| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name (SOC ANALYST)PHONE NUMBER AVAILABLE EMAIL AVAILABLEhttps://LINKEDIN LINK AVAILABLEPROFESSIONAL SUMMARY:Results-oriented Security Analyst with 7 years of experience driving enterprise security through proactive risk mitigation, effective incident response, and advanced SIEM (Splunk) utilization. Proven expertise in SOC management, threat detection, vulnerability assessments, and security frameworks (MITRE ATT&CK, NIST, ISO, CIS). Recognized for leadership, problem-solving, and commitment to staying ahead of cybersecurity trends through continuous learning. Adept communicator with strong cross-functional collaboration skills, proficient in CND tools, and experienced in applying Tier 1 and Tier 2 best practices.CORE COMPETENCIESCloud Computing (AWS, Azure) Networking Splunk Enterprise Security, Splunk Phantom CrowdStrike Falcon Darktrace Nessus Data Storage and Management Virtual Machines MITRE ATT&CK, NIST ISO CIS Virtual Networks Application Monitoring Cyber Kill Chain Data Aggregation Data Correlation Diamond Model Frameworks, ISMS Rules and Regulations Data Quality and Security Stream Processing Data Visualization Reporting/MetricsTECHNICAL SKILLS:Languages: PowerShell, Python, BashSIEM Solutions: Splunk Enterprise Security, Splunk PhantomEndpoint Management: CrowdStrike FalconNetwork Security: DarktraceNetworking: LANs, WANs, VPNs, Routers, Firewalls, TCP/IP protocolsSoftware: MS Office (Word, Excel, Outlook, PowerPoint), MS VISIOAutomation and Scripting: PowerShell Scripting, Python Scripting, Bash ScriptingSecurity Frameworks and Methodologies: MITRE ATT&CK, NIST, ISO, CIS, ISMS Rules and RegulationsCyber Threat Intelligence: CTI Platform Development, Threat Intelligence Feeds and APIsSecurity Tools and Technologies: Splunk, CrowdStrike Falcon, Splunk Phantom, DarktraceFront End Tools: Custom Dashboards, Data VisualizationData Science and Analytics: Data Aggregation, Data Correlation, Data VisualizationTools and Technologies: Microsoft Azure, Git, Tableau, PowerBIEXPERIENCECLIENT: STATE FARM APRIL 2022 - PRESENTROLE: INFORMATION SECURITY ANALYSTResponsibilities:Oversaw the management and deployment of SIEM systems, maximizing their capacity for incident response and threat detection.Designed and implemented custom Splunk dashboards that provided real-time visualizations of security events across the entire State Farm network.By using Splunk dashboards for incident response, we significantly reduced the time to identify, contain, and remediate security threats.Successfully monitored and triaged security alerts using SIEM tools, assigning priority levels and escalating high-risk incidents to Tier 2 analysts.Integrated NIST framework principles into State Farm's cybersecurity strategy, ensuring robust risk management practices and improving overall security posture through continuous monitoring and assessment.Regularly carried out vulnerability assessments and security audits to find and address possible security threats throughout the company.Monitored and secured endpoints using cutting-edge EDR solutions like CrowdStrike Falcon, which decreased the prevalence of malware and other risks.Designed and conducted cybersecurity awareness training for staff members, strengthening the company's overall security posture.By using data from Splunk dashboards, we created more impactful security awareness training, fostering a culture of security awareness at State Farm.Using PowerShell and Python scripts, routine security procedures were automated, greatly boosting operational productivity.Investigate potential or actual security violations or incidents to identify issues and areas that require new security measures or policy changes.Monitored and responded to phishing attempts, reducing threat response time by implementing custom Splunk dashboards.CLIENT: CYMUNE CYBER SECURITY JAN 2021 DEC 2021 ROLE: SECURITY OPERATION CENTER (SOC) ANALYSTResponsibilities:Using Splunk Enterprise Security, enhanced threat detection and custom rule generation were carried out, greatly improving the identification and response times for security incidents.Splunk Phantom was used to automate incident response workflows, greatly lowering the need for human intervention and improving response time and consistency.Generated comprehensive monthly cybersecurity status reports, synthesizing data from