Sr. Cyber security analyst
Resume:
Zehra Keskin
Senior SOC Analyst
202-***-**** ************@*****.*** U.S. Citizen
PROFILE
Senior Security Operations Center (SOC) Analyst with 5+ years of experience providing Managed Detection and Response (MDR/MXDR) services for 60+ clients across healthcare, education, and enterprise environments in the U.S. and Canada. Proficient in Microsoft Sentinel (KQL), Defender XDR, CrowdStrike Falcon, Proofpoint, and ServiceNow, delivering continuous monitoring, incident response, and detection engineering. Skilled in alert tuning, client onboarding, and mentoring Tier 1–2 analysts while maintaining HIPAA, FERPA, and PII compliance. Experienced in manual investigations of legacy hospital systems and in managing operations across complex, multi-tenant SOC environments.
EXPERINCE
ARCTIQ Senior SOC Analyst Remote (U.S./Canada)
(Jan 2022 – Present)
Environment:
Trellix Helix Splunk Microsoft Sentinel (KQL) SeCop Google Chronicle ArcSight SIEM ArcSight SOAR Google SecOps SOAR Defender XDR CrowdStrike Falcon Trellix EDR Trellix ePO Trellix ETP Proofpoint Tenable Nessus Freshdesk Zendesk The Hive ConnectWise ServiceNow
Served as senior blue-team analyst for 60 + active clients across healthcare, education, and enterprise sectors in the U.S. and Canada.
Partnered with engineering teams to design, test, and tune Sentinel analytics rules and KQL queries, exporting mature detections to SOAR workflows for automation - 35–40 % reduction in false positives and 25 % faster MTTR.
Participated in client onboarding and follow-up sessions, aligning alerting and SLA requirements with business and compliance needs and supporting new analysts in maintaining consistent documentation and reporting.
Reviewed and guided Tier 1–2 analysts through daily ticket reviews across multiple tools, ensuring clear documentation, correct prioritization, and timely SLA compliance.
Acted as primary client contact for escalated incidents and inquiries, providing root-cause analysis, remediation guidance, and executive-level summaries.
Handled phishing and malware investigations for legacy hospital systems and K-12/university environments, ensuring secure PHI/PII protection under HIPAA, FERPA, and Canadian privacy regulations
Created and updated alert-tuning playbooks based on MITRE ATT&CK and prepared weekly client reports that explain key threats, recent incidents, and steps to improve security.
National Cyber Group – Cyber Security Analyst Remote
(Sept 2020 – Jan 2022)
Environment:
Splunk ES IBM QRadar Trellix HX CrowdStrike Falcon SentinelOne Proofpoint The Hive Tenable Nessus Wireshark (PCAP Analysis)
Proactively monitored, analyzed, and correlated security events across SIEM and EDR platforms (Splunk ES, QRadar, Trellix HX) to identify real threats and escalate verified incidents for containment.
Conducted deep-dive endpoint and network investigations using CrowdStrike Falcon and SentinelOne, to identify/ isolate compromised systems and coordinate remediation.
Performed PCAP analysis using Wireshark to trace lateral movement, identify command-and-control activity, and verify malicious payload delivery across network layers.
Investigated phishing campaigns in Proofpoint and The Hive by analyzing headers, URLs, and attachments; created blocklists to prevent recurring threats.
Ran vulnerability assessments with Tenable Nessus, prioritized critical findings, and developed remediation plans aligned with NIST and CIS standards — reducing exposure to recurring vulnerabilities
Loudoun County School District – Data Administrator (Counseling Dept.)
(2018 – 2020)
Environment:
Student Information Systems (SIS) PowerSchool Naviance Microsoft Excel Google Workspace SharePoint FERPA / HIPAA Compliance
Managed and secured student data systems supporting school counseling operations while ensuring FERPA and HIPAA compliance for all records.
Developed and optimized district-wide SIS processes, improving data accuracy and standardizing reporting workflows.
Collected and analyzed student data at the district level for all schools, creating detailed reports and visual graphs in Excel to track academic metrics and support state reporting.
Updated and restructured policy documents for data access, retention, and confidentiality to align with privacy regulations.
Supported data exchange across local, regional, and state systems, participating in training and audits to maintain data integrity and compliance.
EDUCATION
M.Ed., School Counseling – Azusa Pacific University
B.S., Business – Strayer University
A.S., Computer Technology – Bilkent University
CERTIFICATIONS
CompTIA Security+ • Microsoft SC-200 • Splunk Core Certified User • CySA+ (in progress) • CISSP (in progress) • Licensed School Counselor – Virginia DOE • School-Based Mental Health Certification • West Point Military Honorary Officer
Contact this candidate