Cyber Security Analyst Resume
4.00/5 (Submit Your Rating)
SUMMARY
- He is a computer forensic investigator, with experience in APT intrusions involving payment gateway data breaches, nation state attacks and industrial espionage.
- Through learning and experience, he has gained industry noledge providing a good level of understanding of incident response and intrusion forensics methodologies and tools.
- He currently works for Confidential UK in the defense industry and is responsible for monitoring, auditing and protecting Confidential UK infrastructure.
- Industry experience as part of CSIRT, SOC, Security Operations and Investigations Team in a data regulated and mission critical environment.
- Experience in responding to and containing security incidents such as crime ware, data breaches and advanced targeted attacks following a standard incident handling life cycle.
- Experience in dealing with APT and TTP attacks from different threat levels.
- The ability to create a response and remediation plan during and after an incident.
- Ability to make real - time key decisions under pressure across heterogeneous and unstructured environments.
- Ability to report key findings in a clear and concise manner both at a technical and senior management level.
- Knowledge of TCP/IP networking with the ability to perform network forensic analysis.
- Good understanding of underlying service protocols such as HTTP, HTTPS and DNS.
- Knowledge working with security information and event management tools.
- Understanding of client-server infrastructures, security architectures and related logging and alerting.
- Good understanding of file system analysis including FAT, NTFS, HFS+ and EXT2/3/4 and ability to find and extract common disk based indicators of compromise.
- Knowledge of Windows, Linux and OS X system internals with emphasis on memory structures and ability to find and extract common memory based indicators of compromise.
- Experience conducting malware analysis activities through behavioral techniques for dynamic analysis and reverse engineering.
- Limited experience with scripting languages such as WMIC, PowerShell, Batch and Python in incident response environments.
- Experience in analysing network traffic and alerts from various sources in order to determine the cause of it.
- Limited experience working with YARA and SNORT rules.
TECHNICAL SKILLS
Operating Systems: Windows, Linux, Unix, Mobile OS's
Host Analysis: GRR, EnCase, FTK, XRY, TSK, Log2Timeline, Volatility Framework, ELK Stack, SIFT Workstation, Cuckoo, Viper
Network Traffic: Wireshark, TCPdump
Monitoring Tools: SIEM (QRadar, AlienVault, LogRhythm, Splunk, Alert Logic, Elastic Stack), AV (Sophos, McAfee), Malware Detection (McAfee, CISCO, F-Secure, FireEye, Wildfire)
PROFESSIONAL EXPERIENCE
Cyber Security Analyst
Confidential
Responsibilities:
- Examining system logs and threat intelligence about the normal activities of the system to allow a history of events to be reconstructed, making use of appropriate forensic techniques and technologies.
- Conduct detailed analysis and investigation of alerts generated via SIEM, IDS/IPS and other related data sources.
- Responsible for developing, researching and maintaining proficiency in tools; including researching techniques, countermeasures and trends in computer and network vulnerabilities, data obfuscation, and malware analysis.
- Evaluate and implement intelligence regarding new threats and vulnerabilities and ensure detective controls are updated to detect new attacks.
- Carry out analysis to determine the root cause of events, and to provide incident response and reporting in support of operational TEMPeffectiveness.
Incident Response Investigator
Confidential
Responsibilities:
- Primary responsibility is to work with MWR's clients to deliver Investigations and Incident Response services.
- The role involved performing intrusion forensics by identifying unauthorised access into network estates.
- Gained experience from working with a large set of clients from different global industries which gave me the exposure to different environments and architectures.
- Acquainted to work in SOC environments. Some of these involved APT attacks, ransomware, fraud and phishing.
- Developed forensic laboratory, incident response procedures and first responder training.
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
