Security Operations Center Analyst
Current• Perform real –time monitoring in Security Operations Centre from different devices such as Firewalls, IDS, IPS, Operating Systems like Windows, Linux, Proxy Servers, Windows Servers, System Application, Databases, Web Servers, and Networking Devices• Monitor and analyzed network traffic, Intrusion Detection Systems (IDS), security events and logs to identify abnormal and suspicious activity• Investigate, Prioritize, and differentiated between potential intrusion attempts and false alarms• Respond to computer security incidents by collecting, analyzing, preserving digital evidence, and ensuring that incidents are recorded and tracked in accordance with organizational SOC requirement• Investigate VPN alerts and reached out to users to confirm legitimacy of such activity• Train new analysts on how to perform network/host-based investigations and safely deal with phishing emails.• Work with SOC Engineers and other SMEs to operate intrusion detection and prevention systems (IDS/IPS) to analyze, detect worms and vulnerability exploit attempts• Investigate endpoints using SEPM and successfully terminated and deleted possible malicious file and processes