It Consultant-security Operations Analyst Resume
4.00/5 (Submit Your Rating)
Raleigh, NC
PROFESSIONAL SUMMARY:
Organized and focused Analyst seeks employment as part of a dynamic IT team. Well - versed in cutting-edge technologies, as well as telecom operations and systems.
TECHNICAL SKILLS:
- Cisco Routers Fire Eye, Sourcefire, Wireshark, McAfee Enterprise-DLP
- Switch configuration 6500's,3800's, and 2900's
- LAN and WAN expertise
- Intrusion Detection and Threat hunting
- SEIM-Security log analysis
- Advanced knowledge of Firewall Administration
- VPN configurations
- Checkpoint and Cisco ASA
- Wireless Access Point
- Remote access support, DNS administration
- Splunk, Q-Radar, LogRhythm
- Project lead/contributor
WORK EXPERIENCE:
Confidential, Raleigh, NC
IT Consultant-Security Operations Analyst
Responsibilities:
- Create documentation and revision for new procedures.
- Analysis of TCP/IP network traffic as well as network port traffic for abnormal activity
- Protect agency assets by anticipating potential computer-related threats and vulnerabilities
- Resolve client issues within the confines of the Acceptable Usage Policy & company Security Policy
- SPLUNK, SourcefireMonitor, Intrusion Detection and Prevention, ASA firewalls, and SourceFire
- SPLUNK Security Information Event Management for active alerts, investigation and rule creation
- Identify possible intrusion attempts or other anomalies
- Incident handling of new threats assisting in drafting remediation strategies
- Identify newly discovered vulnerabilities in a SOC environment and threat analysis.
- Investigation tools- Einstein, Wireshark
- Malware investigation and analysis
Confidential, RTP, NC
IT Consultant-Intrusion Detection/Security Analyst
Responsibilities:
- Responsibilities include data analysis and malware investigation.
- Analysis of data through inspecting, and modeling to support decision-making
- Analysis of TCP/IP network traffic as well as network port traffic for abnormal activity
- Protect agency assets by anticipating potential computer-related threats and vulnerabilities
- Resolve client issues within the confines of the Acceptable Usage Policy & company Security Policy
- SPLUNK, McAfee, SourcefireMonitor, Intrusion Detection and Prevention Systems via McAfee DLP, and SourceFire
- SPLUNK Security Information Event Management for active alerts and determine priority of responses
- Identify possible intrusion attempts or other anomalies
- Incident handling of new threats assisting in drafting remediation strategies
- Identify newly discovered vulnerabilities in a SOC environment.
- Spam investigation for possible phishing embedded with worms and viruses
- Thorough understanding of TCP/IP including parsing of email headers
- Documentation of newly discovered vulnerabilities
- Provide diagnosis and possible remediation suggestions
- Data Analysis-Identify possible intrusion attempts or other anomalies
- Filter non-threatening network traffic for enhanced reporting accuracy
- Make determination of the operation impact of a particular threat
- Recommend immediate corrective actions to higher level network engineers
- Respond to new threats, initiate and assist in drafting remediation strategies
- Provide ongoing monitoring of intrusion detection systems and newly developed exploits for Windows and UNIX systems
- Splunk
Confidential
IT Service Delivery Consultant, Raleigh, NC
Responsibilities:
- Support for hardware and software applications
- Linux and Windows support
- Troubleshoot user access and application install
Confidential
Network Engineer, Morrisville, NC
Responsibilities:
- Used tcpdump and Wireshark extensively to trouble-shoot network issues.
- Processed FW and IDS logs on a daily bases and provided email/excel reports on top offending
- IP along with sample log entries.
- Generated reports for security audit and for compliance.
- Upgrade of Cisco ASA firewalls.
- Troubleshooting and log analysis for Splunk, LogRhythm, Snort
- Setup site to site and VPN's access for local users.
- Experienced in Checkpoint Firewall, Netscreen, Cisco ASA/PIX, MPLS, Netscaler.
- Installation and configuration of routers 3800, 6500's and 2900 switches at customer location for DSL/T-1.
- Configured Nortel Contivity and Cisco appliances switch and Wireless Access Points.
- Produced documentation for connectivity process and troubleshooting for technician's onsite.
- Project lead for the SEIM/SIM product analysis and testing through (POF) proof of concept.
- Installed and configured appliance with continued management for investigation and logging.
- Project lead for Security Task Force involved with creating documentation, organizing meeting and policy editing
Confidential
Firewall Administrator, RTP, NC
Responsibilities:
- Management of checkpoint firewall and Netscreen.
- Management of pix firewall.
- On call rotation and customer conference calls.