Security Operations Center Analyst
Current• Coordinated or worked in a 24x7 Cyber Security Operation Center (SOC), including detection, Incidence response, threat hunting and support roles and documented incidents on the SNOW ticketing system.• Accomplished utilizing IBM QRadar SIEM solutions and investigated offenses by conducting log analysis and escalating them to the technical teams via resilient and hive ticketing systems when needed.• Enhanced continuous monitoring of endpoint by effectively using SentinelONE XDR solutions and analyzed detected threats across the company.• Achieved to identify security anomalies, compromised domains, rouge applications and write IOCs on executive summary reports for investigation and remediation through analyzing PCAP files, narrowing down anomaly traffic with Wireshark, examining the log feeds of the infected hosts.• Effectively conducted analysis to determine reputation of files, domains and analyzed phishing emails using online resources such as VirusTotal, AnyRun, MX Toolbox and Cuckoo for confidential documents.• Review existing policies and guidance to ensure compliance with NIST(SP-800-61) Risk Framework• Experience on network technologies and tools, identity and access management, network security and implement secure systems and risk management.