Summary
Work History
Education
Skills
Websites
Timeline
Generic

ISMAEL BARRY

Atlanta,GA

Summary

Security-focused SOC Analyst with 6+ years of experience in security monitoring, threat detection, alert triage, incident response support, and escalation within fast-paced, high-volume Security Operations Center environments. Proven ability to monitor SIEM alerts, analyze security logs, investigate suspicious activity, review phishing and malware events, and document findings clearly to support rapid containment, remediation, and recovery efforts. Hands-on experience with ServiceNow, Jira, endpoint security workflows, email security review, access-related investigations, account compromise analysis, and coordination with IT, engineering, and incident response teams. Strong understanding of SOC processes, incident handling procedures, escalation paths, threat indicators, and security operations best practices across Windows, Linux, network, and endpoint environments. Skilled at maintaining detailed case documentation, communicating technical findings to stakeholders, prioritizing incidents by severity and business impact, and improving response quality while reducing operational risk. Combines technical security operations knowledge with strong analytical thinking, attention to detail, communication skills, and the ability to perform effectively under pressure in deadline-driven environments.

Work History

SOC Analyst

Previous Company Name
City, State
  • Monitored SIEM alerts, email security queues, endpoint activity, and authentication events to identify suspicious behavior, policy violations, and potential indicators of compromise across corporate environments.
  • Investigated phishing emails, malware detections, account compromise concerns, unauthorized access attempts, VPN anomalies, and suspicious login activity using logs, message headers, and data from internal security tools.
  • Prioritized and escalated incidents based on severity, business impact, and established escalation procedures to ensure timely action by senior analysts, engineering teams, and incident response personnel.
  • Documented security events, response steps, investigative findings, evidence collected, and communications in accordance with SOC standards, audit requirements, and reporting procedures.
  • Worked with cross-functional teams to support access reviews, account lockout analysis, user-reported incidents, and remediation follow-up for recurring threats and operational issues.
  • Assisted in improving case handling quality, knowledge base content, and documentation consistency to strengthen analyst handoff, reporting accuracy, and overall SOC efficiency.
  • Followed incident response playbooks, standard operating procedures, and ticket lifecycle management practices in a fast-paced environment with strong attention to detail and response timeliness.

Cybersecurity Analyst

Third Company Name
City, State
  • Supported daily cybersecurity operations by monitoring alerts, validating suspicious activity, and performing first-level analysis across endpoint, network, user, and email-related security events.
  • Conducted log review and event correlation across multiple data sources to identify unusual patterns, failed logins, account lockouts, privilege concerns, policy violations, and suspicious outbound activity.
  • Assisted with investigations involving phishing attempts, malware alerts, access-related issues, and user-reported security concerns by gathering evidence, documenting timelines, and escalating findings appropriately.
  • Maintained clear case notes, investigation details, and response records to support operational continuity, compliance expectations, and post-incident review.
  • Collaborated with internal teams to support remediation tracking, account access validation, and closure of security tickets in alignment with response procedures and service expectations.
  • Participated in vulnerability awareness efforts, phishing response support, access-control reviews, and security process improvement activities to strengthen overall security posture.
  • Contributed to knowledge base updates, process documentation, and ticket quality improvement initiatives to increase consistency, readiness, and team effectiveness.

Information Security Analyst

Fourth Company Name
City, State
  • Monitored security tools and operational dashboards to identify suspicious events, system anomalies, and user activity requiring further analysis or escalation.
  • Reviewed system, authentication, and endpoint logs to support detection of unauthorized access attempts, abnormal user behavior, and policy-related security events.
  • Assisted with incident intake, case creation, alert validation, and documentation of findings to support accurate tracking and timely escalation within the security operations workflow.
  • Supported email security review, phishing analysis, account investigation tasks, and evidence collection for low- to medium-complexity incidents.
  • Worked with senior analysts and IT teams to support remediation actions, ticket updates, and closure activities while maintaining documentation accuracy and operational discipline.
  • Followed established SOPs, escalation guidelines, and security workflows to help ensure consistent incident handling, effective communication, and service quality.

Senior SOC Analyst

Company Name
City, State
- Current
  • Lead real-time monitoring and analysis of security alerts, SIEM dashboards, endpoint telemetry, and system logs to identify suspicious activity, indicators of compromise, and potential threats across enterprise environments.
  • Perform advanced triage and investigation of phishing, malware, unauthorized access attempts, suspicious authentication activity, lateral movement indicators, and endpoint-related security events; determine severity, impact, and escalation path.
  • Analyze logs, email artifacts, user activity, threat indicators, and supporting evidence to drive containment, remediation, and root-cause analysis while ensuring accurate and audit-ready incident documentation.
  • Create, update, and manage security incidents in ServiceNow and Jira, documenting investigative findings, response actions, evidence reviewed, stakeholder communications, escalation steps, and final resolutions.
  • Coordinate closely with IT, engineering, infrastructure, and incident response teams to support timely containment, user communication, access reviews, and reduction of recurring security alerts.
  • Support continuous improvement initiatives by assisting with alert tuning, use case review, runbook updates, process standardization, and workflow refinement to reduce false positives and improve operational efficiency.
  • Mentor junior analysts by reviewing tickets, reinforcing documentation quality, and sharing guidance on incident triage, escalation handling, and investigative best practices.
  • Contribute to stronger security operations by identifying trends, recurring issues, and monitoring gaps, helping improve visibility, detection coverage, and incident response readiness.

Education

Bachelor’s degree - information technology

CompTIA Security+ - undefined

CompTIA CySA+ - undefined

Google Cybersecurity Certificate - undefined

Skills

  • Security Operations: Security Operations Center (SOC) Monitoring, Security Event Analysis, Alert Triage, Incident Response Support, Incident Escalation, Threat Detection, Threat Analysis, Threat Monitoring, Case Management, Incident Documentation, Root Cause Analysis Support, Security Operations Procedures
  • Tools & Platforms: SIEM Monitoring, ServiceNow, Jira, Endpoint Security Tools, Email Security Tools, Ticketing Systems, Security Dashboards, Security Monitoring Platforms, Authentication Systems, Access Control Systems, Windows, Linux
  • Threat Analysis: Phishing Investigation, Malware Alert Review, Account Compromise Investigation, Unauthorized Access Analysis, Suspicious Activity Investigation, Email Security Review, Endpoint Alert Analysis, Security Incident Classification, Severity Assessment, Containment and Remediation Support, IOC Review
  • Network & Security Concepts: TCP/IP, DNS, VPN, Firewalls, Network Traffic Analysis Fundamentals, Authentication Concepts, Access Control, Threat Indicators, Vulnerability Awareness, Cybersecurity Best Practices, Security Policies, Standard Operating Procedures, Incident Response Playbooks
  • Professional Strengths: Analytical Thinking, Problem Solving, Attention to Detail, Technical Documentation, Incident Reporting, Cross-Functional Collaboration, Stakeholder Communication, Time Management, Prioritization, Adaptability, Ability to Perform Under Pressure

Websites

Timeline

SOC Analyst

Previous Company Name

Cybersecurity Analyst

Third Company Name

Information Security Analyst

Fourth Company Name

Senior SOC Analyst

Company Name
- Current

CompTIA Security+ - undefined

CompTIA CySA+ - undefined

Google Cybersecurity Certificate - undefined

Bachelor’s degree - information technology

ISMAEL BARRY