Cyber Security Analyst
Current♦ Conduct core information security activities such as Security Information and Event Management (SIEM), Threat Intelligence, Vulnerability Management, Education & Awareness, Malware Detection, Incident Response, Network Monitoring, and Log Analysis.♦ Monitor and analyze Security Information and Event Management (SIEM) logs and alerts through QRadar-Splunk, identifying security incidents for remediation and investigation.♦ Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event details and summary information from security tools and technologies to develop IDS/IPS, Firewall, and SIEM rules.♦ Analyze phishing incidents, develop phishing/vishing scenarios, and contribute to the administration of the phishing assessment program, including deploying assessments and generating reports.♦ Analyze malware and virus attack incidents, identify details of infected Windows hosts, determine indicators of compromise (IOCs), prepare incident reports to determine the impact and scope of malicious activities, and facilitate system and data recovery.♦ Imitate tactics and techniques used by modern attackers, including common network and software exploitation, to analyze potential threats.