• Monitor and analyze security events using SIEM tools such as Splunk and Qradar.• Respond to security incidents, including malware infections, phishing attacks, and unauthorized access attempts.• Conduct root cause analysis and recommend corrective actions to prevent future incidents.• Perform vulnerability assessments and coordinate with IT teams to remediate identified vulnerabilities.• Develop and maintain incident response procedures and playbooks.• Collaborate with other security team members to enhance the overall security posture of the organization.• Generate and present detailed security reports and metrics to management.• Experience with analyzing IDS/IPS alerts and how to identify false positives• Incident response experience utilizing different SIEMs and industry best practices• Identify the TTPs of potential threats through the MITRE ATT&CK framework.• Monitor and analyze email security threats using Proofpoint, identifying and mitigating phishing attempts and malware campaigns to enhance organizational security.

• Assisted in monitoring network traffic and system logs for security events.• Participated in incident response activities, including containment, eradication, and recovery.• Conducted basic forensic analysis to support investigations of security incidents.• Updated and maintained documentation related to security incidents and investigations.• Assisted in the development of security awareness training materials for employees.• Collaborated with IT teams to implement security controls and best practices.• Experienced monitoring and defending on-premises/cloud computing systems (AWS, GCP)• Experienced performing ASD STIGs on applications and COTS products.• Responded to computer security incidents according to the incident response SOP• Performed root-cause analysis and root-cause elimination activities as required.• Analyzed the state of the infrastructure and identified areas that need improvement. • Conducted real-time analysis of network traffic through IDS/IPS systems, detecting anomalies and escalating potential security incidents for investigation.• Administered and maintained firewall configurations to ensure secure data flow and adherence to organizational policies.• Designed/tested Splunk SOAR playbooks for handling phishing, ransomware, and DDoS• Investigated and resolved incidents related to sensitive data leakage, utilizing DLP tools (IBM Guardium) policies to prevent unauthorized sharing of confidential information.

• Assisted senior analysts in monitoring security alerts and incidents using security tools.• Conducted initial analysis of security incidents to determine the scope and impact.• Supported the development and implementation of security policies and procedures.• Assisted in performing risk assessments and audits to ensure compliance with security standards and regulations.• Created detailed reports and documentation for security incidents and vulnerability findings.• Gained hands-on experience with tools such as Wireshark, Nessus, and Metasploit for network analysis and vulnerability scanning.• Assisted senior Scrum Masters in managing agile teams and facilitating Scrum ceremonies• Supported the Product Owner in backlog grooming and sprint planning.• Monitored sprint progress, identified impediments, and recommended solutions. • Conducted retrospective meetings to gather feedback and implement improvements.• Experienced performing all-source threat intelligence analysis (MITRE Attack Framework)• Managed a queue of security incidents via Jira tickets, ensuring accurate documentation and timely resolution of threats.• Utilized the cyber kill chain framework to identify, analyze, and mitigate potential cybersecurity threats at each attack stage, enhancing incident response strategies.• Conducted proactive network vulnerability assessments using Nmap, identifying open ports, misconfigurations, and potential security risks to improve overall network security posture.• Conducted dynamic malware analysis in sandboxes (Cuckoo, Anyrun) to observe behavioral patterns, identify malicious payloads, and determine IOCs for threat intelligence reports.• Monitored and analyzed endpoint activity using CrowdStrike, identifying indicators of compromise (IOCs) and responding to potential threats in real time.• Investigated and remediated security incidents through SentinelOne, leveraging its EDR capabilities to contain malware outbreaks and prevent lateral movement.

• Facilitate all Scrum ceremonies including Sprint Planning, Daily Stand-ups, Sprint Reviews, and Retrospectives.• Ensure that the team adheres to Scrum principles and practices.• Assist the product owner with maintaining a well-defined product backlog.• Mentor and coach team members on Agile methodologies and best practices.• Promote continuous improvement and help teams to increase productivity and efficiency.• Foster a culture of collaboration, transparency, and accountability within the team.