SUMMARY:

• Highly self - motivated and results-driven IT professional with more than 6years in information security risk management, security policy management, and other security practices including, Assisting analyst investigation and ticket creation efforts, Providing daily monitoring and alerting of events that occur within the near real time environment, Staying informed of current events in the security industry including the latest exploits and threats as well as Preventative measures, Remediation, and Restoration techniques, Monitoring, Evaluating, and assisting with the maintenance of assigned security systems. Detail-oriented, analytical and methodical with critical thinking to resolve work issues even under stressful work conditions. Well-organized and resourceful with multitasking skills that optimize limited resources to achieve outstanding results from concurrent tasks with or without supervision. Teamwork synergies with colleagues across diverse ethnicities.

TECHNICAL SKILLS:

• MacAfee EPO
• MacAfee NITRO
• SPLUNK
• QUALYS/WebINSPECT
• WIRESHARK
• SNORT/CARBON BLA
• Tenable NESSUS
• SERVICE NOW
• SYMANTEC
• IDS/IPS
• TCP/IP protocols
• VIRUS TOTAL
• WebINSPECT
• REMEDY
• WINDOWS
• VMWARE
• WINDOWS SERVER
• Kali LINUX
• AWS CLOUD
• Oracle DBA
• EXCEL
• WORD
• POWERPOINT
• VISIO
• ONENOTE
• ONEDRIVE
• OUTLOOK 365
• FISMA
• FEDRAMP
• NIST
• SANS20
• OWASP Top10
• OSI

PROFESSIONAL EXPERIENCE

cybersecurity analyst

Confidential, Greenbelt, MD

• Monitor client networks for security events and alerts clients to potential (or active) threats, intrusions, and/or compromises. (Splunk, RSA)
• Investigate network traffic for potential security incidents using. (Nitro, RSA, Splunk).
• Conducts research on and maps out response to emerging threats, including understanding the level of impact and exposure to our customers. (Splunk, Nitro)
• Proactively communicating to internal business unit staff and customers on a regular basis updates on emerging threats.
• Develop follow-up action plans to resolve reportable issues, and communicate with the other technologists to address security threats and incidents
• Document investigations using tickets via ServiceNow ticketing system.
• Perform triage of service requests from internal teams, act as a subject matter expert for advanced technology, architecture and threat-related questions from internal staff. (Splunk, Nitro, RSA).

cybersecurity analyst

Confidential, GAITHESBERG, MD

• Managing the detection, validation, analysis, prioritization and resolution of security incidents in a team environment to include technical IT staff, end users, and stakeholders.
• Utilizing information technology service management tools such as Enterprise Remedy to create, maintain, track, and escalate security incidents tickets based on the predefined criteria.
• Responsible for gathering, documenting, analyzing and producing security incident-based metrics for executive level management.
• Perform analysis and diagnose client issues while demonstrating an understanding of the TI environment and the project scope.
• Monitoring security policy compliance, breach notifications and attempts to gain unauthorized access in accordance with defined procedures.
• Collect, analyze, and enrich event information and perform threat or target analysis duties. provide analysis and monitoring of systems to identify suspected malicious or other unauthorized activity across our systems and networks.
• Provide first level response for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches.

cybersecurity analyst

Confidential, Rockville, MD

• Investigate network traffic for potential security incidents
• IDS monitoring and analysis, network traffic and log analysis, prioritization and differentiation between potential intrusion attempts, determination of false alarms, insider threat and APT detection, and malware analysis/forensics
• Investigate events, alerts and tips to determine if an incident has occurred
• Monitor and track work via ticketing system
• Stay up to date with current vulnerabilities, attacks, and countermeasures
• Develop follow-up action plans to resolve reportable issues, and communicate with the other technologists to address security threats and incidents
• Analyse Mcafee alerts
• Report common and repeat problems (trend analysis) to management and propose process and technical improvements.
• Monitor user activities and events using splunk queries

CyberSecurity specialist(

Confidential, MD

• Investigates analyzes intrusion events using McAfee SIEM, McAfee IPS, FireEye HX, Blue Coat Reporter, Security Analytics, WAF Imperva, Symantec Endpoint Protection Manager, Mandiant Red Line, Stealth bits to respond to incidents
• Conduct analysis on logs produced by network devices utilized within the OCC such as firewalls, content filtering, syslog from various sources/devices, assorted Intrusion Detection capabilities, substantiating vulnerability scanner results (Qualys), directory services, DHCP logs, Secure Email Gateway logs, and approved OCC applications.
• Utilized the Intel McAfee SIEM to monitor network and conduct analysis, while integrating results and information needed to protect the OCC enterprise. This includes developing customized signatures, enterprise content filtering, or firewall, ACL change recommendations.
• Provide security events analysis and support to include identifying potential threat, anomalies, and infections, documenting findings, providing recommendations within the OCC's incident management system, performing triage of incoming security events, performing preliminary and secondary analysis of those events, and validating events

SOC analyst

Confidential, ROCKVILLE, MD

• Analyzed information from a wide range of sources, including 'honeypots', suspicious emails, spam and URLs from ISPs, (Google, Yahoo, AOL, Earthlink, Microsoft) Internet newsgroups, domain name registration zone files, and authoritative DNS and caching servers
• Performed Fraud monitoring to enable expedient prediction, prevention, detection, and Technical, Administrative, countermeasures, shut down of online phishing / malware / Virus/ vishing attacks, for many Banks all over the world and some government agencies
• Analyzed information from a wide range of sources, including 'honeypots', suspicious emails, spam and URLs from ISPs, (Google, Yahoo, AOL, Earthlink, Microsoft) Internet newsgroups, domain name registration zone files, and authoritative DNS and caching servers
• Investigated and analyzed IP based, Domain based URLs DNS records, NS lookup, whois, IP whois, smart-whois, and xwhois records and established communication with registrars, ISPs, Hosting firms, webmasters, and the domain owners for removal of fraudulent directories
• Coordinated many medium / large scale tasks/projects
• Evaluated software and network applications and recommends solutions for their optimal and efficient performance
• Used Early Warning System (EWS) and Net-Cool systems to fraud-cast, DNS poisoning monitoring, including detection of pharming scams

it support

Confidential, Confidential, MD

• Install, assemble, maintain, configure, troubleshoot and upgrade computer hardware, software, networks, and other peripheral equipment such as printers, scanners, faxes, and related hardware.
• Outlook 365 setup and pts file transfers
• Maintains current knowledge of hardware, software and network technology and recommends modifications as necessary.
• Microsoft Active Directory& Microsoft Windows 2008 server troubleshooting experience.
• Networking experience to include understanding TCP/IP and DNS.
• Highly motivated and have excellent customer service skills with the ability to interface with all levels of staff.
• Respond to user requests for technical assistance.
• Providing basic troubleshooting to users attempting to connect to the network remotely.
• Interact with network services, software systems engineering, and/or applications.
• Basic knowledge of Active Directory, Group Policy, DNS, DHCP, and TCP/IP.
• Experience with Windows operating systems, MAC OS, Linux.