EMMANUEL OWOLABI
Dallas,TX
Summary
Dynamic security operations professional with over five years of hands-on experience in enterprise Security Operations Centers (SOC) and incident response, adept at supporting 24/7 environments and managing high-volume alert pipelines. Proficient in SIEM monitoring and detection engineering utilizing tools such as Splunk Enterprise Security, IBM QRadar, and Microsoft Sentinel, alongside comprehensive endpoint investigations with CrowdStrike Falcon, SentinelOne, Carbon Black, and McAfee ePO. Recognized for reducing false positives by 30-35% and enhancing Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) through optimized correlation content, tailored dashboards, proactive threat hunting, and well-documented playbooks. Effective communicator consistently delivering clear, actionable remediation guidance and producing executive-ready incident reports that drive informed decision-making.
Overview
7
7
years of professional experience
1
1
Certification
Work History
SOC Analyst
Walmart Global Tech
01.2022 - Current
- Managed triage and investigation of 120-150 security alerts daily across Splunk ES, IBM QRadar, and Microsoft Sentinel.
- Analyzed endpoint data through CrowdStrike Falcon, Carbon Black, and McAfee EPO to detect malware lateral movement and persistence techniques, leading to improved incident response efficiency.
- Enhanced visibility across firewall, IDS/IPS, proxy, and cloud data sources by developing and maintaining 20+ Splunk dashboards and log correlation rules.
- Conducted thorough analysis and resolution of phishing, malware, and DLP alerts utilizing Proofpoint, FireEye ETP, Threat Grid, and Microsoft 365 Threat Explorer.
- Executed accurate classification and escalation of 2000+ security incidents and service requests in ServiceNow, achieving a 98% on-time resolution rate.
- Analyzed critical vulnerabilities and implemented remediation strategies, significantly reducing risk exposure by approximately 45%.
- Analyzed logs and conducted threat hunting across multiple data sources to identify hidden indicators of compromise and fortify proactive detection measures.
- Developed and executed incident response workflows and playbooks to enhance Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) by approximately 30% through standardized investigative procedures.
- Provided comprehensive tier 1-2 support and mentorship to junior analysts, driving improvements in shift throughput and maintaining investigative consistency in a fast-paced monitoring environment.
- Facilitated communication of incident status, investigative findings, and remediation recommendations to stakeholders while ensuring confidentiality, integrity, and availability of enterprise systems.
Incident Response / SOC Analyst
Verizon
Houston, TX
07.2019 - 12.2021
- Executed incident response processes for 25-40 security incidents per week, guaranteeing 100% compliance with incident handling procedures and documentation requirements.
- Analyzed and classified Splunk Enterprise Security alerts, significantly decreasing false positives through effective correlation and contextual threat assessment.
- Performed comprehensive root cause analysis (RCA) on recurring incidents to enhance overall security posture and mitigate future risks.
- Utilized Cisco IronPort and Microsoft 365 Threat Explorer to detect and mitigate phishing threats, safeguarding user accounts and email integrity.
- Conducted thorough analysis and resolution of DLP alerts within Splunk ES to uphold regulatory compliance and mitigate data exposure risks.
- Conducted thorough endpoint investigations with SentinelOne and CrowdStrike to enhance security measures and expedite containment and remediation efforts.
- Managed internal website review requests through SentinelOne to balance security protocols with operational access needs, minimizing delays.
- Enhanced operational efficiency by creating SOPs, generating daily SOC and shift handover reports, and engaging in cross-functional security meetings to improve response coordination.
Education
Associate of Science - Cybersecurity
Southern Careers Institute
Corpus Christi01-2022
Bachelor of Science - Computer Science
University of Lagos
Other 10-2009
Skills
- Vulnerability assessment
- Endpoint security
- SIEM management
- Threat intelligence
- Log analysis
- Data loss prevention
- Intrusion detection
- TCP and IP protocols
- Nmap scanning
- Forensic investigation
- Network monitoring
- Cloud security
Certification
- CompTIA Security+
- CompTIA CySA+
- CompTIA Network+
- CompTIA Cloud+
- Cisco Certified Network Associate (CCNA)
- Splunk Power User
Custom
Open to US Remote
Custom
- SIEM and Log Analytics: Splunk Enterprise Security (SPL), IBM QRadar, Microsoft Sentinel (KQL), ArcSight, LogRhythm, Log correlation, Dashboarding
- EDR and Endpoint Security: CrowdStrike Falcon, SentinelOne, Carbon Black, McAfee ePO, Microsoft 365 security stack
- Network Security and Traffic Analysis: Palo Alto Firewalls, Cisco ASA, IDS/IPS (Snort, Suricata), VPN, Network traffic analysis, Wireshark
- Email Security and Threat Intel: Proofpoint, Cisco IronPort, FireEye ETP, Cisco Threat Grid, OSINT enrichment
- Vulnerability Management: Nessus, Qualys, OpenVAS, CVE analysis, Patch management, Risk scoring
- IR, Forensics, and Host Analysis: Sysinternals Suite, File integrity monitoring (Tripwire), Evidence collection support, Basic malware triage
- Automation and Scripting: Python, PowerShell, Bash, Regex, Playbook automation concepts (SOAR exposure: Cortex XSOAR, Splunk Phantom)
- Case Management and Collaboration: ServiceNow, Remedy, Jira, Confluence, Slack, Microsoft Teams
- Frameworks and Standards: MITRE ATT&CK, NIST CSF, NIST 800-61 (Incident Handling), ISO 27001, CIS Controls, PCI-DSS, HIPAA, SOX, GDPR
Timeline
SOC Analyst
Walmart Global Tech
01.2022 - Current
Incident Response / SOC Analyst
Verizon
07.2019 - 12.2021
Associate of Science - Cybersecurity
Southern Careers Institute
Bachelor of Science - Computer Science
University of Lagos