Threat Hunting, Phishing Analysis, Vulnerability Management, Incident Coordination
Networking: TCP/IP, IDS/IPS, Firewalls, Packet Analysis, NIDS, HIDS
Cloud & Endpoint Security: AWS, Azure,
Scripting & Automation: PowerShell, ServiceNow, SharePoint
CERTIFICATION/EDUCATION
• CompTIA Cybersecurity Analyst (CySA+)
• CompTIA Network+
University of Dschang, Cameroon
Bachelor of Science, Information Technology
PROFESSIONAL EXPERIENCE
Senior SOC Analyst
Cisco Systems, Remote June 2020 – Present
• Provided advanced triage, detection, and response for high-volume alerts within Splunk and CrowdStrike, reducing false positives and improving mean time to detect and respond.
• Applied systematic triage processes to quickly differentiate false positives from true security events, ensuring timely escalation of actionable incidents.
• Tuned SIEM correlation rules aligned with MITRE ATT&CK techniques to enhance threat detection capabilities across enterprise environments.
• Utilized EDR tools (CrowdStrike, Defender ATP) to conduct endpoint investigations, isolate compromised devices, and remediate threats.
• Investigated security incidents from detection to containment and eradication, ensuring adherence to SLAs and minimizing dwell time
• Conducted host-based investigations including process analysis, network connections, and file executions to identify malicious behaviors.
• Led phishing investigations through advanced header analysis, sandboxing attachments, and URL inspections, identifying IOCs and mitigating threats.
• Conducted malware analysis to identify TTPs and support detection engineering initiatives.
• Mentored junior analysts on triage processes, detection rule development, and incident response workflows.
• Utilized EDR tools to contain threats rapidly by isolating endpoints and removing malicious artifacts during incident response.
• Contributed to takedown efforts of malicious phishing domains targeting the organization.
• Created dashboards and SOC reports to improve visibility into detection effectiveness and SLA compliance.
SOC Analyst
Bank of America, June 2018 – May 2020
• Monitored and analyzed security alerts from ArcSight and QRadar, prioritizing incidents based on severity and business impact.
• Conducted threat hunting and proactive detection using MITRE ATT&CK and Cyber Kill Chain frameworks to identify suspicious patterns and potential breaches.
• Executed phishing investigations and provided user education to reduce organizational risk.
• Managed incident response activities from initial detection to containment and remediation, ensuring clear documentation for post-incident review.
• Assisted in vulnerability management and endpoint protection initiatives, reducing the organization’s attack surface.
• Tuned SIEM use cases and detection logic to improve signal-to-noise ratio within the SOC.
• Conducted root cause analysis post-incident to prevent recurrence and enhance detection capabilities.
Contact this candidate