SOC Analyst
Send a job offer directly to this candidate
SECURITY OPERATIONS CENTER ANALYST ● Incident response based on information security alerting via Splunk, Crowdstrike, Proofpoint, IBM QRadar, Sentinel One. Documentation of investigations and findings through IBM SOAR (Resilient) ticketing system and Jira. ● Security event triage and attack mitigation including analysis of intrusion, malware and anomalous behavior. ● Perform comprehensive analysis to determine the legitimacy of files, domains, and emails using online resources such as VirusTotal, AnyRun, and MX Toolbox. ● Pilot analysis of PCAP files, narrowing down anomaly traffic with Wireshark and examining the details of the infected hosts to write IOC on executive summary reports and enable data-driven decision making. ● Assess existing policies, procedures, and guidance to verify compliance with National Institutes of Technology (NIST) Risk Framework, identifying opportunities for improvement to enhance teamwid capabilities.
Leverage expertise in tools such as: FireEye HX, Burp Suite, NMap, Tenable Nessus, Kal Linux and Metasploit to continually strengthen cyber security Infrastructure ● Upgrades cyber security program and capabilities by implementing and maintaining security controls ● Perform post-mortem analysis on logs, traffic flows, and phishing activities to identify malicious actors.
Experience For Malware Reverse Engineering ● Analyze daily phishing email campaigns and malicious indicators ● Write technical reports on malware, phishing campaigns, and cyber-attacks ● Leverage commercial and open source tools for reverse engineering ● Perform network enumeration and intelligence pivoting to expand findings ● Identify credible new intelligence and subject matter resources relative to current/emerging threats as they relate to the use of information technology
CompTIA Security+ certified Cyber Security Analyst with 4+ years of professional experience in the cyber security field. Fluent in Cyber Security's most useful languages, including English and Turkish. Specialized in Incident Response, Endpoint Security, SIEM, Phishing and Malware Analysis. Experienced in hands-on projects such as monitoring and analysis of potential and active threats using tools and procedures. Currently working towards getting AWS aws cloud security certification.
TECHNICAL SKILLS AND TOOLS ● Certifications: CompTIA Security+, Splunk 7.x Fundamentals Part 1, Splunk Core Certified User,Google IT Support Professional, AWS Administration: Security Fundamentals, Microsoft Azure Security Technologies (AZ-500) Cert Prep: 1 Manage Identity and Access, Python ● SIEM: Splunk Enterprise Security, IBM Qradar ● EDR: CrowdStrike Falcon, SentinelOne, Proof Point, SOC Radar. ● Ticketing Systems: IBM Resilient, Jira ● Penetration Testing/ Vulnerability Analysis: Kali-Linux, Nmap, Shodan, Metasploit, Hydra, Nessus, OSINT tools, OWASP 10, Burp Suite, Phishing Analysis ● Networking: Web Application Firewall (WAF), Next Generation Firewall (NGFW), Palo Alto Networks Firewall, TCP/IP & OSI Layers, Router, Switch, SMTP, HTTP, DNS, Active Directory, WHOIS, Wireshark ● Security Frameworks: NIST-800, SANS, OWASP 10 OS: Windows, Mac iOS, Linux ● Foreign Languages: Turkish