various security tools to inform strategic decisions.Automated log analysis with Python scripts, cutting down on the amount of effort spent on manual processing.To ensure constant surveillance and prompt response to security incidents, I oversaw security operations in rotational shifts that ran around the clock.Worked together with cross-functional teams to enhance overall security posture and guarantee thorough incident response.Ensured clarity and comprehension when communicating complicated technological security issues to non-technical stakeholders.Participated in threat hunting and red-team/blue-team exercises, enhancing proactive threat detection capabilities and improving incident response strategies.Accountable for managing incidents and ensuring ongoing surveillance, analysis, mitigation, and cleanup using the toolset of the Confidential Cyber Defense Center.CLIENT: ENTERSOFT SECURITY MAR 2020 JAN 2021ROLE: SECURITY OPERATION CENTER (SOC) ANALYSTResponsibilities:Used Splunk to monitor and analyze more than 1,000 security events every day, greatly cutting down on incident response times and increasing the effectiveness of threat detection.Installed and maintained CrowdStrike Falcon on more than 1,000 devices, resulting in a significant drop in security incidents pertaining to endpoints.Used Darktrace to monitor and examine network traffic, which significantly improved the ability to spot and stop suspicious activity.Created Bash scripts to automate threat hunting, which greatly increased security operations' efficiency.Worked together with several departments to improve security protocols and guarantee adherence to rules and guidelines.Manages end users, reports incidents, issues, and modification requests related to network security within the predetermined service level agreement (SLA).Designing dashboards, knowledge objects, correlation rules, and daily shift reports for the clients in Splunk and ArcSight.Considered duties as a SOC analyst, tasked with correlating and associating data from various security logs to ascertain the existence and type of security incidents, notify the SOC analyst, and subsequently create an incident ticket during escalation.Integrated IAM frameworks, ensuring strict access controls and managing privileged access through CrowdStrike Falcon.Charged with utilizing a variety of network equipment, including Active Directory, firewalls, switches, and routers.CLIENT: CASTELLUM LABS MAY 2019 FEB 2020ROLE: JUNIOR SECURITY ANALYSTResponsibilities:Performed incident response and digital forensic investigations, which led to a notable decrease in the amount of time needed to resolve incidents.Conducted penetration tests and vulnerability assessments on vital systems, finding and removing a multitude of potential security threats.Performed threat intelligence analysis and examined malware attacks, which led to a discernible rise in proactive threat detection.Offered thorough reports and remedial recommendations that greatly enhanced overall security posture and resilience.Maintain close on and look into events happening inside the external client network. Properly document tickets and escalate them to the relevant teams for mitigation and, if needed, resolution.Deliver services to external clients, including ALA, MEP, HIPS, NIDS, and MVA services. This was accomplished by combining the SIEM ArcSight with the ePO (ePolicy Orchestrator) and NSM (Network Security Manager) solutions from McAfee.Run ArcSight reports and distribute them to clients every two weeks or every month.CLIENT: CASTELLUM LABS MAY 2018 MAY 2019ROLE: INTERNConducted penetration testing and vulnerability assessments on critical systems, identifying and removing numerous security threats.Supported IT audits for defense firms, ensuring adherence to ISMS rules and regulations.Established a regular reporting cadence, generating and distributing insightful ArcSight reports to clients, keeping them informed.Streamlined client service delivery by integrating ArcSight with McAfee's ePO and NSM solutions, improving efficiency through automation.Maintained close watch on external client network events, documented tickets clearly, and escalated them to the appropriate teams for mitigation and resolution.EDUCATIONJNTUK May 2019Bachelors in Electronics & Communication EngineeringTexas A&M University, Corpus Christi Dec 2023Master of Computer Science |
