Security Analyst with Incident Response Expertise
Resume:
Netsanet Almaw
***************@*****.***
Silver Spring, MD
Technical Skills
Security Analyst
Vulnerability Assessment
Threat Detection Fundamentals
Incident Investigation and Response
Security Event Analysis
Risk Identification
Windows and Linux log analysis
Security Monitoring and reporting
Tools
Splunk (SIEM)
Wireshark
Nmap
Patch Management Tools
Ticketing Systems
EDUCATION
University of Maryland Global Campus (UMGC)
Bachelor of Science in Cyber Operations Jan 2025-
June 2026
Dean's List, University of Maryland Global
Campus Spring 2025, Summer 2025, Fall 2025
Professional Summary
Security Analyst with 5+ years of experience in security monitoring, incident investigation, and network security operations. Skilled in analyzing SIEM alerts, performing log analysis across Windows and Linux systems, and identifying indicators of compromise through event correlation and network traffic analysis. Experienced in investigating suspicious authentication activity, phishing attempts, and abnormal network behavior to support effective incident response.
Professional Experience
Security Analyst: Montgomery County– Maryland, USA Apr 2024 – Present
Configure and secure Windows and Linux systems
following cybersecurity best practices.
Perform vulnerability assessments and identify system misconfigurations affecting security posture.
Conduct network traffic analysis using packet
inspection tools to identify suspicious activity.
Monitor and investigate potential security incidents, including reconnaissance and exploitation attempts.
Apply system hardening techniques and configure
firewalls to improve system security.
Analyze simulated cyber-attack scenarios to
understand attacker behavior and response strategies.
Apply security frameworks and industry best practices to strengthen system defenses.
Network Security Engineer: American Cold Control Inc – Manassas, VA. Sep 2020 – Oct 2023
Troubleshot hardware, software, VPN, and network connectivity issues across multiple departments.
Imaged, configured, and deployed new computers for end users.
Managed user accounts, permissions, and group
policies in Active Directory.
Resolved DNS, DHCP, and network-related issues
impacting users.
Performed password resets and account unlocks in Active Directory.
Documented and tracked issues using IT ticketing systems and resolved tickets within SLA.
Adama Science and Technology University
Bachelor of Degree in Marketing Management
September 2014 – July 2016
Certifications
CompTIA A+
CompTIA Network+
CompTIA Security+
CompTIA CySA+
Projects
Vulnerability Scanning & Network Analysis (OpenVAS & Wireshark)
Performed authenticated vulnerability scans on a Windows system using OpenVAS (Greenbone).
Identified 400+ vulnerabilities including 312 CVEs affecting applications such as Firefox, Thunderbird, and 7-Zip.
Discovered open ports and services (22/SSH,
135/RPC, 3389/RDP) and analyzed associated
security risks.
Captured and analyzed SMB authentication and TLS traffic using Wireshark.
Researched vulnerabilities using the NIST NVD and CVSS scores, and mapped findings to the MITRE
ATT&CK framework.
Recommended patching, service hardening, and
access control improvements to reduce security risk. Network Traffic Analysis using Splunk (SIEM)
Ingested and analyzed PCAP network log data in
Splunk SIEM using custom indexes CSV log files
Used Splunk Search Processing Language (SPL) to
investigate suspicious network activity between
hosts.
Identified command-and-control traffic and reverse shell activity on port 4444.
Detected RDP lateral movement on port 3389
between internal hosts.
Investigated abnormal TCP communication on port
53, indicating potential DNS tunneling activity.
Analyzed HTTP logs to identify malicious file
downloads (system32.exe) from compromised hosts.
Performed anomaly detection including high-
frequency traffic, suspicious protocols, and abnormal payload sizes.
Contact this candidate