Information Security Analyst
CurrentAs an information security analyst, I wear many different hats over the course of a day in order to improve our organizational security. When someone at our organization receives an email they are suspicious about, they report it to me for inspection in a virtual machine. When employees are unable to come into the office, I assist in setting their account up to securely work from home. I respond to security questions posed by members of our credit union, whether that be about a suspicious phone call they received, or a fraudulent email claiming that their card is compromised. In events such as these I investigate the incident, and if it poses a security issue to our organization, I take steps to remedy it. This could take the form of reaching out to the cell provider of the offending phone number to report it, or be as simple as adding the offending email address to our ESA blacklist. I also monitor various logs which are collated in Splunk such as IIS referrals to our website, attempted logins to our VPN, and suspicious activity from overseas. I analyze offending IP addresses and then decide if they warrant being added to either the shun or access control list. The most intriguing part of my job is dark web monitoring. With the help of our partners I monitor various threats to our organization such as leaked employee credentials and brand impersonation/typosquatting websites. I then remedy these issues as swiftly as possible, keeping documentation along the way.