BERRIN Duzer

CyberNow Labs

Sterling, VA

05.2021 - 05.2022

Analysis and monitoring of SIEM alerts through Splunk and IBM Q-Radar.
Identification of security anomalies that need investigation and remediation.
Conduct log analysis on Splunk and IBM Q-Radar SIEM solutions and provide recommendations
to the technical teams via Resilient ticketing system and the Jira.
Knowledge of information security fundamentals including network technologies and tools, identity and access management, network security, implementing secure systems and risk management.
Utilized open source resources such as VirusTotal, AnyRun, and MX Toolbox to analyze the legitimacy of files, domains, and emails.
Led phishing email campaigns and analysis by checking reputation, email headers, domains and IP addresses by using open-source intelligence tools (OSINT).
Analyze network flow data for anomalies and detect malicious network activity.
Analyze PCAP files, narrow down anomaly traffic with Wireshark, examine the details of the infected hosts and write IOC on executive summary reports.
Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
Good knowledge of perimeter protection principles: Understanding the rules of network communication.