We provide IT Staff Augmentation Services!

Computer Network Defense Cnd Analyst Resume Profile

Charleston, SC

OBJECTIVE

To obtain an Information Security Analyst position that enables me to utilize technical skills/training, teamwork, dedication, and troubleshooting skills.

EXPERIENCE

Confidential

Computer Network Defense CND Analyst

  • Identifies malicious files and activity by performing analysis on IDS alerts that fire and determines if an event is a false positive or an actual incident that needs further investigation. Identifies malicious files and activities by proactively searching traffic logs for different indicators of compromise such as servers talking outbound with no referrals over port 443, noting new services created, or finding HTTP redirects to an executable.
  • Isolates incident by creating incident tickets when malicious data or activity is initially confirmed and initiating the start of deeper investigation.
  • Investigates incident to determine effect of incident such as validating if a malicious file is residing on a subscriber host and determining how many internal IP addresses are affected by such activity width and depth .
  • Informs watch officer and subscriber via incident ticket about the results of investigation. Requests compliance from the target site as well as offers suggestions of mitigation.
  • Implements solutions such as requesting an IP or domain block or wiping and re-imaging the host in order to prevent further related incidents from occurring.
  • Documents and reports lessons learned which are beneficial for future related incidents.

Confidential

  • Installed network infrastructure through campus with new IP security cameras
  • Performed computer image creation and deployment on ECPI student computers for the purpose of uniform configurations and available software for student use.
  • Configured and installed wired/wireless multimedia on ECPI network
  • Engaged in hardware and software issue identification and implemented solutions to resolve computer users' system and network access problems and restore them to full productivity.
  • Installed/configured network infrastructure in classroom computer labs
  • Installed iTalc monitoring software for instructors to monitor student computer utilization in classrooms of 18-20 student computers.

Confidential

Frozen Food Manager

  • Managed a frozen food department with over 50,000 of stocked merchandise
  • Adequately ordered products for shelves
  • Prevented potential financial losses by rotating product dates and monitoring refrigeration conditions
  • Exceeded customer satisfaction expectations by politely talking to customers, taking extra care in handling their purchased items, and being attentive

SPECIAL TRAINING

  • Wireshark Analysis
  • Network Defense and Countermeasures
  • IT Project Management
  • Windows Active Directory
  • Routing and Switching
  • Wireless Security
  • Windows Server 2008
  • UNIX Administration
  • Web Site Management
  • Network Security Concepts
  • Splunk Analysis
  • Network Administration Scripting
  • Computer Communications
  • Web Interface Design
  • Principles of Business Management
  • Microsoft Visio
  • Microsoft Office Suite
  • Microcomputer Upgrade and Maintenance
  • Customer Relations
  • Database and Database Scripting

SKILLS ACQUIRED

  • Identified indicators of compromise by means of IDS alerts and determined if they were false positives or actual incidents requiring isolation and further investigation
  • Used proactive means by searching all subscriber hosts for indicators of compromise such as servers talking outbound, programs running in the TEMP folder, or execution of possible unauthorized programs
  • Used Wireshark for packet capture PCAP analysis to identify downloaded objects, object hosting sites, and site references
  • Analyzed data flow reports in order to confirm width and depth of IP address communication and movement
  • Investigated subscriber hosts by accessing the machine's files and RAM remotely using Encase in order to confirm suspicious file residence and file execution
  • Carved objects from packet data and hashed MD5 them in order to check hashes for malicious data
  • Performed data translations such as Base64 and Hex in order to analyze file data
  • Utilized online searches for research on websites and their respective reputations that aid in analysis
  • Created tickets to inform supported subscribers of actual incidents and to suggest mitigation such as IP blocks or removing an infected host from the network to be wiped and re-imaged
  • Tested and performed operations of different operating systems using VMware Workstation
  • Performed installation and operation of Windows XP, Fedora, Ubuntu, Server 2003/2008
  • Set up user privileges and restrictions in Windows Server 2003/2008 by using group policy objects for certain permissions
  • Established multiple web sites and managed them using Windows Server 2008 in a virtual environment
  • Trained in the use of Cisco commands to configure and connect routers, switches, and configured Cisco routers in a VLAN environment
  • Diagnosed and corrected basic network issues
  • Acquired knowledge about different network security breaches and the methods used to counteract and prevent threats for example using a time-to-live on a packet to prevent a man-in-the-middle attack or by using network surveillance to notice abnormal patterns in the network such as unusual traffic flow that does not happen during peak times
  • Possesses understanding of the threat of social engineering and avoiding the disclosure of information that could compromise the security of a network
  • Experienced in the use of volt-ohm meters and oscilloscopes to determine voltage, current, resistance, and wavelength of a circuit
  • Identified resistors, transformers, and diodes based on numeric coding and deciphering color-code
  • Utilized lab time to build and troubleshoot circuits
  • Trained in the disassembly and reassembly of a computer tower along with identifying components within the tower

SC LABS IT PROJECT VOLUNTEER Confidential

  • Demonstrated teamwork and provided direction as Research/Development Team Lead
  • Researched information for client to provide suggested software to optimize the SC Labs network
  • Tested software found in research by creating a testing lab that simulated the SC Labs network
  • Collaborated with other team leads in the project to achieve timely success and client satisfaction
  • Provided useful documentation on installation, access, and utilization of Dan's Guardian and Squid
  • Created a WBS work breakdown structure to aid in timely achievements within project scope

Hire Now