EMPLOYMENT HISTORY:

Confidential

Senior Cyber Security Analyst, Alpharetta, GA

Responsibilities:

• Work as Shift Lead responsible for Cyber Security Operations Center (SOC) team of seven analysts.
• Duties include handling escalations and providing first leadership, guidance, and transfer of knowledge to Jr. Security Analysts.
• Analyze, investigate and respond to security events and incidents from IDS/IPS, SIEM, Firewall, Splunk, Log Analysis, Confidential, Malware analysis and Forensics tools (FireEye, Bit9, McAfee, Symantec AV, NAC, Fidelis XPS and Wireshark).
• Review and analyze security event logs and security appliance logs. Investigate security events escalated from Level I & II analysts for security risk.
• Monitor and analyze real time Denial of Service (DoS) attacks using tools and techniques (Arbor Peakflow, SolarWinds, and Dynatrace Application Monitoring).
• Monitor the security of critical systems (e - mail, database, web servers, etc.) and change to highly sensitive computer security controls to ensure appropriate system administrative actions.
• Regularly work with the Tier 3 Comouter Incident Response Team (CIRT) to discuss and potentially escalate critical incidents after initial triage.
• Manually investigate alerts and network packet captures to help identify threats and implement defenses against network and application attacks.
• Review and respond to InfoSec incidents and problems to collect metrics, recommend and support implementation of solutions, suggest process improvements and conducts root cause analysis.
• Helped to build, implement and deploy data security solutions using FireEye HX and RSA/McAfee ( Confidential ).

Confidential

Sr. Security Analyst Consultant, Cincinnati, OH

Responsibilities:

• Worked as Technical Lead responsible for Global Security Operation Center (SOC) team of five analysts.
• Involved in engineering, operations, alerting, report generation and deep network security analysis.
• Performed in-depth systems and network security analysis of intrusions to the network, applications, operating systems, firewalls, proxy servers, malware and intrusion detection/analysis using multiple tools such as McAfee ePO, FireEye HX, RSA Security Analytics (SIEM), Splunk, Data Loss Prevention ( Confidential ), Qualys Scanner etc.
• Executed response and mitigation procedures for a myriad of potential security incidents escalated from Confidential 's Tier 1 SOC and create reports to reflect on our detection and mitigation strategies.
• Monitored security threats to the network and responded to major incidents including DDoS, Brute Force and various other types of malware.
• Supported daily triage of incoming incidents (phishing, email spam, malware, exploits) to identify appropriate mechanisms to contain and mitigate risk.
• Upgraded a Symantec/RSA Confidential system to the latest version and pushed out new client agents.
• Worked with leadership to develop a security program that follows business objectives and helps meet PCI DSS requirements.
• Monitored, analyzed and reported ( Confidential ) events for Confidential ’s customers and configured ( Confidential ) program to work with RSA Envision, Archer, SIEM, and SharePoint.
• Reviewed and validated security events as positive or false positive and follow an incident response process to log incidents and begin resolution.

Confidential

Network Security Specialist, Merrimack, NH

Responsibilities:

• Responsible for engineering, operations, alerting, report generation and deep network security analysis.
• Researched, procured and implemented various best of breed network security tools to ensure Confidential can defend itself against APTs, malware, phishing, and threats against our intellectual property.
• Helped to implement and deploy data security solutions using IBM QRadar SIEM, RSA/McAfee Data Loss Prevention, TrendMicro AV and Bit9.
• Performed vulnerability assessment and penetration tests on internal systems and external network with the use of popular penetration testing tools (Core Impact, Qualys, Nessus, NMAP and Wireshark).
• Reviewed, analyzed and correlate malware, security events and reported and performing data and risk thought various tools IBM QRadar SIEM, Splunk, Fireeye, Carbon Black (Bit9) to identify suspicious and malicious activities.
• Performed monthly server patching using Shavlik and endpoint patching using Microsoft Windows SCCM.
• Managed and configured Blue Coat ProxySG appliance used for web filtering, data loss prevention, inspection, and visibility of SSL-encrypted traffic, content caching, and bandwidth management.

Confidential

IT Systems Administrator, Boxborough, MA

Responsibilities:

• Responsible for network monitoring, system patching, and reporting of vulnerability remediation efforts, anti-virus definition/infection status and RSA Authentication Manager SecureID.
• Monitored and verified intrusion security logs with Splunk and SolarWinds.
• Provided remote advanced analyzing of network diagnostics and troubleshooting for 500 customers up to date.
• Managed and installed of anti-virus and anti-malware software including Trend Micro WFBS and McAfee.
• Installed and managed RSA TokenID clients for Windows servers and end-users.
• Managed and troubleshoot system backups and recovery using CommVault, and Symantec Backup Exec.

Confidential

Systems/Server Administrator, Andover, MA

Responsibilities:

• Responsible for the configuration, supports, and maintenance of the Confidential virtual lab environment and administrate virtual training courses as well as NOC/ Datacenter.
• Provided technical support of corporate LAN/WAN environment as well as escalated technical support issues
• Monitored network and servers with SolarWinds and Confidential SiteScope and helped address any issues that arose.
• Set up and performed antivirus and malware scanning with McAfee and Norton software for end-users.
• Assisted network engineer with network troubleshoots to isolate and diagnose common network problems.

Confidential

Desktop Support Technician, Chelmsford, MA

Responsibilities:

• Performed installations, configurations, upgrades, and support for systems and users on Windows OS, Windows Servers, and Mac OS.