Security Operations Center Analyst Resume
3.00/5 (Submit Your Rating)
Dulles, VA
OBJECTIVE:
- Over 9 plus years’ experience in security operation environment, customer service, administrative and technical professional skills, for government and business enterprises.
- Security Applications: Snort IDS/IPS, Wireshark, McAfee Intrusion Prevention System, Netcool, Virus Total
- Operation Systems: Windows, IOS, Linux Systems
- Malware analysis
- Investigation tracking and threat resolution
- Compose security alert notifications
- Advise incident responders other teams on threats
- Computer networking, routing and switching
EXPERIENCE:
Security Operations Center Analyst
Confidential, Dulles, VA
Responsibilities:
- Responsible to capture packet and recreate security event and write custom IDS/IPS SNORT rules
- Performs initial investigation and triage of potential incidents, and escalates or closes events, as applicable
- Recognize and communicate potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information from security tools
- Utilizing open source security intelligence during security events (Virus total)
- Monitored servers, network gears, and applications in operation center environment
- Identified security issues and risks associated with security events and managed incident response process
- Use the Security Incident Event Management (SIEM) platform to perform incident response identification
- Experience in analyzing phish emails when detected, analyze malicious links and attachments, analyze user impact via Splunk, remove/delete phish emails from exchange servers and block unwanted senders
- Pushed monthly Windows security patch across company wide network for machines to stay compliant
- Analyze a variety of network and host - based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
- Performed incident response management role during major outages and cyber attacks
- Documented and tracked the timeline of events that occurred in the process to resolution for each of the incidents managed in support of post mortem/root cause analysis.
Desk Engineer
Confidential, Dulles, VA
Responsibilities:
- Handled responsibilities of developing and maintaining Disaster Recovery procedures for the network resources
- Serves as the single point of contact for internal and external users to troubleshoot technical issues with software, hardware, network, virtual private network (VPN), email, and remotes access requests
- Responsible for escalating any major outage and help to establish bridge call to ensure all required parties are engaged to work, and restore issues as quickly as possible
- Help to create new security measures and develop new ways to reinforce and improve software quality
- Diagnose, evaluate and process users’ incidents and service requests via telephone, email, instant messaging, and Oracle Global Service Desk Ticketing System.
- Responsible for imaging and configuring Macs, Windows, and VOIP phones
- Assists with creating, tracking, escalating, dispatching, and resolving incident using Service Now application
- Provides outage notification to the appropriate clients, vendors, and sites
- Aids with managing and tracking data center equipment
Lead Supervisor
Confidential - Herndon, VA
Responsibilities:
- Submitted status/activity reports and metrics to the Technology Service Desk (TSD) and the Technology Operation Center (TOC) Teams as required
- Complied security policies to enforce restrictions on confidential Officer’s workstation
- Monitored and managed BMC Remedy incidents, critical system outages, priority one and two requests, and escalated as issues required
- Performed real time monitoring of the daily activities utilizing the call management system to initiate immediate performance actions efficiencies in the following areas: Call Volume, AUX, Wait Times, and Call Trending.
- Troubleshot issues with VPN access, server issues, workstation issues, CBP proprietary application issues, and outages
- Participated and monitored critical outages for updates and relied all notifications/information to the appropriate application system
- Facilitated 24x7 Windows/Novell support to reduce downtime for all CBP critical systems.
- Performed proactive systems checks to ensure systems availability with the application.
- Carefully preserve the integrity and security of personnel information (PII).
Help Desk Analyst
Confidential - Herndon VA
Responsibilities:
- Assisted customers with filling applications online and provided customers with status updates on the conditional approval notification letters.
- Recorded all inbound/outbound calls and all major incident into BMC Remedy ticketing system.
- Addressed customer questions and concerns in to global online application system.
- Identified Remedy tickets to be escalated or resolved
- Responsible for user account administration including adding, deleting, and updating profiles.