SUMMARY:

An Information Systems professional who has a background in Systems Administration, Security Engineering, and IT Security with Masters. I am always looking for opportunities to increase my Knowledge in the IT area. An Information Security expert with focus on Cyber security Splunk, continuous monitoring, access control and compliance. Performed IT and security risk assessments and audits on multiple companies and performed corporate risk analysis Entrusted with large volumes of sensitive information recognizing privacy and confidentiality requirements.

TECHNICALSKILLS:

Splunk, Sentinel One, SIEM, Akamai, e Drive Encryption, McAfee, Imperva DAM, WIPS, Proxy, Crowd Strike, Data Pipe, DDos Analysis, Bot Detection NCDC, EVTK Tool, Bit9, Zscaler, Scansafe, FireEye, DNS logs, Shield Ticketing System, Service Now, Cireson, BlueCoat, Symantec DLP, Cisco IronPort, Nexpose, Coalfire.

PROFESSIONAL EXPERIENCE:

Cyber Security Analyst

Confidential, Tulsa, Oklahoma

Responsibilities:

• Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies
• Administrative duties monitoring Outlook email using Cisco IronPort security
• Monitoring of security events in the SIEM, as well as other security feeds, and communications (email, phone, chat, and other communications.
• Reviewed client mobile applications for security compliance, with a focus on malware and potentially harmful behavior.
• Security incidents to provide management oversight to the incident process.
• Perform tuning of the Security Incident and Event Manager (SIEM) filters and correlations to continuously improve monitoring
• Triage security alerts and events.
• Manage IDS/IPS systems as well as handled incident response.
• Discovered methods and implemented strategies to target specific networks, computer systems, specific hardware or software.

Information Security Analyst

Confidential, Wakefield, MA

Responsibilities:

• Security operations, monitoring, incident response and investigation
• Tuning and updating security tools including SIEM (McAfee ESM \ Nitro), IDS/IPS, DLP, Web Proxy.
• Develop content and workflows as required.
• Respond to incidents by analyzing digital evidence and ensure proper documentation and tracking
• Provide intrusion detection expertise to support timely and effective decision making.

Cyber Security Analyst

Confidential, Beaverton, OR

Responsibilities:

• Hands - on experience with Splunk dashboard development, created application dashboards monitoring, configuration of splunk as well as applications deployment and related technical add-ons.
• Identify Proxy logs Using Splunk and Crowd Strike depending on the threat detected.
• Identification of Phishing Emails on Confidential s Network.
• Conduct log analysis, proactive monitoring, mitigation, and response to network and security incident.
• Provided continuous monitoring and interpretation of threats through use of intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed
• Proactively monitor, identify, and remediate information security events and intrusions.
• Responsible for the continuous surveillance, analysis, mitigation, remediation and incident management using the Confidential Cyber Defense Center’s suite of tools.
• Perform log analysis utilizing Splunk and various other security software and tools.
• Worked on SailPoint IIQ for User access management procedures and policies.
• Respond to security events and drive issues to closure while engaging all appropriate resources.
• Create new Standard Operating Procedures while also maintaining and updating current ones as changes happen.
• Stays current on security technologies, trends, standards and best practices.
• Perform log analysis and monitor and respond to security events driving issues to closure engaging all appropriate resources.
• Responsible for document preparation of NCDC daily Report.
• Document security process and procedures
• Perform actions using Bulk UPMID s Reset & Revoke tool.
• Provide enforcement of security policies, standards and procedures.

Information Security Analyst

Confidential, ENGLEWOOD, CO

Responsibilities:

• Performed real-time proactive Security monitoring and reporting on various Security enforcement systems, such as NITRO (SIEM) , Anti-virus, Internet content filtering/reporting, malware code prevention, Firewalls, IDS & IPS , Web Security , Anti-spam, etc.
• Provide Level 2 Operations support for end user resolution investigating RSA SIEM events to determine any true intrusions.
• Identifying and remediating any threats and vulnerabilities as a Security Monitoring (SOC), Triage and Escalation to T2.
• Documenting incident results and reporting details through ticketing system
• Monitoring DDoS portals and alerting the team by reporting them using pager and opening the bridge call.
• Performed Risk and security assessments, compliance management analysis
• Providing half an hour updates on traffic by monitoring portals from ISP’s.
• Triaging emails sent by internal users depending on the categories and responding to the customers after investigating the emails.
• Researched and Supported Information Security Standards.
• Subpoena requests, Credit Card Number Analysis to prevent fraud on external customers.
• Provide Rotation 24/7 On Call support.
• Formulated and configured Logger appliances and analyzed system anomalies.
• Designed and developed Arc Sight architecture components and related upgrades.
• Prepared system plans and executed Arc Sight architecture modifications.
• Managed, upgraded and maintained operational data flows and Arc Sight platforms.
• Maintained and modified hardware and software components, content and documentation.
• Created and documented reports, rules, trends and Dashboard.
• Analyzed Arc Sight and related tools and resolved IT security failures.
• Provided guidance for equipment checks and supported processing of security requests.
• Experience in Network Intrusion detection/Intrusion Prevention System and Firewalls.
• Utilize Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tools
• Security Incident handling, SIEM (ESEM) using RSA Envision/Arc Sight products.
• Excellent exposure to Database, VPN technologies, and Firewalls.

Security Operations Engineer

Confidential

Responsibilities:

• Analyze system logs and identify potential issues with computer systems .
• Maintained and modified hardware and software components, content and documentation.
• Initiated and integrated new technologies into existing data center environments.
• Responsible for maintaining availability, reporting and communication of the SIEM between it, its event-sources and the endpoints .
• Communicate and troubleshoot technical inquiries of co-workers and clients.
• Research methods to improve security through encryption to maintain security of information.
• Responsible for monitoring and, providing analysis in SIEM, IDS/IPS software tools.
• Create and maintain high-quality documentation of all relevant specifications, systems , and procedures.
• Assist in the development of processes to maintain business continuity and recovery standards for endpoint systems and networks.
• Excellent exposure to Database, VPN technologies, and Firewalls.