Threat Analyst
Current• Effectively oversaw real-time security incidents utilizing SIEM consoles such as Kibana or Splunk, detecting and analyzing patterns suggestive of cybersecurity risks.• Performed comprehensive security incident investigations using advanced SIEM capabilities, creating reports enriched with annotations to facilitate swift response and maintain accurate historical records.• Gained experience in Splunk, adapting to variations in client log sources due to differences in log field… Show more • Effectively oversaw real-time security incidents utilizing SIEM consoles such as Kibana or Splunk, detecting and analyzing patterns suggestive of cybersecurity risks.• Performed comprehensive security incident investigations using advanced SIEM capabilities, creating reports enriched with annotations to facilitate swift response and maintain accurate historical records.• Gained experience in Splunk, adapting to variations in client log sources due to differences in log field structures.• Ensured consistent, high-quality customer interactions while adhering to service level agreements and implementing effective incident notification protocols.• Conduct a daily review of SIEM logs, prioritizing analysis of Windows Event log IDs, Intrusion Detection/Prevention System events, and OSINT threat data. Show less