Abraham Silvanus Tucker

Investigating, documenting, and reporting on any information security (InfoSec) issues and emerging trends. Analysis and advising or response to previously unknown hardware and software vulnerabilities. Preparing disaster recovery plans. Automation Testing (Selenium WebDriver), API Testing, Database Testing, Manual Testing, Software Development Life Cycle (SDLC), and Software Testing Life Cycle (STLC). Receives and looks into alerts daily. Reviews themost recent SIEM alerts to see their relevance and urgency. Carries out triage to ensure that genuine security incident is occurring. Oversees and configures security monitoring tools. Reviewed violations of computer security procedures and developed mitigation plans. Conducted security audits to identify vulnerabilities. Performed risk analyses to identify appropriate security countermeasures. Developed plans to safeguard computer files against modification, destruction, or disclosure. Encrypted data and erected firewalls to protect confidential information

Conduct log analysis on Splunk Enterprise and IBM QRadar SIEM solutions and provide recommendations to technical teams via IBM Resilient and Jira ticketing system. Monitor and analyze SIEM alerts through Splunk Enterprise and IBM QRadar and identify security anomalies for investigation and remediation. Conduct analysis to determine legitimacy of files, anddomains emails using OSINT tools such as VirusTotal, IBM X-Force, Entral Ops, Abuse IP, URL Scan, Hybrid Analysis, Any Run, Joe Sandbox, Whois Lookup, PhishTank and MX Toolbox. Familiarity with fundamentals of information security including network technologies and tools, identity and access management, network security, implementing secure systems and risk management. Analyze PCAP files, narrow down anomaly traffic with Wireshark, examine details of infected hosts, and write IOC on executive summary reports. Experience using various tools like SentinelOne, CrowdStrike Falcon, OpManager, NMap, Hydra, Tenable Nessus, SOC Radar, Kali Linux. Review existing policies and guidance to ensure compliance with National Institutes of Technology (NIST) Risk Framework.

Password policy and Identifying Phishing emails. Windows Server 2019 installation and use case Harden your system. Cybersecurity awareness
Final analysis and recommendation. Addresses security incidents. Evaluates incidents identified by tier 1 analysts. Uses threat intelligence such as updated rules and indicators of compromise (IOCs) to pinpoint affected systems and the extent of attack. Analyzes running processes and configurations on affected systems. Carries out in-depth threat intelligence analysis to find perpetrator, type of attack, and data or systems impacted. Identifies threats that have entered the network, and security gaps and vulnerabilities currently unknown. Collaborated with senior engineers on projects and offered insight. Investigated and resolved incidents of unauthorized access to sensitive information. Drafted security reports and metrics to track security performance and strategize improvements. Administered and monitored firewalls, intrusion detection systems, and anti-virus software to detect risks. Encrypted data and erected firewalls to protect confidential information.