Desmond Ntah

• Analyzed and correlated security data from various sources, including IDS/IPS, firewalls, and endpoint protection systems.

• Investigated intrusion attempts and performed in-depth analysis of exploits.

• Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident.

• Reviewed security events that are populated in a Security Information and Event Management (SIEM) system.

• Analyzed a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.

• Maintained and improved SOC documentation, including incident response playbooks and standard operating procedures.

• Collaborated with threat intelligence teams to stay updated on emerging threats and vulnerabilities, proactively implementing necessary countermeasures.

• Independently followed procedures to contain, analyze, and eradicate malicious activity.

• Documented all activities during an incident and provided leadership with status updates during the life cycle of the incident.

• Researched and tested new security tools/products and make recommendations of tools to be implemented in the SOC environment.

• Created a final incident report detailing the events of the incident.

• Participated in regular security drills and tabletop exercises to ensure effective incident response.

• Provided information regarding intrusion events, security incidents, and other threat indications and warning information to US government agencies.

• Monitored and analyzed security alerts generated by SIEM tools to identify potential security incidents.

• Investigated alerts to determine the scope and severity of incidents.

• Documented and reported security incidents and breaches following established protocols.

• Ensure the SOC analyst team provides excellent customer service and support.

• Influenced and improved upon existing processes through innovation and operational change.

• Evaluated existing technical capabilities and systems and identified opportunities for improvement.

• Assisted in incident response activities, including containment and mitigation of threats.

• Collaborated with senior SOC analysts to escalate and manage complex security incidents.

• Interpreted information provided by tools to form a sound hypothesis regarding the root cause of an event.

• Performed incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts.

• Created new ways to solve existing production security issues.

• Monitored security events in the SIEM and other general office tools.

• Triaged incoming security events, performed analysis, and escalated to supervisors and customers if events deem additional response action.

• Monitored security appliance health and performed basic troubleshooting of security devices; notify security engineering as necessary for malfunctioning equipment.

• Provided 24x7 Operational support on a shift schedule (including overnight shifts and weekends).

• General network background including familiarity with OSI and TCP/IP models, ports and protocols, and Internet communications technologies (HTTP, DNS, SMTP, etc)

• Performed Installation and configuration of Oracle 11gR2 database on HP-UX platform.

• Successfully performed migrations from Oracle 10g/11g to 11gR2 RAC and 19c

• Performed space management, capacity planning, disaster recovery and overall maintenance of the databases.

• Used SQL TRACE, EXPLAIN PLAN utilities for optimizing and tuning SQL queries.

• Provided 24X7 support for all the production and development databases.

• Successfully performed data replication using Materialized views and Oracle Streams in Oracle 11gR2. • Cloned/Migrated databases using RMAN and traditional Data Pump export/import utilities in Oracle 11gR2.

• Perform RMAN operations (Incremental Backups). Helped developer to install Oracle Client, troubleshoot and establish the connection to Oracle database through ODBC, JDBC.

• Performance tuning for optimized results using tools like EXPLAIN PLAN, SQL*Trace, TKPROF, STATSPACK, AWR and ADDM reports.

• Database tuning, Application Tuning & performance monitoring. Fine tuning Initialization parameters, I/O, Memory and Operating System kernel parameters.

• Monitored the production Oracle alert logs for database errors and data issues.

• Used EXPORT/IMPORT to do table level and full database defragmentation.

• Performed patching of Oracle databases with latest patches from Oracle.

• Install and configure block change tracking to work with RMAN Merged incremental backups.

• Applied patches 10.2.0.2 and 10.2.0.3, 10.2.0.4.

• Responsible for Creating Users, Groups, Roles, Profiles and assigning the users to groups and grant necessary privileges to the relevant groups.