SUMMARY:

• Cyber Security analyst with more than 3 years’ experience in Information Technology.
• Developed strong analytical skills and a broad range of computer expertise.
• I am team oriented with the ability to develop and execute ideas and initiatives.
• Hands - on experience leading all stages of system development efforts, including requirements definition, design, testing, and support. Interested in a company or institution that offers a consistently positive atmosphere to learn new technologies and implement them.

TECHNICAL SKILLS:

Operating Syst e m s: W indows Operating systems 7, 8 and 10, Mac OS, Basic Unix- Based System ( L inux ), Sha r ePoint.

Securi t y T e chno l og i es: F i reE ye, HP A rcS i ght E S M, Sourcef i re, RSA S ecur i ty A na l y ti c s, W i r esha r k, TCPDump, Snor t, Sp l unk, McA fee ePoli cy O rches t rat o r, Imper va S ecure Sphere (WAF), N e tw ork A ccess C on t r ol Coun t e r ACT ( N A C) McA f ee Web G a teway, A c t i ve T ru s t, R ed S ea l, Conso le ( M A M), IBM AppScan, Encase and FTK, Tenable Security Centre, Cisco IronPort, MS Exchange, Mail Filtering. Vulnerability Scanning/Assessments, Symantec EndPoint Protection

PROFESSIONAL EXPERIENCE:

Confidential, Washington, DC

Security Operations Analyst

• Conducted dynamic packet analysis of traffic by using Wireshark and collecting threat intelligence to ensure secure data transmission between classified systems.
• Conducted log analysis using Splunk to collects and indexes log machine data from various source of user’s machine
• Performed malware analysis within the Security Operations Center (SOC) environment for Identifying indicators of compromise
• Prepared br i ef ings and repor ts of ana l ys is methodo logy and re s u lt s.
• G enera ted end- o f - s h i ft r epo rts for documen t a t i on and know l edge t rans fer to s ubsequent ana l ys ts on du t y.
• Com municates a l e rts to agencies regarding i n tr usi ons and comprom ises to the ir net work i n fr a s t ruc ture, appl ica t ions and ope r a ting s y stem s.
• R ecogn i z ed po ten ti a l, succe s sfu l, and unsucces s ful i n t rus ion a ttempts and compro m i ses thorough rev iews and ana l yses of re levant event de t a il and sum mary i n f o r m a tion.
• Performed prel i m inary fo r ens ic eva l uati ons of i n t e r nal sys tems.
• T a s ks o t her anal y s ts and d i rec ts ef f or ts to ana l yze the I DS and rem ed i a te secur ity i s sues f ound.
• T ra ined i ncom ing ana l ys ts in ro l es and r e s pons i b ili t i e s.
• Communi ca t es a ler ts to agenc i es reg a r d ing i n tr u s ions and comprom i s es to t he ir ne tw o rk i nf r as t ruc t u r e, app lica tions and opera t ing systems. A ss i s ts w i th i m p l e ment a tion of coun ter -measures or m it i ga t ing con t ro l s.
• G enera ted end- o f - s h i ft r epo rts for documen t a t i on and know l edge t rans fer to s ubsequent ana l ys ts on du t y.
• E va l ua ted f i rewall change reques ts and assess o r gan i za tional r is k.
• E n s ures t he integ rity and pro t ec t i on of ne t w o r k s, s ys t e m s, and app li ca t i ons by t echn i cal en f orcement of or gan i z a t i onal secur ity policies, t hrough moni tor ing of vulnerab i l ity s cann ing dev ices.
• Perfor med pe r i od ic and on- demand sys tem aud i ts and v u l ne r ab ili ty asses s men t s, i nc l ud ing u s er accoun ts, app lica tion acces s, f ile system and ex t ernal Web i n teg rity scans to de t e r m i ne compliance.
• Conducted ne t w o rk asse ss m en t s, t r aff ic ana l ys is ut i l i z ing PC AP, I DS and craf t ed sen s or ou tput
• Conti nuous ly mon i t or ing and perfo r m ing rea l - t i me i nc ident handl ing to ti mely t r i age a l er ts
• G enera ted and u t i l i zes a tt ack si gna t u r es, t ac tics, techn iques and procedures to a id in iden ti f ica tion of anomaly and zero day attacks.

Confidential,Rockville,MD

Incident Response/Forensic Engineer

• Coordinated remediation actions as necessary and performing initial analysis, identification and documentation of network intrusions.
• Handled incidence escalations as necessary between other analysts.
• Performed basic malware analysis and forensic analysis of network activity, disks, and memory
• Interpreted incoming incident reports, prioritizing them, and relate them to ongoing incidents and trends
• Conducted triage and analyzed threats/vulnerability alerts to determine current impacts affecting the company’s information assets.
• Initiated incident handling procedures to isolate and investigate potential information system compromises.
• Logged incidents into the Information Security Incident Management System and assist in generating weekly reports based on security incidents.
• Developed network baseline; maintains up-to-date signature levels; reports anomalies as required by Agency security.
• Identified various events boundaries and assisted in configuration of Splunk to apply custom metadata to incoming events.
• Analyzed U.S Certs indicators of compromise (IOCs) to recognize attacks from various area network area
• Research and recommends forensic tools to 2nd level analyst for improvement of productivity and accuracy of investigations.
• Executed processes within all activities within the security Incident response lifecycle that includes detection, triage, analysis, containment, and recovery
• Periodically scans for vulnerabilities using Tenable Security Center tool in accordance with implemented organizational policy and report findings in accordance with established procedures.
• Conducted security audit log analysis for Agency systems. Logs from firewalls, Intrusion Detection Systems (IDS), operating systems, RSA Analytics and other security appliances.
• Provided advice for suspected risks as well as recommended mitigating techniques and corrective actions.
• Provided technical guidance and assistance to others involved in the investigation to ensure precautions are taken to prevent data and equipment damage.
• Drafted technical manuals, security operation plans (SOPs), installation manuals, installation progress updates, and incident response plans in order to enhance system security documentation
• Monitored ARCSIGHT Console for events that are generated due to correlation of the events.
• Enforce IT processes to ensure consistent, well-integrated application structures in full compliance with the company’s procedures

Confidential, Washington D.C

Forensic and Data Analyst

• Identified vulnerabilities, recommend corrective measures and ensure the adequacy of existing information security controls.
• Performed security research, analysis and design for all client computing systems
• Use information technology tools and systems to track and report on work activities
• Recognized for outstanding quality of customer service with numerous customer-support awards and personal commendation from clients.
• Performed various special projects and assignments related to information technology/security
• Conduct computer forensics examination and analysis techniques by using Encase and FTK in order to properly preserve electronic and digital evidence, so that it may be presented in a court of law
• Provide custody of equipment used in crimes, including computers, thumb drives, CDs and DVDs, backup tapes, smartphones and digital cameras
• Generate files by using imaging software to copy data and disks
• Exploitation of file recovery programs to search for and restore deleted data
• Maintains the chain of custody for evidence
• Handle event incidents and tracking of system activities
• Created company policies and procedures governing corporate security, email and Internet usage, access control, and incident response.
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools.
• Assist with managing, updating, and identifying business requirements for the applicable tools used in the approval process
• Identified weaknesses in fielded configurations while performing system requirement analysis and design modifications