SUMMARY:

About four years of Cyber security operations with professional knowledge in Computer Network Defense (CND), Information Assurance, Vulnerability Management and Security Operations. Provide security solutions for Data, Networks and organizational assets using best practices and customized solutions in a fast - paced Security Operations Centers (SOC). Good hands on experience in security operation center processes, tools and technologies, CND tools and best practices at Tier one and two levels.

PERSONAL SKILLS:

• Ability to handle designated tasks timely, confidently and efficiently.
• Capable of managing multiple tasks in a pressurized environment.
• Motivated team player and coordinate activities in a team.
• Good interpersonal skills with exceptional versatility and adaptability.
• Self-disciplined and dedicated as a hard-working individual.

SOFT SKILLS:

• Practical insight to Creating Rules, Dashboard, Filters, Reports, Queries etc. in ArcSight and other technical tools to track incidents
• Proficient in Microsoft office (SOPs drafts, runbooks, excel, power points, spread sheets, Visio and office 365)

KEY SKILLS:

• Network & System Security
• Vulnerability Management
• Authentication & Access Control
• Cyber Security Operations
• Security Assessments and testing
• Change Control and Configuration Management
• Security Incident Event Management (SIEM)
• Cyber Security Incident Response Plan (CSIRP)
• Regulatory Compliance
• Information Systems audits

TECHNICAL SKILLS:

Security Technologies: Cisco Ironport, F5 WAF, Guardium (DAM), Nessus Security Center, SIEM tools; (HP ArcSight, Splunk), TCPDump/Wireshark, IDS/IPS; (FireEye, FirePower); Log Management, Anti-Virus Tools (Symantec Protection Engine), Service Now and JIRA ticketing systems, ForeScout CounterAct

Operating Systems: Unix-Based Systems (Solaris, Linux, BSD); Windows (all)

Networking: LANs, WANs, VPNs, Routers, Firewalls, TCP/IP protocols

Software: MS Office (Word, Excel, Outlook, PowerPoint), MS VISIO

Access Control: SAML, SSO, RAM, PAM

Virtualization: VMWare Workstation, VMWare vSphere

Network Monitoring: Nagios, SiteScope, Extrahop

Database Management Systems (DBMS): MySQL

PROFESSIONAL EXPERIENCE:

Security Operation Center( SOC) Analyst

Confidential

Responsibilities:

• Real Time Log analysis from different network devices such as Firewalls, IDS, IPS, Operating Systems like UNIX, Proxy Servers, Windows Servers, System Application, Databases, Web Servers and Networking Devices.
• Performs real-time monitoring, security incident handling, investigation, analysis, reporting and escalations of security events from multiple log sources.
• Handles end users, report Incidents, problem ticketing and change management ticketing with respect to Network Security within the agreed SLA.
• Preparation of daily shift reports to the clients and creation of correlation rules, dashboards and knowledge objects in Splunk and ArcSight.
• Optimizing, managing and monitoring real time events from devices like firewalls, web proxy, antivirus vendors, using Nexpose Rapid 7
• Tasked to perform the role of a SOC analyst to analyze data from different security logs and correlating /associating them together to determine the existence and nature of security incidents and alert the SOC analyst and then create an incident ticket during escalation.
• Using tools like Nexpose Rapid 7, and Splunk for scanning vulnerabilities.
• Analyze critical vulnerability by doing research on the vulnerability like OWASP top 10, national vulnerability data base (NVD), open port and missing patches
• Using tools like Nessus, ArcSight, Snort/source fire, Nmap, wire shark etc.
• Experience with malware analysis, and OWASP top ten vulnerabilities
• I also use these tools to find suspicious or malicious activity by analyzing alerts; investigating indicators of compromise (IOCs like file hashes, IP addresses, domains, etc.); reviewing and editing event correlation rules; performing triage on these alerts by determining their criticality and scope of impact; evaluating attribution and adversary details; sharing our findings with the threat intelligence community; etc.
• POA&M Remediation: Performed evaluation of policies, procedures, security scan results, and system settings in order to address controls that were deemed insufficient
• Work with a team in performing Security Assessment and Accreditation(A&A), RMF, continuous monitoring and FISMA audits.
• Tasked with using various network devices like, routers, switches, fire walls, active directory.
• Communicate effectively through written and verbal means to co-workers, subordinates and senior leadership.
• Determine security controls effectiveness (i.e., if controls are implemented correctly, operating as intended, and meeting desired security requirements, and producing desired results)
• Ensure customers follow security policies and procedures following NIST and NIST A
• Asist in establishing an ongoing Authorization (AO) program design to review the security posture of designated system on a continual basis
• Performing Risk Assessment to analyze the effectiveness of the security controls that protect an organizations asset and to determine the probability of losses of those assets.

Help Desk

Confidential

Responsibilities:

• Proven experience as front desk representative
• Familiarity with office machines (e.g. fax, printer etc.)
• Knowledge of office management and basic bookkeeping
• Proficient in English (oral and written)
• Excellent knowledge of MS Office (especially Excel and Word)
• Strong communication and people skills
• Good organizational and multi-tasking abilities
• Problem-solving skills
• Customer service orientation