- Ambitious Cloud Security Analyst seeking a fresh career path with a strong growing company. I bring more than 10 years’ experience in the Technology/Industrial/Healthcare/Financial industry. This will allow me to contribute to the team & express my technical prowess, incident response, malware analysis, log analysis, audits, network compliance, vulnerability assessments & forensics.
Platforms: Windows Client, Windows Server, UNIX, Linux, Mac.
Programs: Citrix Xen, Zoom, IS - CIAuth, Sophos, Cisco, VMware, Salesforce, AD/LDAP.
Database: MySQL, AWS, Azure, NICE, IAM Oracle, CASB, IaaS, PaaS, SaaS, OWASP.
Security Tools: CSIRT, McAfe ePo, Symantec Cloud, Tenable Nessus, Splunk APT, FireEye, PaloAlto, NGFW SonicWALL, Nexpose, Carbon Black, Proofpoint, Tripwire SIEM, Netwitness SIEM, Barracuda, Fortinet, Cisco Tetration, Qualys, RSA Archer.
Confidential, Tamarac, FL
- Conduct routine risk assessments, security audits, and vulnerability scans to identify.
- Perform technical investigations resulting in successful root cause analysis of intrusions.
- Assess and secure cloud and on-premise architectures and services.
- Developing security reports, security recommendations, security policies and procedures.
- Perform log collection, correlation, archival, retention, and monitoring of automated alerts.
- Provide cloud security guidance to application teams adopting DMARC Cloud Services.
- Administer IAM Identity Life-cycle Mgmt, MFA, OAuth, Proxy, Information Assurance.
Security Cloud Engineer
- Use McAfee to mitigate deficiencies, security threats & Endpoint protection security.
- Perform root cause, malware analysis on security incidents via Netwitness & Ecat Forensic.
- Evaluate alerts, pilot, analyze logs, determine cause and impact and identify corrections.
- Implement system authentication, and authorization with Tripwire Ent & FortiGate.
- Investigate and classify the alerts critical via RSA Archer & SecOps systems.
SOC Cyber Security Analyst
- Conduct research and analysis plus threat hunting via Cyber Kill Chain & Diamond Model.
- SIRT Incident handling procedures to detect, isolate and investigate (IOC) Indicators of Compromise using Netwitness & Splunk SIEM.
- Running IDS analysis for medium & high sensor alerts using behavior & signature rules.
- Classified intrusion events, footprint all IPs, & validate the suspicious activities.
- Evaluate Qualys vulnerability mitigation for networks, operating systems & applications.
- Tripwire SIEM with Snort to ensure proper security, monitoring, alerting and reporting.
- Provide SIRT Assessing, analyzing client’s web-app and traffic, creating proactive traffic reports to help identify threats and potential vulnerabilities.
- Escalate aged vulnerabilities to senior management & provide oversight and guidance.
- Evaluate CASB security framework, review assessments to ensure policies & procedures.
SOC Security Engineer
- Manage Splunk SIEM encryption, Auth-CIA, AD policies & Group Policy Management.
- Endpoint protection platforms (EPP) and endpoint detection and response (EDR).
- Administer Cloud-management privileges for assessment & authorization.
- Serve as part of the Assurance and Vulnerability Management for security risk cycle.
- Manage Incident response UTM administration, services, deployment & correlation.
- Deploy McAfee DLP policies to detect & prevent unauthorized identity access.
- Provide corrective action & protection via McAfee ePo & Endpoint Adjudication.
- Implement Privilege ACLs & RBAC for pharmacist & managers to manage Distro-lists.
- Reviewing projects from a Security perspective & analyzing architecture diagrams.
SOC Security Analyst
- Perform incident triage, resolution, & actively support the enterprise security processes.
- Administer & monitor TCP/IP, HTTP/HTTPs, FTP, IRC, RPC, DNS headers & flags.
- Ensure endpoint security solutions & policies are set to detect and respond to threats.
- Configure and maintain on-demand and real time Anti-Malware scan policies.
- Provide architecture analysis, design & support for Managed Endpoint Protection hosts.