SUMMARY:

• Skilled Information Security Analyst with expertise in incident management, unauthorized access, DoS/DDos, viruses and a wide range of vulnerabilities and threats.
• Well-versed in direct and remote analysis with strong critical thinking communication and people skills.
• Able to thrive in fast-paced and challenging environments where accuracy and efficiency matter.

TECHNICAL SKILLS

• More than 7 years of Security experience inside a SOC environment, 6 years as a Cyber Defense Analyst inside a Cyber Defense Center of a major cable company (Time Warner Cable).
• Experience in systems and network security, incident analysis and recovery.
• In-depth knowledge of secure network design concepts, network protocols, encryption tools, firewalls and intrusion detection/prevention systems.
• Possess the ability to read and understand system data including but not limited to security event logs, system logs, proxy and firewall logs.
• Ability to identify and prioritize security risks, threats and conduct detailed analysis.
• Experience in threat intelligence and analysis, security monitoring and Incident Response.
• Familiar with multiple information security and monitoring tools including ArcSight SIEM, IDS/IPS (SourceFire), Malware Analysis (ePO HIPS, VirusTotal), Splunk, Arbor etc.
• Sound knowledge of network security vulnerability tools, (Qualys, Nessus, Nexpose and Retina).
• Strong accomplished IT experience in Network and LAN Administration.
• Excellent communication and organizational skills.
• Excellent analytical and critical thinking skills.

PROFESSIONAL EXPERIENCE:

Senior Cyber Security Analyst

Responsibilities:

• Continuously monitored, analyzed and identified security alerts information from all approved security devices (ArcSight, SourceFire, Splunk and Arbor Peakflow SP), collection techniques and designated system logs.
• Monitored bandwidth usage and traffic alerts related to DoS/DDoS attacks; identified sources of attack and applied Arbor Networks TMS for mitigation.
• Performed security incident response and malware analysis of compromised machines using available tools and resources, like EnCase Enterprise, NetWitness Investigator and Mandiant Highlighter as well as online resources such as Virus Total, URLVoid, and IPVoid.
• Responsible for handling the Intelligence and Email Operations for the SOC while maintaining proficiency of adversary tactics, techniques, and procedures (TTPs) through analysis of email headers, malware analysis, and open source intelligence.
• Worked with law enforcement on issues with life threatening calls and subpoena requests.
• Utilized my knowledge, skills, experience and tools in countering malicious code attacks such as viruses, malware, spyware, adware, worms, Trojan horses, root kits and all other abnormal activities on computer systems and on the network.
• Performed regular systems and network vulnerability scans using Qualys; identify and remediate potential risks and coordinated patch and vulnerability management with the Vulnerability Risk Management (VRM) team.
• Worked with other security groups like EIS forensics, Network Communications Center (NCC) and Backbone Operations during multiple security incidents.
• Generate detailed security incident reports and disseminate the reports in accordance with incident response and reporting standard operating procedures.
• Collaborated with teammates, managers, and other senior engineers to develop and implement process improvements regarding the detection, investigation, containment, recovery, and eradication of security events.

Network Security Analyst  

Responsibilities:

• Monitored IDS and Nagios channels for threats and vulnerabilities, potential compromise, and intrusion against multiple managed security devices including IDS sensors and firewalls.
• Coordinated and conducted application and network vulnerability scans using Nessus.
• Actively involved in the IDS team tasked with developing custom Snort rules to mitigate against emerging threats.
• Actively involved in the implementation of various IDS projects like the Oink-master project to automate the upgrading process of Snort signature rules.
• Responded to network activities, as required, including supporting SLA commitments between network operations and internal/external customers.
• Developed specific documentation for multiple projects to upgrade Snort/Cisco sensors.
• Uploaded data captures to malware scanning sites to detect any suspicious activity such as Trojan malware, password stealers, website redirecting tools and all malware activities.
• Created and deployed custom IDS signatures to detect and alert analysts of malicious activity on two different platforms, (Snort and Cisco based IDS/IPS devices).
• Performed monitoring and investigation of network traffic using NetWitness investigator tool.
• Assisted remote RSA SecureID authentication users with reassigning tokens and resetting PIN numbers for a secure authentication mechanism.
• Supported the implementation of new security products/services for customers.

Network Support Specialist

Responsibilities:

• Installed and configured new hardware systems and components, including wireless networking equipment, and ensured integration with existing network systems.
• Performed routine maintenance and standard repairs to network components and equipment.
• Analyzed network data to determine network usage, disk space availability, or server function.
• Performed regular system performance checks and identified any potential issues.
• Coordinated with network administrators to identify system maintenance needs.
• Monitored industry websites and publications for information about patches, releases, viruses, and identified potential problems and recommended for upgrades.
• Researched hardware and software products to meet technical networking or security needs.
• Analyzed and reported computer network security breaches and attempted breaches.
• Managed response and resolution of user and support issues received via telephone calls, e-mails, web incidents and callbacks in a timely manner.
• Trained users in procedures related to network applications software or related systems.

Help Desk Support Analyst 

Responsibilities:

• Performed troubleshooting on network connectivity components, desktop configurations, printer connectivity, and network access issues.
• Provided technical support for hardware (desktops, laptops, printers, and PDAs) and software applications (operating systems, productivity, internally developed, and internet).
• Configured and installed desktop PCs, resolved hardware/software issues, troubleshoot connectivity issues, and ensure user satisfaction.
• Created helpdesk documentation with step by step instructions on resolving HW/SW issues.
• Served as HelpDesk Administrator and developed and implemented effective Help Desk support policies and procedures for the IT Department to provide better support and call resolution.
• Supported both corporate and personally-owned Desktop and Laptop computers in a mixed environment.