MDR Security Analyst

• May 2023 - Present

UV CYBER, REMOTE, JAN. 2023 — PRESENT SOC ANALYST • Consult with various companies, including newly acquired ones, within the UV Cyber umbrella. • Leverage industry-leading EDR (endpoint detection and response) tools to drive operational efficiency and accuracy. Resulting in a more efficient work environment for the entire team. • Offer training and mentorship for employees of newly acquired companies on all systems and software. • Investigate potentially malicious alerts using Open Source Intelligence (OSINT). • Develop source reports on the latest, as well as previous, vulnerabilities, cyberattacks, and cybercrimes directly impacting clients and internal SOC. • Promote career and skills development by holding training sessions and seminars for junior analysts and interns in the IT staff. • Safeguard sensitive information, ensuring confidentiality in all investigations and communications. • Maintain a thorough familiarity with relevant vulnerabilities, threat actors, indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and industry trends, identifying actionable areas of interest and threats. • Expertly operate security tools related to Enterprise Log Management, IDP/IDS, Antivirus, Firewalls, Proxies, DLP, Forensic Analysis, Malware Analysis, and SIEM. • Successfully complete client-required training to garner skills and provide thorough analysis. • Enter CVEs (common vulnerabilities and exposures) into proprietary databases. • Serve as a subject matter expert for end users, responding to any issues or inquiries in a timely, professional manner. • Author and deliver routine reports to management and stakeholders detailing project status and any points of need. • Regularly evaluate performance to identify and execute areas for improvement. • Carefully document all issues, threats, and steps taken for resolution. Show less

SOC Analyst

• Jul 2022 - May 2023

THE WATCHTOWER LLC, REMOTE, MAY 2021 — JAN. 2023SOC ANALYST, JULY 2021 — JAN. 2023• Consulted with SOC engineers and other SMEs to manage intrusion detection and prevention systems (IDS/IPS), including Splunk and CrowdStrike, to evaluate and detect worms and vulnerability exploitation attempts.• Maintained a strong working knowledge of current vulnerabilities, attacks, and countermeasures.• Developed source reports on the latest and previous exploits, cyberattacks, and cybercrimes directly impacting clients and internal SOC.• Leveraged Open Source Intelligence (OSINT) to analyze potentially malicious alerts.• Utilized top industry SIEM tools to search for email logs bearing further analysis, validate non-incidental events, and monitor, detect, and isolate incidents in the organization’s security products, network devices, end user devices, and systems.• Performed analysis of relevant activities and incidents to detect and comprehend threats and malicious events, producing actionable security measures.• Conducted internal and external vulnerability assessments and penetration tests including web applications, physical infrastructure, networks, and software.• Consulted with the network team to isolate a user in situations where the user has clicked malicious links, following the Intrusion Kill Chain Model.• Used the Jira ticketing system to handle alerts generated via Splunk enterprise.• Evaluated performance to identify and execute areas for improvement in security awareness and education.• Tracked and assessed user accounts in Active Directory.• Monitored and input IOC (indicators of compromise) into the company database.• Completed routine training and professional development seminars to stay abreast of emerging trends and technologies.• Offered training and mentorship to new and junior analysts.• Reported to supervisors with any escalated issues or inquiries. Show less

SOC Analyst Intern

• Apr 2022 - Jul 2022

THE WATCHTOWER LLC, REMOTEINTERN, MAY 2021 — JULY 2021• Completed a six-week internship program with the possibility for a permanent position.• Participated in individual and group projects in security topics, preparing and delivering presentations to the CEO, CFO, and CTO.• Collaborated with fellow interns and the course instructor to understand the SOC environment.• Conducted research and analysis on notable current and past security events.• Garnered thorough, hands-on training in company workflow through shadowing with current staff members.• Trained in phishing and other malware to gain expertise in identifying and mitigating harmful risks to cybersecurity.• Comprehended and complied with CISA and government policies pertaining to clients.• Presented a final individual project to management on the cyberattack cycle.• Upheld a high grade point average of 95% during the program. Show less

Maintenance Specialist

• Mar 2015 - Sep 2019