ANUMU LIONEL BAN KWANGA
Mesquite,TX
Summary
Passionate SOC/IR Analyst with 3+ years of experience in investigating and preventing network, host and email-based attacks. Proficient in malware analysis, incident response, data loss prevention and improving SOC processes by utilizing top industry security solutions. Effortlessly adapt to various environments and workplaces. Operates well while working independently as well with team members. Self-motivated, goal-oriented, and customer-focused with excellent communication. Prioritize and manage multiple tasks concurrently. Troubleshoot and resolve complex issues in a demanding work environment quickly and efficiently.
Overview
4
4
years of professional experience
1
1
Certification
Work History
SOC Analyst
Abiatech solutions
10.2022 - Current
- Triaged and investigated incoming alerts generated from Splunk ES to determine the severity and impact of the event or incidents
- Reviewed and collected asset data; indicators of compromise, logs, configurations and running processes, on these systems for further investigation and reporting
- Involved in planning and implementing preventative security measures and in building incident response and disaster recovery plans
- Investigated, analyzed, and processed retroactive and reported phishing email alerts from IronPort and following standard operating procedures
- Use O365 Threat Explorer to analyze, scope and determine the recipients of the phishing emails withing the company
- Evaluated and processed Web Site Review Requests from internal users to access blocked websites using OSINT tools
- Analyze and resolve DLP alerts from McAfee DLP Manager and Splunk Enterprise Security (Splunk ES) and escalate cyber privacy incidents to the Privacy Team
- Worked incidents from initial assignment to final resolution
- Assist in building SOPs as needed or directed to facilitate SOC operations and processes
- Fully documented assigned tickets to show all work performed and attached the required artifacts in order to pass SLRs
- Worked incidents from initial assignment to final resolution
- Performed Root Cause Analysis (RCA) and make preventative recommendations for incidents and events
- Conducted forensics and investigations as needed using security tools such as CrowdStrike, Splunk, FireEye, Cisco IPS, OSINT, etc
- Recognized potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools
- Create, track, and work to resolution Normal and Standard job-related Change Requests
- Assisted with the creation of the daily SOC report and Shift reports and pass down emails to the incoming shift members
- Participated in daily security meetings with team members and customer teams.
SOC Analyst I
Bank of America
02.2021 - 04.2022
- Perform remediation actions on Endpoints (laptop/desktop/server) related to cyber security
- Incident response case management and automation (SOAR)
- Incident Response toolsets and specifically phishing group mailbox support
- SIEM technologies and utilization within a cyber security environment
- Cyber Kill Chain/MITRE ATT&CK frameworks and application within a cyber security command center
- Logging/monitoring solutions and implementations
- Agile methodology, sprint planning and daily scrum meetings
- Apply comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities to perform varied tasks and projects related to incident response
- Works on complex projects of large scope domestically and internationally
- Develop technical solutions to a wide range of difficult problems
- Solutions are innovative and consistent with organizational goals
- Completes work independently; receives general guidance on new projects and tasks
- Act as a mentor to less experienced colleagues
- Provide an organized and risk-based approach to remediation of sensitive assets in the enterprise
- Present data findings and influence organizational partners at multiple levels in the organization
- Establish strong reporting metrics to support the program and influence behaviors.
Education
Masters In Cyber Security -
Grand Canyon University
Phoenix, AZ01.2024
Skills
- Malware Analysis/Endpoint Security
- Incident Response/Cyber Threat Intelligence
- Network Security Protocols/TCP/IP
- Splunk/Wireshark/Nessus
- PCI-DSS/FIPS/NIST 800 Series/ISO 27001
- Snort/Firepower/FireEye/CrowdStrike/Carbon Black
- McAfee/Bluecoat
- Palo Alto/Cisco IronPort
- Linux/Windows/MacOS
- Archer/ServiceNow/Confluence
- Microsoft Office 365 Suite/SharePoint/OneDrive/Sentinel/Power Apps
- Virus Total, Domain Tools, IP/URL void, IBM X-Force
- Virtualization/Virtual Box/VMware
- Cisco Packet Tracer
Certification
- CISM
- CompTIA Security Plus
- Splunk Fundamentals 1 & 2
- Scrum Master
Tel
7023508007
Timeline
SOC Analyst
Abiatech solutions
10.2022 - Current
SOC Analyst I
Bank of America
02.2021 - 04.2022
Masters In Cyber Security -
Grand Canyon University