• Analyzes and triages security incidents, coordinating with cross functional teams to contain threats, and document post-incident reports to enhance future response strategies.• Conducts proactive monitoring, investigation, and mitigation of security incidents• Uses the Elastic Stack as a SIEM.• Researches, defines, and executes firewall policies on host-based intrusion prevention systems (HIPS).• Operates log collection tools and reviews security events as they occur to… Show more • Analyzes and triages security incidents, coordinating with cross functional teams to contain threats, and document post-incident reports to enhance future response strategies.• Conducts proactive monitoring, investigation, and mitigation of security incidents• Uses the Elastic Stack as a SIEM.• Researches, defines, and executes firewall policies on host-based intrusion prevention systems (HIPS).• Operates log collection tools and reviews security events as they occur to determine if the event is a threat and if it is, the severity and criticality of it.• Performs cyber threat analysis and reporting on information from both internal and external sources and appropriately apply gathered cyber threat intelligence to defending the enterprise network.• Conducts Security Monitoring activities to provide Security in Depth visibility into potential known and unknown threats that may pose risk to the client environment.• Provides guidance for securing information systems, and support information security assessments. Show less

♦ Conducts log analysis on Splunk Enterprise Security and IBM QRadar SIEM solutions and provides recommendations to the technical teams via the Jira ticketing system.♦ Monitors and analyzes SIEM alerts through Splunk Enterprise Security and IBM QRadar and identifies security anomalies for investigation and remediation.♦ Analyzes malicious incidents using SentinelOne and CrowdStrike EDR solutions, identifies indicators of compromise, and prepares incident reports on the impact and scope… Show more ♦ Conducts log analysis on Splunk Enterprise Security and IBM QRadar SIEM solutions and provides recommendations to the technical teams via the Jira ticketing system.♦ Monitors and analyzes SIEM alerts through Splunk Enterprise Security and IBM QRadar and identifies security anomalies for investigation and remediation.♦ Analyzes malicious incidents using SentinelOne and CrowdStrike EDR solutions, identifies indicators of compromise, and prepares incident reports on the impact and scope of these activities using IBM QRadar SOAR. ♦ Conducts analysis activities to determine the legitimacy of files, domains, and emails using OSINT resources such as VirusTotal, AnyRun, CyberChef, HybridAnalysis, and MX Toolbox.♦ Analyzes phishing incidents using Proofpoint Email Security and Protection and documents incidents using IBM QRadar SOAR. ♦ Familiar with various tools such as Tenable Nessus, Revelstoke SOAR, and analyzing PCAP files using Wireshark.♦ Familiar with the fundamentals of network and information security, network technology and tools, identity and access management, risk management, and SANS Incident Response. Show less

· Provide support including but not limited to desktop, mobile devices, networks, and asset management· Troubleshoot and resolve customer related IT issues via telephone, email, or in-person· Install IT related infrastructure, equipment, and/or electronic devices in accordance with security and industry standards· Document support activity in designed ticketing or tracking system· Provide professional solutions to end-users regarding requirements status and/or escalate… Show more · Provide support including but not limited to desktop, mobile devices, networks, and asset management· Troubleshoot and resolve customer related IT issues via telephone, email, or in-person· Install IT related infrastructure, equipment, and/or electronic devices in accordance with security and industry standards· Document support activity in designed ticketing or tracking system· Provide professional solutions to end-users regarding requirements status and/or escalate requirement to appropriatesupport level for further resolution.· Develop SOPs and solutions for reoccurring issues and disperse to end-users. Show less

My daily responsibilities as an IT include performing core and specialty functions of communications operations, message processing(Microsoft Outlook), and network administration and security. I also conduct maintenance and training; manage, plan, and coordinate unit-level information systems security and integration across all platforms and services; and ensure the proper security, distribution, handling, accounting, reporting, and control of COMSEC materials, systems, and equipment… Show more My daily responsibilities as an IT include performing core and specialty functions of communications operations, message processing(Microsoft Outlook), and network administration and security. I also conduct maintenance and training; manage, plan, and coordinate unit-level information systems security and integration across all platforms and services; and ensure the proper security, distribution, handling, accounting, reporting, and control of COMSEC materials, systems, and equipment. Responsible for maintaining, analyzing, troubleshooting and repairing personal computer systems, hardware, software, and network peripherals. Assist employees via remote access, phone, or in person by solving technical issues and providing excellent customer service. Show less