| 20,000+ Fresh Resumes Monthly | |
|
|
| | Click here or scroll down to respond to this candidateCandidate's Name
PHONE NUMBER AVAILABLE San Antonio, TX, Street Address EMAIL AVAILABLEhttps://LINKEDIN LINK AVAILABLESummary of QualificationsCultivated over three years, my expertise as a Security Analyst encompasses proficient analysis, vigilant threat monitoring, and effective remediation strategies. Well-versed in network principles, adept with multiple SIEM systems, and skilled in EDR deployment. Additionally, I possess extensive proficiency in Service Now. Fluent in both English and Spanish, I bring a bilingual advantage to the tableable to obtain public trust clearance.Key Skills: SIEM SOC Email Security VPN Endpoint Protection Vulnerability Evaluation Cybersecurity Operations Security Compliance ServiceNow ticketing Active Directory NIST ISO Incident Response privacy investigationApplications and Software: Splunk SumoLogic UNIX Abnormal Security Zscaler SentinelOne OSINT QRADAR Kali LinuxEXPERIENCE_TATA CONSULTANCY SERVICESGraphic Packaging InternationalAtlanta, GA Jan 2022 PresentSoc Analyst Reduce backlog of Cybersecurity alerts by 95 percent while working shift of 24/7/365 Screened,reported,and detected any issues within Windows servers, mobile devices, and machines[EDR] Manage, lead, and close over 10000 tickets in ServiceNow Built strong work relationships with clients from all over the world, via email, phone, and chat Troubleshoot and remediate technical issues on daily basis in group and Team Approach Identify, and escalate security incidents to internal, and customer incident response teams such as Tier 2 teams. Utilize Active Directory, and Abnormal Security email software to reduce email threats, and phishing. Verify threat remediation using Splunk Incident Response techniques, and documented security events with ServiceNow. Understand TCP/IP protocols, utilize network analysis, vulnerability scan, EDR scan, network detect, and firewall block, to keep the devices safe. Conduct search queries within Splunk, and Sumo Logic environment to research, and perform extraction of information in a more simplified format. Report to manager, and Tier 3 Security Team on a daily basis to resolve active threats. Collaborate with client, and vendor on use case creation, while providing technical guidance, and assistance to internal customers. Investigate operational problems (Incident Response), propose solutions, and ensure compliance with ISD standards, and best practices. Able to communicate technical problems to nontechnical individuals. Documented, and managed incident cases in case management system (SOPs). Determine the false positives, true positives of each use case through investigating suspicious events, and incidents using open-source intelligent tools (OSINT). Monitors environments for unauthorized personnel, connections, devices, and software with various SIEM. Reported gaps in log collection, and reporting to security engineer, and Lead analyst. real-time monitoring login attempts by user, monitoring applications, and roles as the user utilizes, create roles for specific applications, create roles through Cyberark Idaptive (IAM) per applications by members through SSO (Secure Zones).Tower Hill Insurance GroupGainesville, FL Feb 2021 Jan 2022Security Analyst Collected, and analyzed threat intelligence to produce reports related to emerging threats. Performed weekly presentations to report on incidents, log analysis. Mitigated vulnerabilities by alerting clients of potential security threats in a speedy manner. Able to communicate technical problems to nontechnical individuals. Analyzed a large volume of security event data from log sources to identify, track, and report suspicious, and malicious activity using SIEM tools. Performed rule fine tuning improvements to eliminate false positive alerts, and enhance use-case coverage. Proactive monitoring of intrusion detection systems, cloud-based services, windows servers, network analysis. Follow-up analysis throughout the incident lifecycle to bring all incidents to closure. Stayed knowledgeable of the cyber threat landscape through daily research for the Threat Bytes Cybersecurity Newsletter, while performing activities and drills to improve incident response capabilities.. Monitored SIEM for suspicious events, and anomalous activity. Contributed to the documentation of new tools, and techniques. Created, and delivered reports to customers documenting SLA, and trends of threats. White Cloud SecurityAustin, TX Jun 2020 Dec 2020Junior Cyber Security Consultant Applied basic red team techniques to explore files, implement fingerprint methods, using VMWare, and Putty, through Execution Control techniques. Cloned a repository from GitHub (kernel properties). Applied Red Hat tactics to download packages, unzip, patch the kernel from a Whacker directory. Compiled an SSH key login using bash scripting in Kali Linux. EducationUniversity of Texas, San Antonio, TX, College of Engineering Dec 2020 Major Bachelor of Computer EngineeringCertifications:CompTIA Security+ AWS Certified Cloud Practitioner Azure AZ-900 and Azure AZ-500 Splunk Core Certified User |