SUMMARY:

Seeking a Senior level position working as a Cyber Security Analyst, Incident Response Analyst, SOC Analyst position, monitoring, data centers & responding to cyber threats, managing, firewalls, IDS/IPS, as well Windows, Linux Servers - Operations and InfoSec.

TECHNICAL SKILLS:

• Sourcefire
• FIreeye
• HP Tipping Point
• Suricata
• Snort
• Splunk
• Bro
• Tanium
• Tren Micro Symantec
• McAfee Nitro
• McAfee ePolicy Orchestrator
• Bluecoat & Websense
• RSA Security Analytics
• Event Log Correlations and Analysis
• Network Forensics & Incident Response
• Tripwire
• Unix and Linux
• Virtualization
• ASA Firewall
• Check Point Firewall ADM
• IPS/ IDS
• Cisco Routing and Security Configuration
• Cisco Switching and Security Configuration
• Ticketing Systems
• Vulnerability Assessment
• Risk Assessments
• Packet Analysis
• Log Analysis
• Network Monitoring
• Log Management.

PROFESSIONAL EXPERIENCE:

Cyber Security Operation Center Analyst

Confidential

Responsibilities:

• Supporting the Confidential Security
• Provide notification, escalation, and daily summary reports based on security event analysis.
• Manage the resolution of computer security events per Service Level Objectives that affect agency information systems through the use of an established ticketing system.
• Manage the agency CSIRC/SOC mailbox, and monitor and analyze the emails for threats including phishing and malware, and make recommendation for email rules to minimize malicious or undesirable emails.
• Continuously tune Government provided Security Information and Event Management (SIEM) System, to reduce false positives and discover previously unknown threats within CBP environments
• Monitor and analyze security event data to include investigation of reported incidents using system logs, event correlation between Intrusion Detection Systems (IDS), Data Loss Prevention (DLP), firewalls and other means of detection.
• Review audit logs and record any inappropriate or illegal activity in order to reconstruct events during a security malfunction.
• Provide event analysis and evaluation of the reported violation and provide post-analysis categorization, prioritization, and recommendation of event disposition.
• Document all event investigation activities, incoming requests for information, or suspected incident reports as required to support law enforcement records, case disposition and audit review

Security Operations Center Analyst

Confidential

Responsibilities:

• Supporting the Confidential Operations Center
• Responsible for working in the 24x7x365 days Security Operations Center
• Performed analysis of malware & hunting malware using dynamic analysis
• Performed detailed examination and analysis of Phishing emails and Phishing sites
• Continuously monitors levels of service as well as interprets and prioritizes threats through use of intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
• Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices
• Monitors and proactively mitigates information security risks.
• Setup security bridges, sent Incident Management Notification alerts, write situation awareness, shift turnover, update security metrics, & write incidents details & reports
• Create, escalate and close tickets base on U.S-CERT categorization

Security Operations Center Analyst

Confidential

Responsibilities:

• Performs detailed examination and analysis of Phishing sites;
• Performs analysis of malware binaries and communication points;
• Performs detailed analysis of other fraud types (Vishing,419 Scams, Pharming);
• Responsible for working in the 24x7x365 Anti-Fraud Security Operations Center (AF-SOC)
• Communicate with ISPs and Registrars globally to mitigate fraud attacks.
• Monitor and analyze network traffic and IDS alerts
• Investigate intrusion attempts and perform in-depth analysis of exploits
• Analyze a variety of network and host-based security appliance logs (Firewalls, NIDs, HIDS, sys Logs, etc) to determine the correct remediation actions and escalation paths for each incident.
• Perform Tier 1 incidents triage

Cyber Security Analyst

Confidential

Responsibilities:

• Provide first level IDS monitoring, analysis and incident response to information security alerts events
• Analyze network traffic and IDS alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms
• Compose and send alert notifications
• Recommend IDS filters to eliminate false positives

Cyber Security Analyst

Confidential

Responsibilities:

• Monitoring network traffic, network-based Intrusion Detection System and firewalls
• Discovering of cyber security events and escalating to the Incident Response Team.
• Detailed analysis of network router and firewall logs to perform forensic response processes to contain, analyze and eradicate unauthorized access of the network systems
• Recording and maintaining cyber security event metrics.
• Performing incident response investigations.
• Performing risk assessments and testing of data processing systems
• Support and maintenance of security infrastructure systems.
• System troubleshooting and support of Network and Security Engineers