Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app
Work Background
CybersecuritySenior Security Operations Analyst
Aug. 2022
United States Army ReserveInformation Technology Specialist-Part Time
Sep. 2021"One-weekend per month report to duty station".
The Information Technology Specialist installs, operates and maintains computer systems and information technology (IT) networks. Performs system administration (SA) and maintains computers and servers within the computing environment (CE) and the network environment (NE). Performs network administration (NA); installs, configures and maintains network equipment within the network.
Success Academy Charter SchoolsSenior Information Security Analyst
Jul. 2021 - Aug. 2022New York City Metropolitan Area-Using the SIEM tool (Microsoft Sentinel) for referencing and creating detailed analysis for security incidents.
-Remediating security incidents and documenting all analysis in the (TeamDynamix) ticket management portal.
-Experience with Google Platforms (Google Workspace, Google Endpoint Management,)
-Perform triage analysis through the SIEM tool on any given host machine and analyze the security event with corresponding security tools such as (Crowdstrike Falcon) and perform threat hunting intelligence on a regular basis to regulate the anomalies. -Draft and revise company IT security policies.
-Proactively audit processes, practices, and documents to identify weaknesses.
-Evaluate business activities (e.g., investments) to assess compliance risk.
-Collaborate with external auditors and HR when needed.
-Triage alerts from intrusion detection systems, antivirus, cloud-based services, windows servers, network infrastructure, data loss prevention systems, and user behavior analytics.
-Detect and analyze malware samples, hacking tools, phishing kits, network packet captures, exploits and network infrastructure associated with adversaries to document and perform hunts for related activity.
-Implement rules and configure the rules based on the the alert activity, and tuning the rules out as needed.
-Provide feedback on process improvements and how to eliminate false positive alerts from the ISIR workflow.
CDI LLCSenior Information Technology Security Analyst
Jan. 2021 - Jun. 2021
CDI LLCInformation Technology Security Analyst
Nov. 2019 - Jan. 2021Greater New York City Area•Using the SIEM tool (SKOUT Cybersecurity) for referencing and creating detailed analysis for security incidents. •Experience with Microsoft Platforms (Microsoft 365, Azure, Defender for Endpoints, Defender for cloud)
•Leveraging security incidents and documenting all analysis in the (Service Now) ticket management portal. •Using open source security tools for identifying, detecting, and threat hunting on security incidents. •Perform triage analysis through the EDR tool on any given host machines and analyzing the security event with corresponding security tools. •Investigating and following up on email security incidents through the (Phishing Quarantine) mailbox and using the email security tool (Cisco Agari) to determine the depth of the phishing incident on an end-user. •Develops performance metrics, trend statistical data, and customize management reports for information technology/security department •Performing vulnerability assessments under the organization network and using the vulnerability management tool (Nessus) for scanning and using it for threat analysis. •Enabling security and audits to share multiple Nessus scanners, scan schedules, scan policies, and scan results by using the cloud application software (Tenable.io) for better access to all public, and private clouds.
TEKsystemsCyber Security Operation Analyst
Apr. 2019 - Nov. 2019Bridgewater, NJClient Name:- Sanofi 50% Security Operations Monitor system events, log files and alerts by using the SIEM (IBM QRadar) Analyze the network security alerts and events Install and maintain primary security technologies such as (EDR sensors, SOAR platform) Experience with Microsoft Platforms (Microsoft 365, Azure, Defender for Endpoints, Defender for cloud)
Create and maintain network access through the (firewall) rulesets and policies Research and stay updated on the new threats, attack techniques and methods Threat hunting on any new security alerts by using the major security tools (e.g., botnet, phishing, suspicious download) Write down technical documents for stakeholders and other cross-functional departments tied with security operations 30% Incident Response Respond to incidents involving malware, virus and phishing emails Respond to network-based attacks through the vulnerability management tool (Tenable Nessus) Review and document alerts based on the detection methods Perform incident response and/or digital forensics through the SIEM platform on endpoints Investigate, and remediate email security incidents (e.g., Proofpoint TAP/TRAP). 20% Security Analysis Monitor and respond to system security events/alerts Enhance and leverage the MITRE ATT&CK framework, and Lockheed Martin Cyber-Kill chain framework to mature security operations process
Proactively hunting threats within the computing environment Assist in maturing the incident response process and procedures Identify network, systems and application vulnerabilities and perform security assessments using automated tools (e.g., FireEye HX, EX, NX)
LeidosCyber Security Operation Analyst
Jan. 2018 - Apr. 2019Roseland, NJClient Name:- Prudential Insurance 50% Security Operations Monitor system events, log files and alerts by using the SIEM (Splunk ES) Analyze the network security alerts and events (e.g., Trustwave WAF) Install and maintain primary security technologies such as (Carbon Black EDR sensors, SOAR platform) Create and maintain network access through the (firewall) rulesets and policies Research and stay updated on the new threats, attack techniques and methods Threat hunting on any new security alerts by using the major security tools (e.g., botnet, phishing, suspicious download) Write down technical documents for stakeholders and other cross-functional departments tied with security operations Conduct regular security lifecycle and business impact assessments Utilizing packet analyzer tool to analyze traffic flows TCP, UDP, HTTPS (Wireshark) Respond to incidents involving malware, virus and phishing emails Triage alerts based on their detection methods and analyze (Redline) Respond to network-based attacks through the vulnerability management tool (Tenable Nessus) Review and document alerts based on the detection methods Perform incident response and/or digital forensics through the SIEM platform on endpoints Investigate, and remediate email security incidents (e.g., Proofpoint TAP/TRAP). 50% Security Analysis Monitor and respond to system security events/alerts (e.g., McAfee IDS, CheckPoint IPS) Proactively hunting threats within the computing environment Identify network, systems and application vulnerabilities and perform security assessments using automated tools (e.g., FireEye HX, EX, NX) Enhance and leverage the MITRE ATT&CK framework, and Lockheed Martin Cyber-Kill chain framework to mature security operations process
Develop security policies based on the current cyber-security compliance standards (e.g, HIPAA, PCI DSS and SOC 2 Type 2) Conduct risk assessments for the security operations environment
Amazon Fulfillment Centre and Service ProviderIT Support Engineer I
Sep. 2017 - Jan. 2018Gouldsboro, Pennsylvania
Amazon LogisticsIT Support Engineer I
Sep. 2017 - Jan. 2018Gouldsboro, Pennsylvania
Berkshire Hathaway GUARD Insurance CompaniesCyber Security Intern
Feb. 2017 - May. 2017Wilkes-Barre, Pennsylvania
TMG HealthIT Security Analyst Intern
Sep. 2015 - Dec. 2015Jessup, Pennsylvania
Thorlabs
Intch is a Professional Networking App for the Future of WorkSee more people like Anmol on Intch
300k+ people
130+ countries
AI matching
Get Intch if you'd like to
886126 people
22
Data Entry
15
Virtual Assistant
15
Freelancer
308828 people
22
Data Entry
15
Freelancer
17
Assistant manager