SOC Lead Resume

SUMMARY:

Currently working as a Security Operations Center Lead responsible for investigating and eradicating major information security incidents across the Bechtel enterprise.
Proven capacity to drive all phases of incident response
Proficient in conducting investigations on compromised workstations and servers
Solid understanding in digital forensics and incident response
Ability to work extremely well under pressure while maintaining a professional image and approach
Capable of simultaneously managing multiple efforts
Aptitude to exercise discretion and maintain confidentiality

PROFESSIONAL EXPERIENCE:

SOC Lead

Confidential

Shift lead, responsible for two analysts, of a 24x7 security operation center that performs real - time monitoring and incident handling.
Handling of complex DFIR investigations in a wide array of disciplines, including APT investigations, Spear-Phishing campaigns, and Compliance investigations.
Implement and Maintain Extensive Security Operations Policies and Procedures documentation.
Utilizing Splunk as a SIEM: Create customized event correlations, searches, regular expressions, dashboards, and reports.
Perform Host-based forensic analysis on popular operating systems (Window, Linux, OSX) utilizing various tools such as EnCase, FTK, MIR, GRR, Volatility and other open source tools.
Identify Indicators of Compromise through static and dynamic analysis of commodity and 0-day malware.
Research and analyze a wide variety of commodity and APT based malware and techniques

TECHNICAL SKILLS

Host-Based Forensics, Memory Forensics, Network-Based Forensics, Splunk, Wireshark, EnCase, MIR, GRR, Intella, Python