Soc Security Analyst / Incident Response Soc Analyst Resume
SUMMARY:
Cyber Security Analyst with proficient and thorough experience and a good understanding of information technology. Specialized in proactive network monitoring of SIEM (Splunk). H ave a deep knowledge in identifying and analyzing suspicious event. Versatile, bilingual professional and ability to manage sensitive materials. Able to use various security tools to perform logs and packet analysis. Finally, can perform malware analysis with the overall objective to ensure confidentiality, integrity and availability of the systems, networks, and data.
TECHNICAL SKILLS:
Security Management: Nitro, ArcSight, Splunk, FireEye, McAfee Endpoint Protection (ePO), Symantec Endpoint, Snort, IronPort, Firewall Logs, Linux and Windows OS, Wireshark, TCPdump, JIRA.
PROFESSIONAL EXPERIENCE:
SOC Security Analyst / Incident Response SOC Analyst
Confidential
- Conduct proactive monitoring, investigation, and mitigation of security incidents
- Analyze security event data from the network (IDS, SIEM).
- Perform static malware analysis on isolated virtual servers
- Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
- Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
- Research new and evolving threats and vulnerabilities with potential to impact the monitored environment
- Conduct log analysis using Splunk
- Identify suspicious/malicious activities or codes.
- Worked in a 24x7 Security Operations Center
- Monitoring and analysis of security events to determine intrusion and malicious events.
- Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts.
- Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis.
SOC Security Analyst
Confidential
- Worked in a 24x7 Security Operations Center.
- Continuous monitoring and interpretation of threats using the IDS and SIEM
- Use Vulnerability Assessment tools such as Nessus, NMAP to perform security testing
- Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis.
- Rescan mitigated systems for further infections. If none, commission systems back to the network.
- Conduct research on new and evolving threats and vulnerabilities using security blogs.
- Research new and evolving threats and vulnerabilities with potential to impact the monitored environment
- Conduct log analysis using Splunk
- Identify suspicious/malicious activities or codes.
- Monitoring and analysis of security events to determine intrusion and malicious events.
- Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts.
- Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis.