| | | 20,000+ Fresh Resumes Monthly | |
|
|
| | Related Resumes Soc Analyst Cyber Security Fairfax, VA Security Analyst Cyber Fort Washington, MD Information Security Cybersecurity Engineer Bowie, MD SIEM Engineer Soc Analyst Security Engineer Technical Account Ma Elkridge, MD Cyber Security Information Systems Woodbridge, VA Cyber Security Analyst Fredericksburg, VA Cybersecurity Analyst, EDR, SIEM, Email security solution, Secur Ashburn, VA |
|
Click here or scroll down to respond to this candidateCandidate's Name
SOC ANALYSTPHONE NUMBER AVAILABLE EMAIL AVAILABLEProfessional SummaryCyber Security Operations Analyst with 4 years of experience in monitoring, detecting, and mitigating threats using the MITRE framework. Skilled in using tools like Splunk and CrowdStrike for security monitoring, incident response, and malware analysis. Known for strong analytical skills, attention to detail, and effective communication. Experienced in threat intelligence, vulnerability management, and compliance with standards like NIST and ISO. Proven track record in developing SOPs and playbooks to ensure system and data security. Security+ certified, with a commitment to continuous learning and a strong work ethic. Dedicated to enhancing cyber security solutions to protect against evolving threats.Technical Skills Data Loss Prevention End Point Protection Threat Modeling Threat Hunting Threat Intelligence Advanced Threat Protection Cyber Kill Chain APT Log Analysis I Intrusion Detection Malware Analysis Network Security System Security Vulnerability Scanning End Point Detection Response TTP MITRE ATT&CK TC - Threat Connect.Operating System: Windows, MacCyber Security Technologies: IDS/IPS- Cisco Firepower FireEye ETP FireEye HX Cisco Secure power Cisco Secure Endpoint AMP Cisco IronPort Mimecast CrowdStrike Falcon Xcitium Carbon Black Cloud SIEM-Splunk ES Splunk Search Sentinel One Microsoft Defender for Endpoint Packet capturing and analysis-Wireshark (PCAP) Proxy- Cisco Umbrella McAfee Web Proxy Protocols-TCP/IP, UDP, SNMP, SSH, SSL, TLS.OSINT: VirusTotal.com, IBM X-Force Exchange, Palo Alto Test A Site, urlscan.io, Browserling, Abuse IPDB, IP Void, Hybrid Analysis, MxToolbox, IP Lookup, etc.Ticketing System: Jira, Service NowNetworking: VPNs, Routers, Firewalls, TCP/IP, Web Application Firewall (Web Proxy)ExperienceDirect line Global LLC Ashburn, VASOC Analyst OCT 2022 PresentLeverage SIEM solutions like Splunk to monitor security events in real-time, correlating and analyzing data to detect and mitigate threats. Develop custom rules, filters, reports, dashboards, and alerts for comprehensive threat detection results in 5% overall response time.Hunt for threats across multiple data sources including malicious emails, domains, network traffic logs, and more. Conduct in-depth analysis using open-source intelligence tools and implement effective countermeasures to bolster security posture.Experience performing some post-incident analysis utilizing the MITRE ATT&CK framework to identify adversary tactics, techniques, and procedures (TTPs), continuously enhancing threat detection capabilities.Ensure adherence to industry standards like NIST and ISO, actively participating in security audits. Conduct vulnerability assessments and forensic investigations to fortify the organization's security defenses.Supported training and mentorship of remote SOC team members, sharing knowledge on networking concepts, security protocols, and core security tools to uplift team proficiency using teams creating Lunch time weekly meet-up groups.Leverage PowerShell scripting to automate some daily tasks like log analysis and report generation, streamlining incident response processes.Develop and maintain Splunk rules, filters, reports, alerts, and dashboards while performing comprehensive event analysis and incident response.Analyze and mitigate intrusion attempts through firewall, email, web, and DNS log analysis to enhance security posture.Employ the MITRE ATT&CK framework for post-incident analysis Standard Operational Procedure, identifying adversary behaviors and improving threat detection capabilities guidelines.Atlantix Global Systems LLC Ashburn, VAJr SOC analyst Nov 2018 OCT 2022Monitored and responded to security alerts with SIEM monitoring tools to identify and address potential threats. Analyzed suspicious activities and took immediate action to ensure our network remained secure.Conducted initial incident investigations when security incidents occurred, such as phishing emails or malware infections. Using established procedures and open-source intelligence tools, I worked to understand the scope and impact of incidents to generate comprehensive reports for leadership.Analyzed logs from firewalls, servers, and other network devices, identifying unusual patterns or behaviors that might indicate a security incident, and took steps to mitigate any threats through the ticketing system for senior analysts.Worked with the Network Engineering department to fine-tune our security tools, including SIEM systems, IDS, and endpoint protection solutions. This ensured that these tools ran efficiently and effectively, providing the best possible defense against threats.Meticulously documented all security incidents, investigations, and resolutions. Also updated the department's Standard Operating Procedures.Collaborated with senior SOC analysts, IT teams, and external vendors to escalate and resolve security issues. Participating in team meetings and training sessions helped me stay updated on the latest threats and security practices.AWS Herndon, VAData Center Technician SEP 2017 NOV 2018Utilized Cloud Forge Deployment Planning Tool (RDPM) to identify cabling positions, pulled materials, measured, and labeled fiber and copper cables according to established standards for various configurations (TOR to brick, uplink for server console, etc.).Performed in-row and out-of-row fiber (single and multimode) and copper cabling from server racks to mini racks, Euclid bricks, and IDF panels, ensuring proper connections and functionality.Responsible for identifying rack position, cabling progress, and network fabric identity (EC2, Production, Corporate, Network, etc.) used Cloud Forge Deployment Planning Tool, managed the deployment and integration of server racks.Verified brick information, pulled necessary materials (optics, breakout cables), installed optics into bricks, patched into panels, and dressed loose cables for an organized and efficient setup.Designated server rack cable installations to appropriate network fabric bricks and mini racks based on labeling information, ensuring seamless network integration and connectivity.EducationKwame Nkrumah University of Science and Technology 2006Batchelor, Computer ScienceMicrotech City Guilds (London UK) 2000vocational training certificateCertificationCompTIA Security+ expires Jul 2025Microsoft Certified Systems Engineering (MCSE) 2019 |
