| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Street Address EMAIL AVAILABLE PHONE NUMBER AVAILABLE /in/Candidate's Name Information Security AnalystSOLVENT CYBERSECURITY, Fairfax, VAAugust 2022-PresentSummaryAs a Cyber Security Analyst, I am passionate about protecting the network and data assets of our clients from evolving cyber threats. I have over 5+ years of combined IT and security work experience, with broad exposure to infrastructure, network, and multi-platform environments. I hold Splunk Search Expert certifications, demonstrating my proficiency in using SIEM tools to monitor, analyze, and investigate security incidents. Holding CompTIA Security+ and IBM Cybersecurity Analyst certificates. Currently working towards obtaining CEH certification. Proven ability to collaborate across teams and contribute to incident response efforts. Adept at working effectively unsupervised and quickly mastering new skills. Advanced skills in security information and event management (SIEM), incident analysis and proactive cybersecurity measures for optimal organizational defense.Create and track incidents and requests with an integrated ServiceNow (SNOW) ticketing system.Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of security incidents.Liaise with the Companys Security Operation Center to respond to emerging incidents in a timely manner.Perform analysis of log files of Firewall, IPS, IDS, Server, and Proxy via Splunk SIEM solution. Skilled in performing thorough analysis of PCAP files using Wireshark, adept at extracting valuable insights to troubleshoot network issues, identify security threats, and optimize network performance.Identify, track, and investigate high-priority threat campaigns, malicious actors with the interest, capability, and TTPs (Techniques, Tactics, and Procedures). Conduct core information security activities: Security Information and Event Management(SIEM), Malware Detection, Vulnerability Management, Education & Awareness, Open-Source Intelligence (OSINT), Network Monitoring and Log Analysis. Monitor and analyze Security Information and Event Management (SIEM) alerts through Splunk and identify security incidents for remediation and investigation.Document all activities during an incident, provide management with status updates during the life cycle of it.Provide information and warning for intrusion events, security incidents, and other threat indications.Triage security events and incidents, detect anomalies, and report remediation actions. Analyzing Qualys scan results to assess the severity of vulnerabilities and collaborated with cross-functional teams to develop targeted remediation plans. Assist in preforming and containment of compromised systems and mitigate root causes. Conducted in-depth analysis of security events and alerts within Splunk, providing actionable insights to the incident response team for timely mitigation. Develop and deliver security awareness and training programs to educate employees about cybersecurity best practices, policies, and procedures. Develop and implement an anti-phishing campaign periodically. Performing periodic scans in Qualys and inspecting and analyzing in ServiceNow(SNOW). Applied and managed security frameworks such as HIRA, NIST, ISO 27001 to enhance and govern the organizations information security strategies. EnglishTurkishMasters Degree / Physics / Black Sea Technical University Bachelor degree /Physics / Black Sea Technical University CompTIA Security+IBM Cybersecurity Analyst CertificateQUALYS Vulnerability Management,Detection and Response Specialist DDoS Attacks by University of Colorado Splunk 7.x Fundamentals & Core UserGoogle Cybersecurity Professional CertificateWireshark Project Certificate by CourseraIntro to Microsoft Azure Cloud Services by Coursera IT Security AnalystSTIRLING CO.May 2019-June 2022EducationSkillsRisk AnalysisSplunk SIEMPhishing AnalysisThreat DetectionMITRE ATT&CKMicrosoft DefenderMicrosoft IntuneLanguagesCertifications & TrainingsUsing KQL in Microsoft Sentinel to write query, to select data sources, to analyze large volume of data in real-time, create new rule and rule logics. Assisted with Azure Active Directory (MS-Entra) services as Conditional Access and Privilege Access Management in Azure, enhancing the company's security posture. Security Awareness and Training: Cybersecurity engineers may develop and deliver security awareness and training programs to educate employees about cybersecurity best practices, policies, and procedures.Developed and implemented an anti-phishing campaign periodically. Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in remediation of security incidents by using Microsoft Defender. Proficient in Microsoft Intune for managing and securing endpoints, ensuring compliance, and providing seamless mobile device and application management across the organization Virus TotalWiresharkCyber Kill ChainVirtual BoxMicrosoft SentinelEntra IDCisco TalosAzure Security CenterAWS Security HubGoogle Cloud Security Command CenterCloud Access Security Broker (CASB)Identity and Access Management (IAM)Zero Trust ArchitectureCloud Security Posture Management (CSPM)Cloud Infrastructure SecurityServerless SecurityCloud EncryptionMulti-Factor Authentication (MFA)Compliance (e.g., GDPR, HIPAA)Data Loss Prevention (DLP)Security Information and Event Management (SIEM)Intrusion Detection and Prevention Systems (IDPS)Geleneksel Gvenlik (Traditional Security)Network SecurityFirewallsIntrusion Detection Systems (IDS)Intrusion Prevention Systems (IPS)Endpoint SecurityMalware AnalysisSecurity Operations Center (SOC)Penetration TestingVulnerability AssessmentIncident ResponseForensics AnalysisEncryptionAccess ControlSecurity Policies and ProceduresRisk Management |
