Security Analyst Resume
5.00/5 (Submit Your Rating)
SUMMARY:
Security professional looking to apply my experience in a Security Operation Center to keep the Company's IT environment safe and secure from any potential threats.
TECHNICAL SKILLS:
- VM vSphere support/administration
- Nagios support/administration
- LogRhytm SIEM appliance - Certified Platform Administrator Level I,Security Analyst Level I
- Splunk SIEM appliance
- ArcSight SIEM Appliance
- Cisco SourceFire IDS
- Cisco IronPort Email and Web security.
- BurpSuite Scanner
- WireShark Packet Tracer
- Symantec EndPoint Protection
PROFESSIONAL EXPERIENCE:
Confidential
Security Analyst
Responsibilities:
- Monitoring of ArcSight alerts
- Analyzing of Arcsight alerts for the following issues:
- XSS Scripting, SQL Injections, Malware Detection, Blacklisted Web Sites, Dowloading of files
- Using the following appliances for analyzing the aforementioned issues: Cisco SourceFire IDS, Cisco IronPort Email and Web security, BurpSuite Scanner, WireShark Packet Tracer, Symantec EndPoint Protection
- Determine final outcome of alerts ( Faulse Positive or True Positive) after due diligence in investigating alerts.
- Engage Level II analyst in case of True positive.
- Provide in depth details/analysis of True Positive event.
Security Analyst
Responsibilities:
- Monitors and analyzes email alerts from a wide array of security devices and systems (SIEM s, Firewalls, IDS/IPS, WIPS, Systems, Networks, Anti - virus, etc.)
- Creates Tickets internally and externally to track all activities.
- Provide direct support to Clients via Phone, Email, SMS.
- Prepares and maintain the Administrative Documentation in a secure manner.
- Update Management on any client changes.
- Prepares Shift Activity Reports for clients and Management.
- Prepares Weekly and Quarterly summary reports for Clients and Management.
- Maintain weekly communication with Clients, providing support and answering any questions concerns in a timely manner to enhance S3 s relationship as the Client s security partner.
- Respond to customers in a positive and timely manner.
Security Analyst/ Technical Support
Responsibilities:
- Responsible for Analyzing of System's Events based on Used cases and Correlation Rules.
- Responsible for creating searches based on clients specifications.
- Responsible for creating Alerts based on aforementioned searches.
- Responsible for creating Reports and Dashboards from searches
- Responsible for Health Check status, Licensing daily usage, Universal Forwarder status, Indexer status, Search Heads status thru the Distributed Management Console.
- Uploading Universal Forwarders on devices.
- Troubleshooting Universal Forwarders for non forwarding of event logs.
- POC for related SPLUNK projects for SOC department.
Support Engineer\Change\Risk Management
Responsibilities:
- Create user accounts in Active Directory.
- Reset passwords for users in Active Directory.
- Terminate hung/frozen sessions in client’s servers.
- Troubleshoot Server issues through VMWare.
- Set up printers on client’s desktops.
- Answer incoming phone calls from clients and open appropriate tickets in Bridge Trak
- Resolve opened Bridge Track tickets or escalate them to appropriate teams.
- Monitor all Change Management tickets to make sure they comply with internal Change Management policy.
- Monitor IDS Logs on Palo Alto appliance for generated alerts.
- Research traffic on IDS Logs to determine appropriate action.
- Gather necessary documentation for SSAE-16 Audit.
- Nagios Administrator
- VM Ware Administrator
Systems Administrator
Responsibilities:
- Implementing scripted changes on Cisco routers and switches.
- Implementing scripted changes on Load Balancers.
- Implementing scripted changes on DNS Servers.
Confidential
Command Center/Security Analyst
Responsibilities:
- Create and submit incident tickets for related events, based on client's criteria, to client's IT team.
- Generate LogRhythm event logs reports based on specified client's requests and/or events.
Command Center Technician
Responsibilities:
- Monitor clients' networks for any alerts coming into the Command Center.
- Answer incoming phone calls for clients' related issues.
- Create troubleshooting tickets on ITSM/CARE’s system for engineers.
- Follow through and close tickets for resolution to networks’ issues.
Confidential
Associate Network Engineer
Responsibilities:
- Implemented changes on Firewalls (Checkpoint, Cisco ASA, Fortigate) as requested.
- Worked with Cisco products including working with ASDM 7.1 Firewall, Catalyst 6k, Catalyst 6509, 6506, 4507, 7201, PIX Firewall 520, PIX Firewall 515E, Cisco ASA 5520.
- Created Keys and importing Certificates on F5-BigIP load balancers.
- Created, updated ACL’s as requested switches and routers.
- Monitored network health on Solar Winds.
- Responsible for troubleshooting network connection issues.
- Served as Liaison with circuit vendors and departments managers for circuit maintenance notices.