Security Operations Center Analyst
Current• Provided cyber support in a Cyber Security Operation Center (SOC), including Detection and Response.• Performed real-time monitoring of the SIEM alerts through Splunk Enterprise Security and Handled offenses generated by IBM QRadar such as authentication failure, connection to known malware sites, traffic from untrust networks firewall deny and potential data loss.• Monitored the company devices with Endpoint Detection and Response (EDR) solution like CrowdStrike Falcon and Sentinel One.• Focused on email phishing analysis through Proofpoint. Using OSINT Tools such as Virus Total, URLscan and MX Toolbox searched Email legitimacy.• Documented incidents through resilient, Jira, including reviewing and escalating tickets, and provided feedback about critical events to the SOC manager