SUMMARY

• Results - oriented and highly skilled Security Operations Center (SOC) Analyst with expertise in AWS Cloud Security for 7 years.
• Committed to assisting clients in achieving their vision by providing top-notch Network, Endpoint, Threat Intelligence, Forensics, and AWS Cloud Security services.
• Proficient in AWS Cloud Orchestration, Security Assessment, IAM, Monitoring,
• Event Management, Governance & Compliance, Application delivery, Data protection, Network Security within SaaS, IaaS, PaaS, Advanced Endpoint Protection, Intrusion Detection Systems, and Image and Patch Management in AWS environments.
• Excellent communication and problem-solving skills.

Cloud Orchestration/Automation: AWS CloudFormation, Terraform, AWS Lambda, AWS Systems Manager, AWS SSM Parameter Store, Ansible, Docker

AWS Security: AWS Security Hub, AWS Guard Duty, AWS Shield, AWS Firewall Manager, AWS Inspector, etc.

Monitoring & Event Management: AWS CloudWatch (Events & Logs), AWS SNS, AWS S3

Identity & Access Management: AWS Organization, AWS IAM, AWS AD Connector, Active Directory, AWS Workspaces, AWS Secrets Manager, etc.

Governance & Compliance: AWS Config Rules, AWS Organization, AWS Control Tower, AWS Trusted Advisor, AWS Well Architected Tool, AWS Budgets, AWS License Manager, etc.

Programming Languages: JSON, Python

Application Delivery: Jira, Confluence, Jenkins, Bitbucket, AWS Code Pipeline, AWS Code Commit.

Data Protection: AWS Certificate Manager, AWS KMS, Snapshot Lifecyle Manager, AWS Cloud HSM.

Self Service: Service Catalog

Network: VPC, VGW, TGW, CGW, IGW, NGW etc.

Image & Patch: AWS SSM Patch Manager, AWS Golden AMI Pipeline

Ops Analytics: Splunk

AWS Platform: AWS CloudFormation, AWS Lambda, AWS Systems Manager, S3, VPC, EC2, ELB, RDS, SNS, SQS, SES, Route53, CloudFront, Service Catalog, AWS Auto Scaling, Trusted Advisor, CloudWatch etc.

Security Technologies: FireEye, IronPort, Sourcefire, McAfee Web Gateway, Splunk, Splunk Express, McAfee DLP, Nessus Security Center, Nmap, Wireshark, IDS/IPS; Log Management, Anti- Virus Tools; (Norton, Symantec), Vulnerability scanning.

Operating Systems: Unix-Based Systems (Solaris, Linux); Windows.

Networking: LANs, VPNs, Routers, Firewalls, TCP/IP

Software: MS Office (Word, Excel, Outlook, Access, PowerPoint)

Ticket Systems: Service Now, Remedy & JIRA

Open-Source Site Check tools: urlvold.com, VirusTotal.com, zscaller.com etc.

PROFESSIONAL EXPERIENCE

Confidential

AWS PLATFORM SECURITY ENGINEER

Responsibilities:

• I designed solutions and processes to identify and mitigate security vulnerabilities, whilst researching threats and attack vectors that impact their applications and infrastructure.
• Get advanced features that help you secure your app's code and dependencies with GitHub, the world’s most popular developer platform.
• Identify vulnerabilities in code with GitHub Advanced Security and CodeQL.
• Identify and remediate security issues in your dependencies using security alerts and automated security updates.
• Work to automate alerts when credentials and tokens are mistakenly committed into source control with secret scanning.
• Making your applications and systems more secure by providing visibility into security threats and preventing vulnerabilities from reaching deployed environments
• Increasing security awareness with your development and operation teams
• Incorporating automated security processes into your software development lifecycle.
• Reducing cost to remediate by finding security issues early in development and design stages.

Confidential

SECURITY OPERATION CENTER (SOC) ANALYST

Responsibilities:

• Utilized Splunk Enterprise Security (ES) to monitor and analyze network traffic, intrusion detection systems (IDS), and security event logs.
• Safeguarded intellectual property and ensured compliance by utilizing McAfee DLP Manager for data protection.
• Managed web access requests through McAfee Web Gateway GUI, granting temporary access to blocked websites.
• Blocked malicious domains, hashes, files, and IPs following standard operating procedures.
• Utilized Splunk to analyze email logs and ensure the containment of malicious emails and attachments.
• Developed action plans and collaborated with analysts to address security threats and incidents.
• Processed accidental disclosure requests and followed standard procedures.
• Analyzed and processed malicious/phishing email alerts from IronPort and FireEye.
• Demonstrated strong knowledge of network security monitoring and incident response.

Confidential

SECURITY OPERATION CENTER (SOC) ANALYST

Responsibilities:

• Monitored and analyzed network traffic, IDS, security events, and logs.
• Conducted incident response investigations and resolution for computer security incidents.
• Performed root cause analysis and composed security alert notifications.
• Stayed updated on vulnerabilities, attacks, and countermeasures.
• Improved incident response times and SOC functions through process and procedure development.
• Demonstrated strong knowledge of network security monitoring and incident response.
• Strong working knowledge of network security monitoring and incident response, as well as superior written and technical communications skills.

Confidential

IT HELP DESK SUPPORT SPECIALIST

Responsibilities:

• Provided comprehensive technical support to clients, troubleshooting computer-related issues for local and remote users.
• Diagnosed and resolved hardware, software, and connectivity issues.
• Migrated file servers and SQL servers, providing technical guidance and knowledge.
• Installed, configured, and managed various devices such as laptops, phones, and printers.
• Demonstrated strong troubleshooting and networking skills.