| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
EMAIL AVAILABLE WASHINGTON, DC, US PHONE NUMBER AVAILABLEProfessional SummarySolutions-driven cybersecurity analyst with over 6 years of experience in incident response within security operations centers. Looking to help safeguard organizational sensitive data by impactful technical analysis and effective interpersonal skills in a critical cyber threat landscape.CertificationComptia Security + (expires 2026), Information Technology Information Library (ITIL) Service Management certification, CISSP (in-progress), Public Trust security levelWORK HISTORYCybersecurity Triage Analyst, Sr. at EC3 Federal Services LLC. 2023-11-01 - 2024-10-31(1 Year(s))Respond to cloud XDR endpoint alerts and triage potentially suspicious malicious activity with critical data log analysis for Indicators of Compromise utilizing various security applications.Send RFI s(Request for Information) to internal AFS users to ascertain the nature and business legitimacy of user activity to prevent data leakage and Insider Threat behavior.Analyze inbound emails to internal AFS user s inboxes for malicious attachments and exploits in the headers and release quarantined emails from Microsoft Defender which pose no risk to the AFS environment as well as investigate email alerts for malicious activity.Monitor AFS security inbox for incoming security alerts and escalate in a timely manner.Leverage Microsoft Azure and Splunk to analyze data traffic and user risky unfamiliar sign ins to prevent security breaches and brute force attacks. Investigate AFS user reported lost stolen AFS devices for security compromises and provide information for escalation to management for chain of custody to law enforcement.Cyber Threat Specialist at Donnelley Financial LLC. 2022-05-01 - 2023-11-01(1 Year(s))Monitor endpoint traffic from network taps for malicious behavior on the network through multiple security SIEM tools for analysis to protect the organization from cyber threats.Analyze and respond to malicious activities leading to remediation from blocking external IP s, domains or URL s, to the quarantine of host machines.Analyze email content and email headers for potential phishing activities such as phishing campaigns, credential harvesting, spear-phishing, and malicious payloads.Monitor security inbox and communicate with network users to investigate suspicious activity.Respond to alerts from detected signatures in IBM Q-Radar, Greymatter, Carbon Black and PhishER for potential cyber threats or activities that need to be escalated to incidents for management response and critical remediation.Communicate with different organizational teams cross-platforms to collaborate on efforts to resolve critical incidents.Automate playbooks in Greymatter for threat hunting to prevent potential threats as well as potential vulnerabilities on the network.Cyber Security SOC Analyst at AT T Tyto Athene LLC. 2017-08-01 - 2021-09-30(4 Year(s)) Administrative Office of the U.S CourtsObtained packet captures from Fireeye (IDS), data packet texts from Cisco Sourcefire (IPS) as well as network traffic from Splunk through concise queries for log analysis to determine any malicious activity, exploits and anomalies of traffic patterns which may be needed for escalation to management and or notification or blocking of an incident.Working knowledge and experience with various data logs (Palo Alto Network, Estreamer, Cisco Sourcefire, Fireeye, Imperva, Deep security, Windows Event etc.) for analysis, event correlation and incident management procedures.Strong understanding of TCP IP networking including knowledge of protocols and services.Current working knowledge of Security Operations Center (SOC) and Incident Response procedures as they relate to my job duties.Recognize potential, successful, and unsuccessful intrusion attempts and compromises which include denial-of service (DOS), distributed denial-of-service (DDOS), potentially unwanted programs (PUP), malware, phishing, spoofing, Chinese backdoor, exploit kit, Control and Command (C2) servers etc., through review and analysis of relevant event detail and summary information, IDS IPS s, by various web-tools and sandboxes. Knowledge of various cryptographic algorithms and frameworks.Consolidated remediation workflow processes by working with other team members.Written technical analysis of initial investigation with proven artifact documents and ticket creation in the HEAT ticketing system covering the 5W s with a recommended category of direction for the incident response process for the Analysis and Response team and Security Operations Center management.Special Police Officer at U.S Security Associates Inc. Securiguard Inc. 2011-08-01 - 2017-08-01(6 Year(s). Administrative Office of the U.S Courts Special Police OfficerPerformed security patrols interior exterior facilities. Provided Knowledge of DCJS system as it applied to public safety Analyzed, developed, and enhanced existing methods of the Control Center operations.Wrote new and updated previous Knowledge base Standard Operating Procedure to better assist our Customer Service to the Client Provided coaching and one on one training to new Officers to ensure Business ContinuityAttained MEB Weapons, Firearm, First AID, CPR and Handcuff certifications as required by the ClientEDUCATIONUniversity of Maryland- Candidate for bachelors degree in electrical engineeringWestern Governors University- Candidate for Information Assurance and Information Technology |
