GIDEON OKYERE
Dumfries,VA
Summary
Dedicated and strong client-focused Cyber Security Operations Analyst with over 2 years in monitoring and detecting malicious activity based on the MITRE framework of adversary tactics, techniques, and procedures (TTP) in supporting organizational mission. Solid understanding of cyber threats and information security in the form of Threat Actors, Campaigns, and Observables. Experience in static and dynamic malware analysis using Crowd Strike, Cisco Secure Endpoint and other EDR tools, with strong critical thinking, communication skills, and people skills (team-player). Strong analytical and problem-solving skills, self-motivated to improve knowledge and skill in alert triage and analysis to determine the course of action. Experience in creating SOPs and Playbooks with the overall objective to ensure confidentiality, integrity and availability of the systems, network, and data. Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Demonstrate strong analytical and problem-solving skills, ability to follow through with projects from inception to completion, Well-organized, able to multitask, and committed to perfection.
Overview
2
2
years of professional experience
1
1
Certification
Work History
Incident Response SOC Analyst
PIMAJOY Technology & Consulting LLC
Chantilly, VA
06.2023 - Current
- Conduct log analysis on Splunk and provide recommendations to the technical teams via The Jira ticketing system
- Identified security threats, vulnerabilities and potential malicious activities through log analysis
- Triage events and investigate to identify Endpoint security incidents using Falcon Crowd Strike to investigate and perform the needed mitigation and remediation
- Investigate security alerts related to ransomware attack IOCs for the use of legitimate programs like VSSADMIN.EXE to delete Shadow Volume Snapshot and determine if it is true positive or false positive
- Conduct Malware Analysis to identify malicious activity and derive Indicators of Compromise (IOCs) and associated detection rules
- Investigate and report on cyber threat hunt findings, including recommendations to improve security posture across detective and preventive controls
- Execute analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures
- Utilize a variety of security tools and technologies to analyze potential threats to determine impact, scope, and recovery
- Responded promptly to any reported issues or alerts related to system or network security.
- Prioritize and differentiate between potential intrusion attempts and false alarms
- Monitored network traffic for suspicious activity using SIEM tools such as Splunk and LogRhythm
- Collaborated with internal teams to improve system performance and enhance overall security posture of the organization's infrastructure
- Monitor and analyze logs and alerts from a variety of different technologies across multiple platforms in order to identify security incidents affecting the organization
- Assess the security impact of security alerts and traffic anomalies to identify malicious actions in order to escalate up to senior members of the team
- Leverage fundamental understanding of Operating Systems: Windows, Unix/Linux, and OSX Operating Systems in support of identifying security incidents and to have a proper overview of risk profile
- Execute analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures
- Utilize and adhere to defined workflow using Threat Connect and processes driving the Threat Monitoring and escalation/handoff actions
- Analyze potential cyber threats from a variety of intakes, taking appropriate response actions to include threat containment and/or escalation
- Utilize a variety of security tools and technologies to analyze potential threats to determine impact, scope, and recovery
- Leverage network security tools and capabilities to support Cyber Threat Monitoring activities
- Ensured that all security protocols are being followed within an organization's environment.
- Monitored server event logs to identify and resolve performance and security issues.
- Investigated information security breaches to identify vulnerabilities and evaluate damage.
- Document results of cyber threat analysis effectively and prepares comprehensive handoff and/or escalation for IR/Intelligence Function teams
SOC Analyst Intern
PIMAJOY Technology & Consulting LLC
Chantilly, VA
05.2022 - 06.2023
- Analyzed identified malicious network activity to determine weaknesses exploited, exploitation methods, effects on system and information
- Performed all phases of the incident response life cycle including preparation, analysis, containment, eradication, remediation, recovery, and post-incident activities
- Evaluated external threat intelligence feeds related to zero-day attacks, exploits, or other vulnerabilities to determine organizational risk
- Conducted network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls, and host-based security systems
- Worked with security information and event management (SIEM) to correlate events and identify indicators of threat activity
- Monitored and analyzed security events to determine intrusion and malicious events
- Searched firewall, email, web, and DNS logs to identify and mitigate intrusion attempts
- Investigated malicious phishing emails, domains, and IPS using open-source threat intelligence tools and recommend proper blocking based on analysis
- Researched emerging threats and vulnerabilities to aid in the identification of incidents
- Conducted log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources
- Correlated network, cloud, and endpoint activity across environments to identify attacks and unauthorized use
- Monitored and analyzed Security Information and Event Management SIEM to identify security issues for remediation
- Provided 24/7/365 real-time monitoring of security tools, dashboards, and email alerts
- Analyzed and responded to security events and incidents from Firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Network Access Control and other client data sources
- Investigated malicious phishing emails, domains and IPs using Open-Source tools and recommend prop anal.
Education
Bachelor of Science in Cybersecurity - CYBERSECURITY
Old Dominion University
Norfolk, VA06.2020
Associate Degree in Construction Management - Construction Management
Northern Virginia Community College
Alexandria, VA11.2017
Skills
- Microsoft Office (Word, Excel, PowerPoint, Access, Outlook)
- MS Project
- Adobe
- Windows (2000,2007,10)
- Mac OS
- Linux/Unix
- MS Access
- Excel
- LANs
- WANs
- VPNs
- Routers
- Firewalls
- DHCP
- TCP/IP
- Ethernet
- SAN
- DNS
- Intrusion Detection
- Incident Response
- Web Security
- Application Security
- Access Control
- Encryption
- Firewall Configuration
- Reporting and Documentation
- Critical Thinking Skills
- Disaster Recovery
- Risk Mitigation
- Network Security
- Javascript
Certification
CompTIA Security+
References
Provided upon request
Languages
English
Professional
Timeline
Incident Response SOC Analyst
PIMAJOY Technology & Consulting LLC
06.2023 - Current
SOC Analyst Intern
PIMAJOY Technology & Consulting LLC
05.2022 - 06.2023
Bachelor of Science in Cybersecurity - CYBERSECURITY
Old Dominion University
Associate Degree in Construction Management - Construction Management
Northern Virginia Community College
CompTIA Security+
Similar Profiles
Sonali AbeysingheSonali Abeysinghe
Delivery Manager at IO Technology Consulting LLCDelivery Manager at IO Technology Consulting LLC
Timpella PriceTimpella Price
Sr. Functional Infor Cloud Suite Consultant at C2C, Price Technology Consulting, LLCSr. Functional Infor Cloud Suite Consultant at C2C, Price Technology Consulting, LLC
RIZWAN BASHIRRIZWAN BASHIR
Chief Information Officer at VP Yaqeen Technology Consulting LLCChief Information Officer at VP Yaqeen Technology Consulting LLC