Cybersecurity Analyst with SIEM & Incident Response Excellence

GAURAV SHARMA

CYBERSECURITY ANALYST

Mechanicsburg United States • +1-365-***-**** • ******.*****@*****.*** Professional summary

Cybersecurity Analyst with over 3 years of experience in security operations, vulnerability management, and incident response within enterprise environments. Skilled in SIEM monitoring, threat detection, endpoint investigation, identity and access management, and network security analysis. Hands-on experience with Splunk, Wazuh, Nessus, OpenVAS, Wireshark, and Metasploit. Strong understanding of NIST frameworks, risk management, and security best practices. CompTIA Security+ certified and currently pursuing a Master's degree in Cybersecurity and Control Management.

Core Competencies

Security Operations

SIEM Monitoring and Log Analysis

Incident Response and Triage

Vulnerability Assessment and Remediation

Threat Detection and Analysis

Endpoint Security and EDR

Identity and Access Management

Risk Assessment and NIST Framework

Firewall Configuration

Cloud Security Fundamentals (AWS, Azure)

Network Security

Penetration Testing

Technical Skills

SIEM and Monitoring: Splunk, Wazuh

Vulnerability Tools: Nessus, OpenVAS

Penetration Testing: Nmap, Metasploit, Burp Suite, Kali Linux

Network Security: Wireshark, Snort, pfSense, GNS3

Digital Forensics: Velociraptor, FTK Imager, Volatility

Systems and Platforms: Windows Server, Active Directory, VMware

Cloud Platforms: AWS, Microsoft Azure

Work history

Cybersecurity Analyst, 10/2020 to 09/2024

Manitoulin / United Group of Companies – Mississauga

Monitored and analyzed 300 to 500 security events weekly using SIEM platforms to identify suspicious activity and indicators of compromise.

Conducted vulnerability scans across servers, endpoints, and network devices using Nessus and OpenVAS, identifying and supporting remediation of over 100 vulnerabilities annually.

Supported incident response activities including alert triage, root cause analysis, and coordination with IT teams, contributing to a 20 to 25 percent reduction in incident resolution time.

Implemented and maintained Data Loss Prevention policies, reducing unauthorized data transfer incidents.

Managed access controls and permissions for over 20,000 user accounts, enforcing least privilege and conducting periodic access reviews.

Performed security inspections and compliance checks across environments supporting more than 1,000 employees to maintain audit readiness.

Assisted with endpoint monitoring and malware detection using antivirus, EDR solutions, and SIEM integrations.

Supply Chain IT Analyst / Ops Supervisor, 03/2014 to 10/2020 Day and Ross Dedicated – Mississauga

Supported IT systems and operational technologies across logistics environments.

Conducted audits to verify access controls, facility security measures, and compliance with internal policies.

Assisted with implementation of IT tracking and reporting systems to improve operational visibility.

Supported business continuity and disaster recovery planning to minimize downtime.

Ensured compliance with data protection, privacy, and regulatory requirements. Projects

Security Monitoring and Incident Detection (Wazuh, SIEM)

Deployed and configured Wazuh SIEM for centralized log collection and real-time security monitoring.

Created custom alert rules to detect authentication failures, suspicious processes, and abnormal system behavior.

Analyzed alerts and logs to identify potential security incidents and mapped findings to MITRE ATT&CK techniques.

Documented incidents and provided response and mitigation recommendations. Vulnerability Assessment and Penetration Testing (Nessus, OpenVAS, Kali Linux)

Conducted vulnerability scans on Windows and Linux systems using Nessus and OpenVAS.

Performed LAN penetration testing using Kali Linux, Nmap, Metasploit, and Legion to identify open ports, services, and misconfigurations.

Assessed vulnerability severity and prioritized remediation actions based on risk impact.

Produced structured vulnerability and penetration testing reports aligned with cybersecurity best practices.

Network Traffic Analysis and Threat Detection (Wireshark)

Captured and analyzed network traffic using Wireshark to identify anomalous or malicious activity.

Investigated packet-level data to detect scanning behavior, suspicious connections, and protocol misuse.

Recommended network-level security improvements based on analysis findings. Network Segmentation and Firewall Security (pfSense, VMware, GNS3)

Designed segmented network architectures to simulate enterprise environments.

Deployed and configured pfSense firewalls to control traffic flow between network segments.

Implemented firewall rules enforcing least privilege and validated configurations through traffic testing. Endpoint Detection and Digital Forensics (Velociraptor, FTK, Volatility)

Conducted endpoint investigations using Velociraptor to collect forensic artifacts.

Analyzed memory images and file systems using Volatility and FTK Imager.

Identified indicators of compromise, suspicious processes, and persistence mechanisms. Identity and Access Management (Windows Server, Active Directory)

Configured Windows Server 2019 Domain Controllers and Active Directory environments.

Implemented role-based access control, group policies, and auditing mechanisms.

Applied IAM best practices including least privilege, account monitoring, and access reviews. Education

Master's: Cyber Security and Control Management, 01/2026 Harrisburg University of Technology - Harrisburg, United States expected to finish in Dec 2026

Graduate certificate: International Business Management, 01/2013 George Brown College - Toronto, Canada

Bachelor's Degree: Business Management & Computers, 01/2010 Tilak Maharashtra University - India

#HRJ#32c64553-8887-4927 -b32a-00ec0a759d 60#

Contact this candidate