| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Omaha, NE Street Address PHONE NUMBER AVAILABLE EMAIL AVAILABLESummaryJoysline is a SOC Analyst with demonstrated command of Incident management, triaging and investigation of alerts. She has 5 years of IT experience and 5 years working as a SOC analyst. An expert with developed aptitude for critical analysis at the level of Network, Application and endpoint. A Multilingual individual, fluent in English and French, offering solid comprehension of cultural diversity.SkillsMicrosoft O356 DefenderDark traceExpelAnomali/ ThreatstreamMonitoring computer virusesProtecting networks systemsManaging security breachesReporting and documentationData Loss PreventionTraining & developmentDeep dive analysisAntivirus, MS office, TCP/IPIncidence/ResponseLog ReviewTeam playerMultitaskingCisco IronPortCisco SourcefireCisco MerakiSentinel OneCrowd strikeRapid7Splunk Enterprise SecurityLogRhythmWiresharkFireEye HX, NX & ETPMalwarebytesOpen Source Site Check toolsSoftware: MS Office (Word, Excel, Outlook, Access, PowerPoint, Linux OS, Windows OS)Ticket Systems: Archer, Service Now, Remedy & JIRA, IRTExperienceSOC Analyst Mar 2021 to CurrentCentene Wichita, KSResponsible for security monitoring of networks, applications, endpoint and other infrastructures to protect them from cyber threats.Report security incidents using ServiceNow ticketing system for events that signal an incident and require Tier 3 Incident Response review.Perform triage on alerts by determining their criticality and scope of impact.Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoringInvestigate, analyze, and process endpoint alerts using SIEM and OSINT tools.Review and collect asset data; indicators of compromise, logs, congurations and running processes, on these systems for further investigation and reporting.Involve in planning and implementing preventative security measures and in building incident response, SOP and disaster recovery plans.Investigate, analyze, and process phishing email alerts from Proofpoint, MDO and FireEye following standard operating procedures.Perform proactive hunting for threats that may have escaped the monitoring system.Analyze and resolve DLP alerts from McAfee DLP Manager and Splunk Enterprise Security (Splunk ES) and escalate cyber privacy incidents to the Privacy Team.Work incidents from initial assignment to nal resolution.Investigate, interpret, and responds to complex endpoint alert using CrowdStrike and containment for high criticality incidentAuthor SOPs for tools as needed or directed to facilitate SOC operations.Fully document assigned tickets to show all work performed to pass SLRs.Conduct forensics and investigations as needed using security tools such as Splunk, OSINT, etc.Investigate, interpret, and responds to complex security incidents.Create tasks, and Standard job-related Change Requests with other team for incident remediation.Develop and conduct weekly targeting training for the SOC team.Perform network investigation using Dark Trace, GTI and FireEye NX to determine true positive for reconnaissance activities across the network leveraging intelligence from multiple internal and external sourcesParticipate in daily security Handover meetings with colleagues and incidence call with managers and CSIO .Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.Investigate AWS incident related using Expel and Prisma cloudSoc Analyst Aug 2017 to Feb 2021Global Solutions Technology Dallas, TXWorking in a 24x7 Security Operations CenterContinuous monitoring and interpretation of threats using the IDS and SIEM .Investigating malicious phishing emails, using Microsoft 0365 defender, Threat Stream to analyzed malicious activities.Rescanning mitigated systems for further infections using Crowd Strike, Malwarebytes Symantec AV and commissioning systems back to the networkConducting research on new and evolving threats and vulnerabilities using different OSINT sourcesConducting Advance search, log analysis using SplunkIdentifying suspicious/malicious activities or codesMonitoring and analyzing security events to determine intrusion and malicious events.Searching firewall, email, web, or DNS logs to identify and mitigate intrusion attempts.Investigating VPN alerts and following up with users to determine legitimacy of such activity.Investigating possible brute-force attempts and followed up with mitigation strategies based on user feedback.Analyzing and resolve DLP alerts from McAfee DLP Manager, Forcepoint, and Escalating cyber privacy incidents to the Privacy Team.Working incidents from initial assignment to final resolution.Using Firepower IPS/IDS and FireEye NX to investigate possible intrusion attempt.Investigating, analyzing, and processing retroactive and reported phishing email alerts from IronPort while following standard operating procedures.Use O365 Threat Explorer to analyze scope and determine the recipients of the phishing emails within the company.Assisting in building SOPs as needed or directed to facilitate SOC operations and processes.Fully documenting assigned tickets to show all work performed and attach the required artifacts to pass SLRs.Assisting with the creation of the daily SOC reports and shift reports and pass down emails and tickets to the incoming shift team during handoverInvestigating traffic to suspicious domains and IPs and submitted a block request to NOC per the investigation results.Using AD to provide authentication group and user management. LDAP to manage the directory services over the TCP /IP protocol.Using Firepower IPS/IDS and FireEye NX to investigate possible intrusion attempts.Education and TrainingBachelor of Arts, Communications Dec 2008University of Buea Buea, Southwest CameroonCertificationsCompTIA Security+CCNAOracle SQL AssociateMicrosoft Azure AdministratorReferenceAvailable Upon Request |
