We provide IT Staff Augmentation Services!

It Consultant-security Operations Analyst Resume

4.00/5 (Submit Your Rating)

Raleigh, NC

PROFESSIONAL SUMMARY:

Organized and focused Analyst seeks employment as part of a dynamic IT team. Well - versed in cutting-edge technologies, as well as telecom operations and systems.

TECHNICAL SKILLS:

  • Cisco Routers Fire Eye, Sourcefire, Wireshark, McAfee Enterprise-DLP
  • Switch configuration 6500's,3800's, and 2900's
  • LAN and WAN expertise
  • Intrusion Detection and Threat hunting
  • SEIM-Security log analysis
  • Advanced knowledge of Firewall Administration
  • VPN configurations
  • Checkpoint and Cisco ASA
  • Wireless Access Point
  • Remote access support, DNS administration
  • Splunk, Q-Radar, LogRhythm
  • Project lead/contributor

WORK EXPERIENCE:

Confidential, Raleigh, NC

IT Consultant-Security Operations Analyst

Responsibilities:

  • Create documentation and revision for new procedures.
  • Analysis of TCP/IP network traffic as well as network port traffic for abnormal activity
  • Protect agency assets by anticipating potential computer-related threats and vulnerabilities
  • Resolve client issues within the confines of the Acceptable Usage Policy & company Security Policy
  • SPLUNK, SourcefireMonitor, Intrusion Detection and Prevention, ASA firewalls, and SourceFire
  • SPLUNK Security Information Event Management for active alerts, investigation and rule creation
  • Identify possible intrusion attempts or other anomalies
  • Incident handling of new threats assisting in drafting remediation strategies
  • Identify newly discovered vulnerabilities in a SOC environment and threat analysis.
  • Investigation tools- Einstein, Wireshark
  • Malware investigation and analysis

Confidential, RTP, NC

IT Consultant-Intrusion Detection/Security Analyst

Responsibilities:

  • Responsibilities include data analysis and malware investigation.
  • Analysis of data through inspecting, and modeling to support decision-making
  • Analysis of TCP/IP network traffic as well as network port traffic for abnormal activity
  • Protect agency assets by anticipating potential computer-related threats and vulnerabilities
  • Resolve client issues within the confines of the Acceptable Usage Policy & company Security Policy
  • SPLUNK, McAfee, SourcefireMonitor, Intrusion Detection and Prevention Systems via McAfee DLP, and SourceFire
  • SPLUNK Security Information Event Management for active alerts and determine priority of responses
  • Identify possible intrusion attempts or other anomalies
  • Incident handling of new threats assisting in drafting remediation strategies
  • Identify newly discovered vulnerabilities in a SOC environment.
  • Spam investigation for possible phishing embedded with worms and viruses
  • Thorough understanding of TCP/IP including parsing of email headers
  • Documentation of newly discovered vulnerabilities
  • Provide diagnosis and possible remediation suggestions
  • Data Analysis-Identify possible intrusion attempts or other anomalies
  • Filter non-threatening network traffic for enhanced reporting accuracy
  • Make determination of the operation impact of a particular threat
  • Recommend immediate corrective actions to higher level network engineers
  • Respond to new threats, initiate and assist in drafting remediation strategies
  • Provide ongoing monitoring of intrusion detection systems and newly developed exploits for Windows and UNIX systems
  • Splunk

Confidential

IT Service Delivery Consultant, Raleigh, NC

Responsibilities:

  • Support for hardware and software applications
  • Linux and Windows support
  • Troubleshoot user access and application install

Confidential

Network Engineer, Morrisville, NC

Responsibilities:

  • Used tcpdump and Wireshark extensively to trouble-shoot network issues.
  • Processed FW and IDS logs on a daily bases and provided email/excel reports on top offending
  • IP along with sample log entries.
  • Generated reports for security audit and for compliance.
  • Upgrade of Cisco ASA firewalls.
  • Troubleshooting and log analysis for Splunk, LogRhythm, Snort
  • Setup site to site and VPN's access for local users.
  • Experienced in Checkpoint Firewall, Netscreen, Cisco ASA/PIX, MPLS, Netscaler.
  • Installation and configuration of routers 3800, 6500's and 2900 switches at customer location for DSL/T-1.
  • Configured Nortel Contivity and Cisco appliances switch and Wireless Access Points.
  • Produced documentation for connectivity process and troubleshooting for technician's onsite.
  • Project lead for the SEIM/SIM product analysis and testing through (POF) proof of concept.
  • Installed and configured appliance with continued management for investigation and logging.
  • Project lead for Security Task Force involved with creating documentation, organizing meeting and policy editing

Confidential

Firewall Administrator, RTP, NC

Responsibilities:

  • Management of checkpoint firewall and Netscreen.
  • Management of pix firewall.
  • On call rotation and customer conference calls.

We'd love your feedback!