SOC Analyst and Security Operations Expert

Internal

Dorothy Asang Siri Waldorf MD

Email: ************@*****.*** Tel: 240-***-****

Experienced in Information Technology and Cyber Security, Mrs. Asang brings a wealth of skills and qualifications in the profession. She has experience in Education and Communication Security. She has monitored network, application and operating systems and respond to incidents analyzing, researching and providing business-goal reports to enterprise stakeholders. She delivers strategic, tactical and operational findings and recommendations on critical information systems. She has experience working in Security Operation Center (SOC). She has great skills in communication and a good team player.

WORK EXPERIENCE

DELOITTE 08/23/2021 - Present

SOC Analyst

• Lead, investigate, coordinate, bring to resolution and report on security incidents as they are escalated or identified.

• Lead, Perform, review or track security Incident investigations to resolution

• Lead, perform or review root cause analysis efforts following incident recovery

• Forensically analyze end user systems and servers found to have possible indicators of compromise.

• Analysis of artifacts collected during a security incident.

• Identify security incidents through ‘Hunting’ operations within SIEM and other relevant tools.

• Monitor and analyze network traffic and alerts.

• Investigate intrusion attempts and perform in-depth analysis of exploits.

• Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident.

• Conduct proactive threat research.

• Use McAfee DLP to protect intellectual property and ensure compliance by safeguarding sensitive data

• Use Splunk to search and Analyse email logs to confirm malicious emails were not delivered or is quarantine and malicious attachment is dropped. Internal

• Process daily Threat Intel and blocking malicious MD5 hashes, domain and IP following standard operating procedure.

• Document all activities during an incident and providing leadership with status updates during the life cycle of the incident.

• Create a final incident report detailing the events of the incident.

• Provide information regarding intrusion events, security incidents, and other threat indications and warning information to clients.

• Monitoring and analyzing logs and alerts from a variety of different technologies

(IDS/IPS, Firewall, Proxies, Anti-Virus, etc…), across multiple platforms and varied platforms.

• Assessing the security impact of security alerts and traffic anomalies on customer networks.

• Creating comprehensive security write-ups which articulate security issues, analysis and remediation techniques.

• Analyzing and escalating security incidents to clients and stakeholders both written and verbally.

• Responding to technical security questions and concerns from clients.

• Possessing a deep understanding of hacker techniques, vulnerabilities, attacks and countermeasures.

• Maintaining a strong awareness and understanding of the current threat landscape.

• Conducting research on emerging security threats and potential customer impact.

• Analyze, investigate and process Malicious/Phishing Email alerts from IronPort and FireEye following standard operation procedure.

• Contribute to security strategy and security posture by identifying security gaps, evaluate and implement enhancements.

• Prioritize and differentiate between potential intrusion attempts and false alarms.

• Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions.

• Provide Incident Response (IR) support when analysis confirms actionable incident.

• Strong working knowledge of network security monitoring and incident response, as well as superior written and technical communications skills. Think Tech Consulting. 03/2013–06/2019

IT HelpDesk/Soc

• Provide phone, electronic and in-person services to end-users.

• Respond to and resolve inbound computer-related end user support tickets in a timely manner using Service Now.

• Support both Windows 10 and Mac OS.

• Provides on-site support to end users on a variety of Application Support Issues (for both inter and intra agency applications).

• Responds to telephone calls, email and personnel requests for support.

• Identifies, researches, and resolves application support problems.

• Responds with precise details to assigned request tickets, to include problem recognition, research, isolation, resolution, and follow-up steps. Internal

• Documents, tracks, and monitors tickets to ensure a timely resolution.

• Coordinates with DOL Infrastructure Helpdesk to execute resolution of Infrastructure related issues.

EDUCATION

University of Bamenda

Master Degree: Management Information Technology

• Bachelor’s degree: Security Communication & Education

• Risk management

TECHNICAL SKILLS

• Security Technologies:

TECHNICAL SKILLS

• Security Technologies:

• FireEye, IronPort, Sourcefire, McAfee Web Gateway, Splunk, Splunk Express, McAfee DLP, Nessus Security Center, Nmap, Wireshark, IDS/IPS; Log Management, Anti-Virus Tools;

(Norton, Symantec).

• Operating Systems: Unix-Based Systems (Solaris, Linux); Windows.

• Networking: LANs,VPNs, Routers, Firewalls, TCP/IP

• Software: MS Office (Word, Excel, Outlook, Access, PowerPoint)

• Ticket Systems: Archer, Service Now, Remedy & JIRA

• Open Source Site Check tools: URLVOID.COM, VirusTotal.com, zscaller.com etc.

Contact this candidate