IT Security Analyst SOC
Resume:
Dennis Darku
Woodbridge, VA Area
703-***-**** *****.******@*****.***
PROFESSIONAL SUMMARY
Skilled SOC Analyst with expertise in threat detection, incident response, and security monitoring. Proficient in using SIEM tools, endpoint security, and threat intelligence to identify and mitigate cyber threats. Strong analytical and communication skills with a focus on improving detection accuracy, response time, and overall security posture.
TECHNICAL SKILLS
Security Information and Event Management (SIEM) & Log Analytics (e.g. Splunk, RSA NetWitness)
Endpoint Detection & Response (EDR) tools
Intrusion Detection / Prevention Systems (IDS/IPS; e.g. Snort)
Threat Intelligence Integration & Analysis
Threat Hunting & Adversary Tactics (MITRE ATT&CK framework)
Malware Analysis & Reverse Engineering fundamentals
Scripting & Automation (Python, PowerShell, and Bash)
Cloud & Hybrid Environment Security (AWS, Azure, etc.)
Network & Protocol Analysis (TCP/IP, DNS, HTTP, etc.)
Vulnerability Scanning & Management (Nessus, open-source tools)
Digital Forensics & Chain-of-Custody methodology
Security Orchestration & Automated Workflows (SOAR)
EXPERIENCE
IT Security Analyst II
Pyramid Consulting, Inc. Alpharetta, GA September 2022 – Present
Monitored and analyzed security alerts using SIEM tools (Splunk, QRadar, Microsoft Sentinel) to identify and investigate potential threats.
Performed in-depth incident investigations, analyzing attack vectors, indicators of compromise (IOCs), and root causes.
Led incident containment, eradication, and recovery processes following NIST 800-61 and MITRE ATT&CK frameworks.
Conducted proactive threat hunting in endpoints, network, and cloud environments to uncover undetected malicious activity.
Configured and maintained firewalls, IDS/IPS, and endpoint protection platforms to strengthen organizational defenses.
Developed and enhanced SOC playbooks and response workflows to improve detection accuracy and reduce response times.
Performed vulnerability assessments and worked with IT teams to prioritize and remediate high-risk findings.
Collaborated with network, cloud, and infrastructure teams to troubleshoot and mitigate complex security incidents.
Analyzed logs from servers, applications, and firewalls to detect anomalies and correlate threat intelligence indicators.
Conducted host-based forensics and malware analysis to identify persistence mechanisms and data exfiltration attempts.
Supported identity and access management (IAM) by monitoring unauthorized access and enforcing least privilege.
Authored detailed incident reports, risk assessments, and executive summaries for senior management and compliance audits.
Integrated threat intelligence feeds, detection rules, and automation scripts to enhance SOC efficiency and reduce false positives.
Soc Analyst
T-Mobile, Reston, VA April 2020 – September 2022
Monitored and investigated security events using SIEM platforms (Splunk, QRadar) to detect intrusions, malware, and insider threats.
Conducted incident triage, analysis, and escalation of security alerts to Tier 3 and Incident Response teams as required.
Performed log correlation and event analysis across multiple systems including firewalls, IDS/IPS, servers, and endpoints.
Investigated phishing campaigns, malware infections, and lateral movement within enterprise networks.
Supported forensic analysis and evidence collection for confirmed incidents, ensuring documentation integrity.
Applied the MITRE ATT&CK framework to map attacker behavior and identify gaps in detection coverage.
Collaborated with IT, networking, and compliance teams to contain and remediate threats and implement long-term preventive controls.
Led the response to critical incidents, minimizing downtime and ensuring business continuity.
Assisted in developing incident response playbooks and improving SOC workflows for greater efficiency.
Utilized threat intelligence feeds to identify emerging IOCs and enhance proactive detection measures.
Delivered detailed incident reports, threat summaries, and post-incident reviews for management and audit purposes.
Supported regular security tool tuning, ensuring optimal performance of IDS/IPS, EDR, and SIEM platforms.
Provided mentoring and training to junior SOC analysts on threat detection, escalation, and response best practices.
Network Operations Engineer
T-Mobile, Reston, VA September 2022 – April 2020
Install, configure, operate, and maintain network equipment such as routers, switches, firewalls, network monitoring devices, and network management platforms.
Perform complex implementation and configuration changes on network devices.
Participate in client on-boarding tasks as well as scheduled remediation and maintenance tasks including hardware deployments and upgrades.
Escalate and work with 3rd party vendors to troubleshoot connectivity issues.
Perform system checks to verify all circuit installations are configured properly and function as designed.
Analyze and investigate interface utilization reports.
Patch network vulnerabilities to ensure information is safeguarded against outside parties.
Develop and maintain network baseline documentation in accordance with configuration management standards.
Generate reports on incident frequency, downtime, and SLA breaches for team lead reviews.
Lead NOC Analyst
T-Mobile, Reston, VA April 2009 – November 2013
Coached team members, facilitated continuous professional development, and assumed interim management responsibilities as required.
Trained new-hired employees.
Provided first and second level support, troubleshooting, and analysis for customer tickets in the Customer Interface Team (CIT) IP NOC and Managed Network Services (MNS) NOC.
Managed first-level escalation processes and coordinated with vendors to resolve hardware and software issues, ensuring high levels of client satisfaction and minimal service interruption.
NOC Analyst
T-Mobile, Reston, VA November 2007 – April 2009
Conducted comprehensive troubleshooting of Physical Layer issues, coordinating with equipment vendors and telecom companies to ensure optimal network performance and reliability.
Managed critical network operations, including proactive port monitoring and event correlation, and executed diagnostic tests on various circuits to swiftly address and rectify technical faults.
EDUCATION
BACHELOR OF SCIENCE IN ELECTRICAL ENGINEERING
Virginia Polytechnic Institute and State University, Blacksburg, VA. May 2005
PROFESSIONAL CERTIFICATIONS
Certified Information Systems Security Professional (CISSP)
CCNA Routing and Switching, CCNA Security
Certified Ethical Hacker (CEH)
CompTIA Advance Security Practitioner (CASP)
CompTIA Security+
REFRENCES
References available upon request
Contact this candidate