Soc Analyst
Current•Perform log analysis on SIEM (Security Information and Event Management) solutions such as Splunk and IBM QRadar and identify, and investigate security anomalies, notables and offenses on SIEM enterprise tools.• Analyzed endpoint telemetry data and conducted investigations into suspicious activities using SentinelOne and CrowdStrike Falcon EDR/XDRs.• Implemented and managed Proofpoint email security solution to defend against phishing, malware, and other email-based threats.• Created tickets in TheHive and managed and triaged security incidents and service requests using Jira ticketing system.• Utilized Kali Linux for penetration testing and ethical hacking activities.• Conduct cybersecurity analysis to determine the legitimacy of files, domains, and emails using open-source intelligence (OSINT) such as VirusTotal, URLScan, WhoIs, CentralOps, Header Analysis, MX Toolbox etc.• Review existing policies and guidance to ensure compliance with the National Institutes of Technology (NIST)Risk Framework, use MITRE ATT&CK Framework against adversaries.• Monitored and analyzed security logs and events generated by Fortinet devices.• Utilized Armis IoT security platform to discover and monitor connected devices across the enterprise network,providing comprehensive visibility and risk assessment of IoT devices.• Used web vulnerability scanning tools such as Acunetix for identifying and mitigating security vulnerabilities in web applications