Franck DANVIDE

• Perform real-time monitoring and analysis of security events

from multiple sources including both host and network telemetry.

• Triage security events to determine priority and severity using

data from SIEMs, SOARs, Devo, SwimLane, ServiceNow, ELK Stack, Security Onion

etc…

• Proactively review customers’ environments searching for

anomalous behavior using the cyber kill chain, cyber intelligence, and

investigative techniques.

• Conduct threat hunting, research, analysis, and correlation

across a wide variety of all source data sets (indications and warnings).

• Defense-in-depth principles and practices (e.g.,

defense-in-multiple places, layered defenses, security robustness).

• Security Information and Event Management (SIEM) tools - Searching,

aggregating, and correlating data.

• Computer networking concepts and protocols, and network security

methodologies.

Ability to build desktop computers and servers from scratch using the requisite parts.

• Knowledge of which system files (e.g., log files, registry

files, configuration files) contain relevant information and where to find

those system files.

• Understands the necessity of Web Application Firewall (WAF).
• Able to write, understand and read Regular Expressions (Regex).

• Performed logs analysis and remediation of potential

phishing emails campaign, malware infections, network intrusion attempts logs,

web application tools

• Conducted alerts & logs analysis related to web

applications and application servers using the Imperva Tools suite, McAfee IPS

& NSM console logs.

• Conducted in-depth log analysis of network traffic,

end-users traffic/activities and IT infrastructure assets activities using

Splunk and the related indexes & source-types.

• Performed in-depth analysis of user's behaviors, activities

related to privileged credentials/entitlement and activities performed using

ExaBeam.

• Stayed up-to-date on current cybersecurity threats and

vulnerabilities.

• Participated in the security and incident response

processes, and contributed to the security of the IT network.

• Investigate incidents created or generated by Splunk Rules

or ServiceNow using enrichment platforms such as TruStar or other open-source

platforms such as Cisco Talos, AlienVault-OTX, Security Trails to name a few.

• Process tickets through ServiceNow and investigate alerts

using available tools and logs.

• Research malware activities on users endpoints, servers and IT

infrastructure using tools like FireEye HX and Tanium tools suite.

• Assisted other team members as needed and performed other

duties as assigned.

• Performed and reported on designated incidents response and

investigative tasks in an efficient and timely manner.

• Ensured IT systems security configurations by using the

above-mentioned tools and authorized security tools to detect potential cyber-attacks.

• Performed forensic investigations in the evaluation,

implementation, and testing of new security technologies.

• Stayed up-to-date on current cybersecurity threats and

vulnerabilities.

• Participated in the security and incident response processes,

and contributed to the security of the IT network.

• Performed Firewall configurations, testing & server

hardening

• Performed IT infrastructure systems patching & servers’

updates deployment.

• Assisted other team members as needed and performed other

duties as assigned.

• Managed the functionality and efficiency of IT infrastructure running Windows OS.
• Set-up & maintain administrator/user accounts.
• Developed system documentation for records and systems troubleshooting.
• Evaluated vendors' products & make recommendations when purchasing hardware/software.
• Created policies and standards regarding the use of computing resources.
• Implemented testing strategies in relation to the deployed technologies, as well as recording results for future review.
• Built and developed training guides for end–users.
• Participated in special projects, as required.
• Coordinated installation of IT hardware, systems, and provide backup recovery.
• Deployed & administered HP DL380 server series Generation 7, 8, 9, HP Proliant & Blade servers, Dell Blade Servers & Rxxx series.

• Implemented, tested & deployed open-source cybersecurity systems platform for a federal government network agency.
• Conducted network security monitoring & auditing using Sguil, Squert, Elsa, Snort, Wireshark.
• Led network security alerts logs management through Elastic Search, Logstash & Kibana platform (ELK Stack).
• Directed web applications, systems vulnerability assessments / audits, penetration testing using Kali Linux, Metasploit or OWASP Framework.
• Deployed & configured Hyper-V servers & VMs.
• Performed Citrix XenServer Instances migration to Hyper-V, VMware, VSphere.
• Supervised Account Management and users entitlements.
• Prioritized and coordinated support for the network infrastructure.
• Maintained Servers & Workstation Systems status on networks.
• Experience deploying & using Cisco Networks tool, NetAPP Data Storage Solutions, Hitachi Data Storage Solutions and Storage Array deployment & Management.

• Handled and resolved escalated clients technical issues.
• Provided in-house applications & software support.
• Supervised Account Management and users entitlements.
• Strengthened customer relations through active call resolution during weekends for international clients.
• Developed rapport with users across department & vendors.
• Improved web application efficiency through analysis and documented reports based on users' feedback.
• Supervised Account Management and users entitlements.
• Prioritized and coordinated support for the network infrastructure.
• Lead and solved Remote & Desk side Support technical issues.
• Established experience and knowledge of LAN/WAN and Windows OS platforms.
• Used ServiceNow & Remedy ticketing systems Eclipse/Concierge & Teleview platforms systems.
• Managed & administered users via ServiceNow & Remedy ticketing systems.
• Maintained Servers & Workstation Systems status on networks.
• Provided prompt response for systems alarms & Systems Backup.
• Conducted Improved client relations through active call resolution and follow-ups.
• Consulted with Sales department on improving systems' performance.
• Analyzed, diagnosed and improved server's efficiency as well as applications.