SUMMARY:

• An experienced Security analyst with Bachelor’s in cyber security and Information Assurance from the Confidential and more than seven years of IT experience.
• Certified SSCP, Security+, Network+ and CIW - WSA and ITIL professional. Detail-oriented and with strong technical background and great interpersonal skills.
• Professional with strong knowledge in in MITRE’s, and deep knowledge of log analysis, SIEM administration/tuning, and security events correlation and triaging.
• Skillful and proficient in effective documentation, reporting and projects management. A dependable, hardworking, and smart professional with great work ethics.

TECHNICAL SKILLS:

• SIEMS:: Splunk, ArcSight
• Endpoint Protection:: SCCM, BigFix, CrowdStrike, SEP, McAfee Significant experience in Data loss prevention (DLP): Symantec, Checkpoint.
• Email & Web Security:: Cisco IronPortProficient with the use of vulnerability scanning and assessment tools (e.g., ACAS/Nessus) necessary to identify and document security vulnerabilities. Experience conducting investigations and vulnerability assessment on endpoints. Ability to identify, interpret and evaluate major applications, infrastructure, enclaves, and Enterprise system environments based on proposed accreditation boundaries. Proficient in conducting audits of corporate documentation to determine compliance with risk policies.
• Capability to effectively multi: task, prioritize work, and handle competing interests

PROFESSIONAL EXPERIENCE:

Confidential, Fayetteville, GA

Soc Analyst

Responsibilities:

• Monitors agencies sensors and SOC (Security Operation Center) systems for incidents and malicious activity
• Perform security analysis and identifying possible vulnerabilities in eliciting the key derivation function, create Vulnerability Assessment report detailing exposures that were identified, rate the severity of the system & suggestions to mitigate any exposures & testing known vulnerabilities.
• Put together E-Business Operations documentation for the Symantec Endpoint Protection Management environment
• Responsible for maintaining availability, reporting and communication of the SIEM between event-sources and the endpoints
• Perform static and dynamic malware analysis on virtual servers with proper documentation and steps for removal on infected systems.
• Responsible for the management, design, and dissemination of relevant data from the global security information and event management (SIEM) system.
• Execute daily vulnerability assessments, threat assessment, and mitigation and reporting activities in order to safeguard information assets and ensure protection has been put in place on the systems.
• Conduct log analysis, proactive monitoring, mitigation, and response to network and security incident. Analyze security event data from the network (IDS sensors, firewall traffic).
• Administrative Office 365 (Exchange Online, SharePoint Online, and skype for business (Lync)
• Implemented and configured firewall changes within the Symantec Protection environment according to Internal Compliance approved Specifications/recommendations.
• Implemented and configured firewall changes within the Symantec Protection environment according to Internal Compliance approved Specifications/recommendations.
• Interacts with end users, including first responders and explosive experts, identifying and aligning user needs with Tripwire resources
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through analysis of relevant event logs and supporting data sources. Utilized Sourcefire, Wireshark.

Confidential, Atlanta, GA

SOC Analyst

Responsibilities:

• Performed network security monitoring and incident response for numerous clients.
• Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
• Monitors and analyzes Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify security issues for remediation.
• Creates, modifies, and updates Security Information Event Management (SIEM) rules.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information.
• Evaluates/deconstructs malware (e.g. obfuscated code) through open-source and vendor provided tools. infrastructure, applications, and operating systems.
• Prepares briefings and reports of analysis methodology and results.
• Creates and maintains standard operating procedures and other similar documentation.
• Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks.
• Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty

Confidential , Atlanta, GA

Information Security Analyst

Responsibilities:

• Investigated, documented, and gathered information on data security recommendations to protect
• Led intrusion detection, vulnerability management, and PKI and participated in auditing, incident
• Determined the internal control measures and ensured its strict implementation.
• Developed and documented security evaluation test plans and procedures
• Assisted with planning and execution of domain integration, user account, and e-mail migration
• Adhered to and enforced corporate policies regarding network security, data, and software usage
• Kept the business units updated with the changes in the applicable policies, standards, and procedures
• Process re-engineered business protocols to meet the high demand of a changing business environment
• Create, modify, and disable user accounts base on authorized forms
• Developed annual compliance strategy and materials for the business units.
• Facilitate changes in the overall organizational policies to ensure alignment with the industry standards.

Confidential, Douglass, GA

Data Loss Prevention Analyst

Responsibilities:

• Enforced DLP security policies and performed event analysis through use of systematic DLP to ensure the protection of networks, systems, and applications
• Monitored DLP information security alerts though the use of available DLP tools to respond, triage, and escalate as needed.
• Analyzed event/alert patterns to properly interpret and prioritize threats with available DLP tools and other data protection devices.
• Identified trends and drove requirements aimed at improving and enhancing existing data loss prevention detection policies.
• Provided support to projects that enhance reporting, workflow, change/incident/problem management.
• Provided technical advice and input for the support of integrated security systems and solutions.
• Assisted with incident management in the events of a suspected security breach of data

Confidential, Alpharetta, GA

Service Desk Analyst

Responsibilities:

• Analyzing client's problems and providing instant and long-lasting solutions on hardware, software, and network issues
• Installing and upgrading hardware and software and configuring systems and applications
• Performing preventive maintenance at clients' offices as well as at company
• Creating login IDs and password for employees to access workstations
• Recording, tracking, and documenting problem-solving process
• Preparing shift handover reports and updating daily status reports
• Provided Tier 1 and Tier 2 technical support to clients on software and hardware issues
• Researched and recommended installation of advanced applications and anti-virus software
• Maintained end users’ workstations, laptops, and electronic devices
• Prioritized and escalated problems to Tier 3 level and followed up with solutions
• Worked on ticket systems and tracked help desk requests
• Visited employee's workstations, analyzed root cause of problems, and delivered solutions