Benjamin Acquaye
WV,USA
Summary
Cyber Security Analyst with over three years of experience in threat detection and incident response. Expertise in reducing risks by 30% through effective vulnerability management and incident response support. Proficient in SIEM systems, IDS/IPS solutions, firewalls, and EDR tools. Skilled in applying the MITRE ATT&CK Framework to enhance detection and response strategies.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Cybersecurity Analyst
Independent Project Analysis (IPA)
Ashburn, VA
07.2021 - Current
- Monitor security alerts and events 24/7 from a variety of data sources, including networking, firewalls, IDS/IPS, and SIEM systems, to detect and respond to potential cybersecurity incidents in real time, ensuring a robust security posture.
- Analyze security events from host and network event sources (e.g., Windows event logs, EDR, network traffic, IDS events) for malicious intent.
- Correlate data from multiple sources to identify threats, following CSIRT procedures to mitigate risks and respond to incidents effectively.
- Analyze threat intelligence and participate in threat hunting to identify emerging risks, refining the Incident Response Plan (IRP) for ongoing improvement.
- Work with various operating systems (Windows, Linux) commonly used in enterprise networks, along with a conceptual understanding of Windows Active Directory.
- Maintain working knowledge of network communication protocols and routing (TCP, UDP, ICMP, BGP), as well as standard internet protocols and applications (SMTP, DNS, DHCP, SQL, HTTP, HTTPS).
- Investigate malware, Phishing infections, and unauthorized access attempts, implementing measures to mitigate future risks.
- Leverage the MITRE ATT&CK Framework to map observed behaviors and indicators to known adversary TTPs, enhancing threat detection and investigation accuracy.
- Maintain extensive threat intelligence and actively participate in threat hunting exercises to enhance organizational defenses.
- Support various operating systems (Windows, Linux) in incident management, using knowledge of Active Directory as part of a coordinated IRP response.
- Conduct proactive vulnerability assessments and remediate identified risks, following CSIRT protocols to prevent future incidents.
Cyber Security Analyst
AMUR
, Nebraska
05.2019 - 06.2021
- Continuously monitor security events from various sources, including firewalls and SIEM systems, to detect and respond to incidents in real-time, ensuring alignment with IRP protocols.
- Executed NIST Risk Management Framework (RMF) activities to ensure compliance with federal regulations.
- Implemented vulnerability management practices, successfully reducing exploitable risks by 30%.
- Developed and maintained Federal Risk and Authorization Management Program (FedRAMP) compliance documents.
- Administered configuration and patch management processes to uphold system integrity and security.
- Formulated Security Assessment Plans and conducted control testing to ensure compliance with established security standards.
Database Administrator
Creek Technologies
, Ohio
04.2018 - 04.2019
- Provisioned AWS Aurora PostgreSQL instances and MySQL databases, enhancing cloud-based data management.
- Administered Relational Database Service (RDS) offerings in AWS, ensuring optimal database performance and availability.
- Migrated on-premises databases to AWS Aurora PostgreSQL, MySQL, and Redshift, facilitating increased scalability and reliability.
Database Administrator
Accenture LLP
, Virginia
05.2014 - 03.2018
- Installed and configured Microsoft SQL Server to meet organizational data management needs.
- Migrated data from on-premises SQL Server to AWS PostgreSQL, improving data accessibility and performance.
- Monitored and troubleshot Data Migration Service (DMS) task failures, ensuring seamless data transfers.
Education
B.S. - Information Assurance & Security
American Intercontinental University
Georgia, USA01.2023
B.S. - Computer Science
Accra Technical University
Accra, Ghana03.1994
Skills
- SIEM: Splunk (SPL), QRadar, CrowdStrike
- IDS/IPS: Snort, Suricata
- Firewalls: Palo Alto
- MITRE ATT&CK Framework
- Networking: Wireshark Operations Packet capture (PCAP), Log analysis, Network protocols (TCP, UDP, ICMP, BGP)
- Web Application Security: OWASP Top 10 Awareness
- Phishing Management
- EDR: End-Point Detection and Response
- Vulnerability Management: Qualys, Tenable, Nessus, Greenhouse
- Malware Analysis
- Database Administration: Active Directory, MySQL, PostgreSQL, SQL Server
- Programming: Python
- Scripting: Bash, Ansible
- Incident Response & Analysis
- Threat Intelligence
- Kali linux
- Operating Systems: Windows, Linux
- Problem-solving: Proactive, Detail-oriented, Collaboration
Certification
- AWS Solutions Architect
- Certified Information Systems Auditor (CISA)
- CompTIA Security+
- Microsoft Certified Solutions Associate (MCSA)
- CSAP+
- SOC Analyst - CYDEO
Languages
English
References
References available upon request.
Timeline
Cybersecurity Analyst
Independent Project Analysis (IPA)
07.2021 - Current
Cyber Security Analyst
AMUR
05.2019 - 06.2021
Database Administrator
Creek Technologies
04.2018 - 04.2019
Database Administrator
Accenture LLP
05.2014 - 03.2018
B.S. - Information Assurance & Security
American Intercontinental University
B.S. - Computer Science
Accra Technical University
Similar Profiles
David RosenbergDavid Rosenberg
Senior Consultant at Independent Project AnalysisSenior Consultant at Independent Project Analysis
Shubham GalavShubham Galav
Director of Cost Analytics & Product Development Leader at Independent Project Analysis, Inc.Director of Cost Analytics & Product Development Leader at Independent Project Analysis, Inc.
Gabriela RuizGabriela Ruiz
Handy Person at IPAHandy Person at IPA
William Kinser Jr.William Kinser Jr.
Sales Manager at Intertractor America CorporationSales Manager at Intertractor America Corporation
Chris NooneyChris Nooney
Residential Supervisor/ Case Manger at Prestera CeterResidential Supervisor/ Case Manger at Prestera Ceter