| 20,000+ Fresh Resumes Monthly | |
|
|
| | Click here or scroll down to respond to this candidateCandidate's Name
SOC AND Incident Response AnalystSevern, Maryland, United StatesPHONE NUMBER AVAILABLEEMAIL AVAILABLESUMMARYResults-driven SOC Analyst with over 6 years of IT experience, including 4 years in Security Operations Centers (SOC). Expertise in monitoring, analyzing, and responding to security incidents using SIEM, IDS/IPS, EDR, and other security tools. Proficient in malware analysis, incident response, and data loss prevention. Deep understanding of cybersecurity principles, threat landscapes, and attack vectors.WORK EXPERIENCEOctober 2022-CurrentSOC AND Incident Response AnalystBank of AmericaUnited StatesMonitored security events and alerts from SIEM, IDS/IPS, firewalls, and endpoint protection systems.Performed in-depth analysis of security events to identify potential incidents or breaches.Investigated and responded to security alerts, determining scope, impact, and severity.Developed and maintained incident response plans and standard operating procedures(SOPs).Collaborated with cross-functional teams to resolve security incidents and implement countermeasures.Conducted threat hunting activities to proactively identify and mitigate emerging threats.Maintained and updated security tools and technologies for optimal performance.Provided timely and accurate reports on security activities, trends, and metrics to leadership.Participated in security awareness training programs for staff members.Applied Cyber Kill Chain and MITRE ATT&CK frameworks in incident response.Developed technical solutions for complex cybersecurity problems.Acted as a mentor to less experienced colleagues and presented data findings to influence decisions.Established strong reporting metrics to support security programs. February 2019-September 2022SOC AnalystRespointtechUnited StatesTriaged and investigated alerts from Splunk ES to determine severity and impact.Collected and analyzed asset data, indicators of compromise, and logs for further investigation.Planned and implemented preventative security measures and incident response plans.Investigated and processed phishing email alerts using O365 Threat Explorer.Analyzed and resolved DLP alerts from McAfee DLP Manager and Splunk ES.Documented incidents and performed Root Cause Analysis (RCA).Conducted forensics and investigations using CrowdStrike, Splunk, FireEye, and Cisco IPS.Created and managed change requests and participated in daily security meetings. August 2018-February 2019IT/Network AdministratorADK Healthcare ServicesUnited StatesPlanned and recommended network hardware and software solutions.Installed, configured, and maintained computers, servers, and networks.Monitored network performance and implemented security strategies.Developed procedures for proper utilization of IT technology.Ensured maximum system uptime through routine maintenance.Tested new software for bugs before deployment.EDUCATION-2006Bachelor of Science in Information TechnologyStrayer UniversityUnited StatesBachelor of Science in Information TechnologyStrayer University, 2006Additional Skills and ResponsibilitiesSecurity Assessment Tools: Use tools such as Nessus, Nmap, Putty, Wireshark.Networking Concepts: Understand TCP/IP, VPNs, Proxies, and other networking infrastructure.Log Analysis: Analyze logs and data from varied systems to identify signs of breaches or security incidents.Presentation Skills: Create, organize, and deliver presentations to end users, peers, and management.Project Management: Respond to changing priorities and manage multiple projects concurrently.Threat Research: Proactively research and address emerging cybersecurity threats.Risk Assessments: Conduct risk assessments on proposed and existing systems.Documentation: Develop necessary documentation per established standards.Training: Train and mentor new analysts and customers on systems and products.Data Center Management: Manage data center facilities infrastructures and support upgrade projects.Security Regulations: Adhere to security and safety regulations and rules.System Monitoring: Monitor IT systems and respond to problems.Incident Investigation: Investigate suspected attacks and breaches, recommending remedial actions.Event Analysis: Review security events and determine remediation actions and escalation paths.Monitor Security Events: Monitor and triage security alerts from SIEM, IDS/IPS, firewalls, and endpoint protection systems.Analyze Security Incidents: Conduct in-depth analysis of security events to identify potential security incidents or breaches.Incident Response: Investigate and respond to security alerts, determining the scope, impact, and severity of the threat. Information TechnologySKILLSIncident Response Protective Services Hunting Intrusion Detection Systems Leadership Mentoring Metrics Security Information and Event Management (SIEM) Standard Operating Procedures (SOP) Training Program Cisco Network Systems McAfee Product Family Phishing Root Cause Analysis Analysis Skills Splunk Network Administration/Management Network System Hardware Network Performance/Analysis Antivirus CompTIA Security+ Internet Security Network Operations Center Loss Prevention Firewalls Healthcare HTML (HyperText Markup Language) Information Technology & Information Systems Java JavaScript Local Area Network (LAN) Linux Operating System Malware Analysis Project/Program Management Microsoft Product Family Microsoft Office Nessus NMap Open Source Operating Systems Presentation/Verbal Skills Programming Languages Risk Analysis Network Routers Regulations Security Analysis Customer Support/Service TCP (Transmission Control Protocol) TCP/IP (Transmission Control Protocol/Internet Protocol) Virtualization VMWare VPN (Virtual Private Network) Microsoft Windows Operating System Microsoft Windows Server Wireshark (Ethereal) Intrusion Prevention Systems Security Attacks Endpoint Security Security Monitoring Cross-Functional Computer Security Software Administration Trend Analysis Time Management Data Analysis Forensic Science Change Order Management Information Systems/Technology IS/IT Administration Network Software Computer Maintenance Computer Servers Systems Administration/Management Performance Analysis Procedure Development Bug Tracking Software Testing Anti-Virus Software UDP (User Datagram Protocol) Microsoft Outlook Microsoft Word Microsoft PowerPoint Microsoft Excel Email SecurityCERTIFICATIONSIntroduction to Cyber Security Tools and AttacksSplunk Fundamentals 1 & 2Cisco Networking BasicsCompTIA Security+Security+LANGUAGESEnglish - IntermediateWORK AUTHORIZATIONI am authorized to work in the following countries: United States |