SOC Analyst Resume Eagan, MN - Hire IT People

SUMMARY

IT Security Analyst with 4 years of experience performing analysis, troubleshooting to identify, and provide solutions.
Provided incident management and compliance support across the enterprise infrastructure.
Monitored and analyzed network traffic using SIEM alert tools.
Security policies interpretation and implementation requirements to ensure confidentiality, integrity, availability of information, systems and network.
Monitored security events, correlated information, and identified incidents, issues, threats, and vulnerabilities.
Experienced in various environments as SOC, SOX and PCI.
Knowledge on ISO 270001/2 standards and Regulations.
Performed SOC operations to include IDS event monitoring and analysis, security incident handling, incident reporting, and threat analysis.
Performed in - depth analysis of all suspicious, malicious, or anomalous events.
Performed user-level operations using SPLUNK log monitoring tool.
Developed assessments and reports on daily trends of incidents and security events.
Administered and maintain user access controls, processes, and procedures to prevent unauthorized access, modification, or misuse of resources.
Familiar with security regulations and standards.
Good understanding of risk management framework.

TECHNICAL SKILLS

Operating systems: Windows 2000/ Windows 2003/XP/Vista/2007/8 server, Linux

SIEM Tools: SECURONIX, SPLUNK, SolarWinds

Event management: Splunk, McAfee

IDS/IPS: Watchguard

Firewall / Cloud: Fortinet( FortiGate ), Palo Alto / Fortiweb (Cloud)

Other Tools: DigiCert, Symantec DLP (Vontu), TPAM

Penetration Testing: Wireshark

Endpoint Security: Tanium, Symantec endpoint management, Symantec server management(PGP)

Ticketing Tools: Archer, ServiceNow

Email Security: Symantec Email Security.cloud

Encryption: Symantec PGP, PGP WDE

PROFESSIONAL EXPERIENCE

Confidential, Eagan, MN

SOC Analyst

Responsibilities:

Experience in supporting a comprehensive SIEM architecture to support real-time security monitoring operations and managing security information and event management (SIEM) infrastructure.
Providing security operations center (SOC) services to monitor a variety of security platforms (TANIUM, PGP Mail encryption, Whole disk encryption, TPAM)
Monitoring system changes to ensure HIPAA security compliance
Worked on web based intrusions detection/ intrusions prevention (WIPS) and firewall (FORTINET).
Able to check the health of organization’s security and update the policies using Symantec Endpoint Protection Manager(SEPM).
Knowledge of disaster recovery processes and planning and capture the information using the ticketing tool (SERVICE NOW).
Hands on experience with tools like DIGICERT and SOLARWINDS.
Able to investigate security incidents using various tools in security incident detection processes and runbooks.
Able to perform daily log analysis and data reporting for various log sources using SIEM applications.

Confidential

Senior SOC Analyst

Responsibilities:

Performs real-time monitoring, analysis, reporting and investigation of security incidents on Archer and handle escalated security incidents from multiple sources including events like Network intrusion detection.
Work on task assigned by leadership that involves coordination with other departments. Create playbooks and Knowledge Base documents on incident analysis for junior analysts
Ensuring the SLAs is met as per the service management contract.
Research and test new security tools/products and make recommendations of tools to be implemented in the SOC environment.
Threat / Malware analysis and provide remediation.
Hands on experience with VONTU (SYMMANTIC DLP), SECURONIX and PALO ALTO firewall.
Applying Agent level filters, creating Aggregation, rules.
Creation of custom correlation rules and baselines which is suitable for customer infrastructure.
Good understanding on Incident management process and good work experience in ticketing tools (ARCHER).
Direct customer interaction while handling incidents and providing the best mitigation strategies to the incidents based on severity.

Confidential

SOC Analyst

Responsibilities:

Monitor client networks for security events generated by firewalls, IDS/IPS, anti-virus, and other systems.
Analyze security incidents and tunes systems to eliminate false positives.
Track suspicious activity and events.
Serve as the SOC’s initial point of contact for all users.
Escalate critical and complex events to senior security staff.
Diagnose issues and makes decisions in a real-time environment.
Help facilitate and coordinate tasks/projects across multiple resources.
Remotely monitor networks during any assigned on-call rotation.
Perform vulnerability scanning and social engineering engagements.