SUMMARY:

• Systems and Information Security Analyst
• Safeguarding Systems, Tightening Controls, Increasing Capacity to Meet Business
• Functions/Objectives Approach to Corporate Asset Protection.
• Two (2) years of experience in Risk Management Framework (Experience in all 6 phases). Versatile
• Success in Technology Policies and Standards Technical Writing for Cyber Security. Developed in depth experience in preparing executive - level presentations and documents to help communicate complex and technical information more easily. Success in driving security initiatives indirect support of business missions/objectives.
• Detail-oriented and result driven SOC Analyst with multiple years of successfully monitoring, Analyzing, managing and diagnosing hardware and software related issues. I have efficiently collaborated in teams on various security Projects, and currently seeking to further my career, expand my skills and share acquired knowledge. Possess the ability to effectively communicate, think critically and excel in challenging environments. Ready and excited for a new opportunity to grow.
• Highly proficient technical writing and communication skills
• Microsoft Word, Excel, PowerPoint
• Experience in the use of Nessus by Tenable and CSAM Version 3.0
• RMF Risk Management Framework, NIST SP, NIST SP, NIST SP
• , NIST SP, NIST SP, FIPS 199 and 200.
• Analytical Skills
• Information technology
• Problem Solving
• Bilingual Communication (French and English)
• Teamwork
• SIEM (Monitor and analyze Security Information and Event Management)
• EDR
• Network Security
• Network Monitoring
• Incident Response
• Alerts Monitoring, Investigation & Analysis
• Phishing Analysis
• Automated Malware Analysis
• Endpoint management

TECHNICAL SKILLS:

TOOLS: VirusTotal, Hybrid Analysis, MxToolBox, Urlscan, DomaintoolBox. VMware, Virtual Box (Sandboxing).

PROFESSIONAL EXPERIENCE:

SOC Analyst

Confidential

Responsibilities:

• Assist in establishing a mature and optimized Security Operations Center discipline to support managed security services focused on vulnerability and security information event management engagements.
• Monitor and analyze Security Information and Event Management (SIEM) and other tools to identify security issues for remediation. (FortiSiem).
• Monitor and analyze alerts and notifications from multiple security systems.
• Communicate, escalate, and/or mitigate alerts regarding intrusions and compromises to the enterprise.
• Conduct operations surrounding cyber security incident response technologies including network logging and forensics, security information and event management tools, security analytics platforms, log search technologies, and host - based forensics, as needed.
• Perform scanning and monitoring activities to provide in-depth visibility into potential known and unknown vulnerabilities and threats that may pose risks to our environment.
• Document actions in cases to effectively communicate information to internal and external stakeholders.
• Perform hunting for malicious activity across the network and digital assets.
• Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units.
• Staying up to date with current Vulnerabilities, attacks, and countermeasures.

IT Expert SOC ANALYST

Confidential

Responsibilities:

• Analyze, Investigate, Resolve, Document and Write Reports on pending tickets for discovered alerts and incidents with ticketing tools system within networks.
• Advise Incident responders in the steps to take to investigate and resolve computer security Incidents.
• Ensure all data is captured within each incident. (Date, time, hash files, Location etc...)
• Enhance detection, alerts, and other cyber correlation rules within the SIEM to reduce false positives.
• Utilize cyber defense tools for constant monitoring and network analysis to identify malicious activity.
• Analyze identified malicious activity to determine the weaknesses exploited, the methods of exploitation, and the effects on client's systems and information.
• Monitor and analyze network traffic, Intrusion Detection Systems (IDS), Security events and logs.
• Document and escalate incidents that could cause ongoing and immediate impact to client s digital environment.
• Receive and analyze network alerts from various sources within the enterprise and determine the potential causes of the alerts.
• Provide real - time information regarding intrusion events, security incidents, and other threat indications and warning information.
• Perform initial analysis and investigation into alerts as they are seen (malicious URLs, malicious site, Phishing site, Brute Force Attack, Password Attack, Credential Harvesting etc....)

SOC Analyst

Confidential

Responsibilities:

• Analyze Discovered network anomalies, suspicious events and malicious traffic using advanced analytics tools.
• Analyze security events to discern events that qualify as security incidents as opposed to false positives.
• Validate suspicious events and incidents using open - source and proprietary intelligence sources
• Communicate critical anomalies to clients and provide remediation recommendations and answer questions that arise.
• Provide real-time guidance to customers on network configuration, security settings, policies, and attack mitigation procedures.
• Report any changes in customer environments to the Lead Analyst.
• Identify and report any gaps in logs collection or report them as soon as possible to the customer.
• Escalate alerts to L2 Analyst for investigation based on their severity, including prioritization of the alerts for the follow-on incident response activities.
• Provide feedback on process improvements and how to eliminate false positive alerts from our workflow.
• Prioritize and differentiate between potential intrusion attempts and false alarms.