Csoc Analyst Resume
TECHNICAL SKILLS
Database: Management, Configuration, Monitoring, Optimization, Backup, Upgrade.
Cybersecurity Tools: ArcSight, Carbon Black, BlueCat, CyberArk, Microsoft ATA, FireEye, Nessus. Wireshark, Splunk
Cyber Security: Vulnerability Assessment, Penetration Testing, Security Audit, Compliance, SIEM, Data Loss Prevention, Malware Analysis, Endpoint Security
OS: Windows Client and Server, Linux Client and Server, MAC, Kali Linux
Networking: TCP, UDP, IP, Router, Switches, Server, Network Troubleshooting
Security Devices: Firewall, IPS, IDS, Palo Alto, Update and Patch Management
PROFESSIONAL EXPERIENCE
Confidential
CSOC Analyst
Responsibilities:
- Experienced with Carbon Black Detection tool and managed Alert Monitoring and Triage.
- Experienced in log analysis, proactive monitoring, mitigation, and response to network and security incident.
- Analyse security event data from the network (IDS sensors, firewall traffic).
- Used SERVICE+ tool created a ticket and (Assigned to Team)
- Experienced with ArcSight Enterprise Security Manager (ESM) that comprehensive threat detection, analysis, triage, and compliance management SIEM platform that dramatically reduces the time to mitigate cyber - security threats.
- Able to perform security control assessment in using NIST 800-53A guidance.
- Experienced in a BlueCat and applied the visibility into network traffic, and better protection against phishing, malware, and other threats.
Confidential
Cyber Security Specialist
Responsibilities:
- SOC analysis and SIEM experience with Splunk queries, create dashboards and reports, and be familiar with Enterprise Security (ES).
- Able to perform security control assessment in using NIST 800-53A guidance.
- Experience with packet analysis tools such as WireShark.
- Experience with sniffers, packet capture and netflow tools including Wireshark.
- Experience with testing tools such as: Burp Suite, Nmap, Snort, sqlmap.
- Experience with scan/assessment tools such as Nmap, Nessus, Burp Suite, and Core Impact.
- Utilizing data management, data governance, and process improvement to optimize operations.
- Ability to continuously monitor systems to ensure security controls are implemented, operate as intended.
- Design and implement safety measures and data recovery plans
- Act on privacy breaches and malware threats.
Confidential
Analyst
Responsibilities:
- Protecting information from unauthorized access, duplication, modification, or destruction.
- Running vulnerability tests and updating defensive protocols and systems accordingly.
- Wrote a stored procedure to audit SQL servers, establish and enforce security auditing mechanism, performance tuning, and optimization.
- Able to perform security control assessment in using NIST 800-53A guidance.
- Ability to monitor the security performance of enterprise systems.
- Experience in automation jobs for different database related activities including backup, monitoring database health, disk space, and backup verification.
- Ability to continuously monitor systems to ensure security controls are implemented, operate as intended.
- Knowledge of network mapping, vulnerability scanning, penetration testing, and Web Application testing.
- Strong understanding of Microsoft Active Directory and Group Policies.
Confidential, MD
SOC Associate
Responsibilities:
- Security monitoring and incident response services required by the business.
- Intermediate experience with Wireshark.
- Protected Client’s Digital Assets (including Industrial Control Systems) to a level of CIA
- Internal SME, relating to intrusion detection and incident response.
- Knowledge of FISMA and NIST 800 series standards.
- Knowledge of network mapping, vulnerability scanning, penetration testing, and Web Application testing.
- Comprehend and articulate the Security perspective and engage with Splunk Product teams on Splunk features and roadmap.
- Expertise in McAfee always alerts when there is a concern about a site being visited,
- Experience on Protect Against SQL Injection.
Confidential
Cyber Security Consultant
Responsibilities:
- Ensure the SOC analyst team is providing excellent customer service and support.
- Log analysis, proactive monitoring, mitigation, and response to network and security incident.
- Analyse security event data from the network (IDS sensors, firewall traffic).
- Perform static and dynamic malware analysis on virtual servers with proper documentation and steps for removal on infected systems.
- Support continuous monitoring and FISMA compliance.
- Knowledge of FISMA and NIST 800 series standards.
- Experience working in a SOC environment.