We provide IT Staff Augmentation Services!

Soc Analyst Resume

Silver Spring, MD

SUMMARY:

  • Security professional with over 4 years of experience who is seeking Confidential position with Confidential company that will allow me to challenge myself, and to utilize my skills in Risk Assessment, Continuous Monitoring, Authorization
  • Assessment, and Compliance, to help the company achieve their mission in protecting the Integrity, Confidentiality and availability of their IT infrastructures.
  • Detailed knowledge of Certification/Authorization and Accreditation ( Confidential & Confidential ) and working with FISMA Law
  • Working knowledge of NIST 18, 37, 53Ar4, 60 vol2, 61 Rev2 as well as FIPS 199 and 200
  • Familiar with performing continuous monitoring, incident management, vulnerabilities scanning and Risk assessment
  • Experienced Reviewing and creating POAM, SSP, SAR, SCF, PTA, PIA, RTM, ATO Packages, and various artifacts
  • Experienced working with IT security SIEM tools such as Wireshark, Sourcefire, Snort, and Nessus to monitor Confidential network
  • Knowledge and understanding of attack methods types and their usage in targeted attacks such as phishing and malware
  • Strong analytical skills, problem solving skills and communication skills
  • Proficient with Microsoft Office (MS Word, Excel and Power Point)

PROFESSIONAL EXPERIENCE:

Confidential, Silver Spring, MD

SOC Analyst

Responsibilities:

  • Monitor Network Traffics, alert, intrusion attempts and documented report of security breach to the management team
  • Assist in tracking unresolved weakness to ensure they were mitigated based on the organization securities baselines
  • Perform vulnerabilities scanning using Nessus to ensure securities controls were operating effectively and to detect flaws
  • Use Remedy ticketing to create tickets and track investigations from start to close
  • Work with TCP/IP to maintain network infrastructure including Network, routers, switches, and firewall
  • Review audits/ activities logs for systems violations, evidence of malicious activity, and maintained POAM
  • Train new employees and perform various tabletop exercise on how to handle various incidents
  • Analyze and review security findings, scans and publish report metrics for clients
  • Work with others engineers to maintain hardware’s, perform OS updates and policy reviews
  • Examine firewall, database, and other log sources to identify malicious activity
  • Research the latest Information Technology trends and recommended security enhancement to the management team
  • Perform vulnerability scanning, triage, detection and wrote reports
  • Support review of policy, security alerts, regulations and technical advances in IT security management
  • Schedule, and attend weekly meeting for lesson learned, after action review, as well as security advices and updates
  • Creates and conducts risk assessment programs to identify areas of potential vulnerability for applications within the agency’s application suite.
  • Monitor the Remedy® queue, manage and respond to trouble tickets

Confidential, Nashville, TN

Security Analyst

Responsibilities:

  • Conducted kick off meetings in order to categorize agency's systems according to NIST requirements of Low, Moderate or High system.
  • Gathered data and documentation in support of the SA& Confidential ’s and annual security assessments
  • Managed and tracked POA&Ms and their remediation using Excel and provided federal management with weekly status.
  • Advised stake holders and the ISSO concerning the impact level for confidentiality, availability and Integrity of their systems
  • Determined securities controls effectiveness (meeting security requirements and controls operating correctly)
  • Documented, review and update required artifacts for security assessment using NIST SP and Sans 20 as Confidential guide
  • Reviewed security documents such as POAM, SSP, SAR, BIA, PTA, PIA, MOU, RTM, and ATO packages
  • Contributed to initiating FISMA metrics such as annual testing and program management
  • Assisted in the development of Privacy Threshold analysis, SORN, Privacy Impact analysis and E - authentication
  • Performed vulnerability scanning using tools such and Nessus and WebInspect to analyze the network to detect malwares
  • Evaluated threats and vulnerabilities based on Tenable reports, as well as intrusion attempts and conducted risk assessment
  • Performed vulnerability assessments as necessary

Hire Now