Information Security Specialist Resume
5.00/5 (Submit Your Rating)
Matawan, NJ
PROFESSIONAL SUMMARY:
- An experienced Information Technology professional with 3 years of experience working in network administration, implementation, configuration, application infrastructure design, and Security Operation Analyst/Incident Response Analyst. Ability to interpret and prioritize threats using Intrusion Detection/Prevention Systems: Security Information/Events Management (SIEM). I am experienced in coordinating with various teams, vendors and end users in planning, implementing, and resolving security related issues with the ability to adapt to new technologies and able to work under minimal supervision.
TECHNICAL SKILLS:
Ticket Systems: Archer, Service Now, Remedy.
Open Source Intelligence Tools: VirusTotal, AbuseIP, Cisco Talos, Urlvoid, Urlscan.io etc.
PROFESSIONAL EXPERIENCE:
Confidential, Matawan, NJ
Information Security Specialist
Responsibilities:
- Monitors and responds to security breaches/viruses/intrusions while performing deeper forensic investigations utilizing SIEM, EDR/PP, and other forensic technologies.
- Troubleshoot security and network problems and implements solutions to information security problems.
- Provides first and second level support, identifying the root cause, security gap, and providing recommendation.
- Oversees the assessment of information security systems.
- Operate at the primary point of contact for any event while tracking the development of the ticket.
- Conducts forensic investigations and analysis to support cyber incidents reported to the Incident Response team.
- Collaborates with team members to develop new protocols, layers of protection, and other proactive and defensive systems that stay one step ahead of cyber criminals.
- Guards all company data, particularly sensitive data from both internal and external threats by designing broad defenses against would - be intruders.
- Collects data on current security measures for risk analysis and write regular systems status reports.
- Conducts vulnerability testing to identify weaknesses and collaborate with cybersecurity team to update defensive protocols as necessary.
Confidential, Brooklyn, NY
Security Operation Center Analyst
Responsibilities:
- Conducts analysis of network traffic and host activity across a wide array of technologies and platforms.
- Handles incident response activities such as host triage and retrieval, malware analysis, end-user interviews, and remediation efforts.
- Effectively utilize Splunk Enterprise (ES) to monitor, detect and isolate incidents happening in the organization’s security products, networks devices, end-user devices and systems.
- Proactively tracks threat actors an associated tactics, techniques, and procedures (TTPs).
- Captures intelligence on threat actor TTPs and develop first level countermeasures in response to threat actors.
- Effectively documents incidents to contribute to incident response and disaster recovery plans.
- Keeps security systems up to date and contributes to security strategies and performs internal and external audits.
- Analyzes malicious campaigns and evaluates effectiveness of security technologies and conducts threat intelligence.
- Develops advanced queries and alert to detect adversary actions.
- Monitored security access and report suspicious activity to a higher-level team or team members.
- Generated reports to serve as an input to evaluate the efficacy of the security policies. for IT administrators, business managers, and security leaders.
- Implemented necessary changes required to counter the attack or improve security standards.
- Analyze and resolve DLP alerts from McAfee DLP Manager and Splunk Enterprise Security (Splunk ES) and escalate cyber privacy incidents to the Privacy Team.
- Work incidents from initial assignment to final resolution.
- Investigate, interpret, and responds to complex security incidents.
- Perform Computer Security Incident Response activities for a large global enterprise, coordinate with other enterprise IT teams to record and report incidents
- Work incidents from initial assignment to final resolution.
- Conduct forensics and investigations as needed using security tools such as Splunk, FireEye, Cisco IPS, OSINT, etc.
- Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools.
- Create, track, and work to resolution Normal and Standard job-related Change Requests.
- Develop and conduct weekly targeting for the SOC team.
- Coordinate threat hunting activities across the network leveraging intelligence from multiple
- Documented all cases in call tracking software and escalated any issues to the appropriate queue