Summary
Overview
Work History
Education
Skills
Certification
Additional Information
Work Preference
Work Availability
Timeline
SoftwareEngineer
Minhazul Chowdhury

Minhazul Chowdhury

Cybersecurity Analyst
Buffalo,NY

Summary

PROFILE Highly skilled and motivated cybersecurity professional with attitude to adapt and learn in any dynamic environment and dedicated to protecting organizations and the people they serve and actively contributing to the team. Proficient in monitoring security events with SIEM and EDR tools to detect and mitigate potential threats for on-premises, cloud, and hybrid enterprise environments. Dedicated to safeguarding critical assets emerging threats while simultaneously enhancing business value. An articulate communicator with excellent interpersonal, analytical, and problem-solving skills and attention to detail and teamwork.

Overview

3
3
years of professional experience
1
1
Certification
6
6
years of post-secondary education

Work History

Cybersecurity Analyst

Securityparagon
New York, NY
01.2024 - Current
  • Part of rotating SOC shifts supporting 24/7 coverage
  • Nights and weekends are performed remotely
  • Maintaining records of security events investigated and incident response activities, utilizing case management and ticketing systems (Service now)
  • Reviewing IDS/IPS events and identify anomalous activities or potential network security risks
  • Monitoring and analyzing Intrusion Detection Systems (IDS), and Security Information and Event Management (SIEM) to identify security issues for remediation
  • Makes recommendations, creates, modifies, and updates Intrusion Detection Systems (IDS) and Security Information Event Management (SIEM) tool rules
  • Ensuring the implementation of best practice security policies that address the client's business needs while protecting their vital corporate assets
  • Initial triaging on alerts like: Phishing alert, EDR alerts (Crowdstrike) and escalating to CIRT team if necessary
  • Have more than 1 year experience in working with EDR solutions like crowdstrike where I have actively engaged in enriching IOCS as well as creating run book for day-to-day activities for analysts
  • (ex
  • How to contain machine, how to block hash/domain/IPs) etc
  • Work closely with external security organization to constantly monitor security threats and defense
  • Attending classified briefings in order to facilitate the sharing of information and increased awareness of cyber threats
  • Identifying security controls and constructs a compliance matrix for tracking
  • Conducted meetings with the IT team to gather documentation and evidence about their control environment
  • Environment Windows, Linux, Phishing Email Analysis, Crowdstrike, Snort, Malware Analysis, Dynamic Sandbox, Proofpoint etc.

Security Analyst

Hitachi Data Systems
Washington, D.C.
07.2022 - 10.2023
  • Work closely with the Network Operations Center (NOC) Analysts and Helpdesk to analyze suspicious events, develop security awareness, and remediate incidents
  • Monitor different data sources using Splunk Dashboard for unusual or suspicious activities, interpret such activity and make recommendations for resolution
  • Provide 24/7/365 real-time monitoring of security tools, to validate the operational status of critical tools
  • Analyze data, including logs, packet captures, from various sources, troubleshoot complex problems and apply root cause analysis
  • Collect supporting information and/or relevant artifacts in support of Incident Response activities
  • Utilize alerts from endpoints, IDS/IPS, net flow, and custom sensors to identify compromises on customer networks/endpoints
  • Performed vulnerability scans on systems using Nmap and Tenable Nessus to investigate and escalate where necessary
  • Utilizing analytical skills and tools to process and refine information into intelligence
  • Utilizes a ticketing system to handle incident management
  • Experience in AWS cloud platform and its features which include ec2, VPC, EBS, AMI, cloud watch
  • Environment Windows, Linux, Phishing Email Analysis, Splunk, Snort, Malware Analysis, etc.

Jr. Information Security Analyst

Jubilee Consulting
Columbus, OH
11.2021 - 05.2022
  • Consulting
  • Integrated cybersecurity solutions that protected against cyber-attacks and malware
  • Assisted with tools, including SIEM, IPS, email gateway protection and DLP tools
  • Reviewing IDS/IPS events and identify anomalous activities or potential network security risks
  • Monitored live systems identified and evaluated potential threats and vulnerabilities
  • Discovered real-time threats, responded to incidents and reported findings
  • Communicated status of requests to users through incident management systems
  • Assisted the cybersecurity team by conducting supervised security analyses of client databases
  • Capable of working independently and involving senior analysts as necessary
  • Environment Windows, Linux, Phishing Email Analysis, Malware Analysis, Proofpoint, etc
  • Home Lab 1 Virtual box with Kali Linux (offensive testing) along with flare-VM (malware analysis) as well as Windows 7/10 and Ubuntu box
  • Implementing Splunk attack range tool to mimic simulation using different engines such as Atomic Red Team or Caldera to generate real attack data
  • Home Lab 2 Installed and configured Nessus Essentials to perform credentialed vulnerability scans against Windows 10 Hosts
  • Implemented Vulnerability Management Function on sandbox networks:
  • Discover, Prioritize, Assess, Report, Remediate, Verify
  • Conducted vulnerability assessments with Nessus; remediated vulnerabilities
  • Developed automated remediation process to preemptively deal with vulnerabilities stemming from Windows updates and third-party software.

Education

MBA -

National University
Dhaka,Bangladesh
08.2014 - 09.2016

BBA -

National University
07.2010 - 06.2014

Skills

  • TECHNICAL COMPETENCIES
  • Identity & Access Management:
  • Active Directory, Azure AD, AWS IAM
  • Identity Center, Okta, Single Sign-On (SSO), Multi Factor Authentication
  • (MFA), Role Based Access Control (RBAC), Lightweight Directory Access
  • Protocol (LDAP)
  • Threat Detection & Incident Response: Splunk Enterprise, Crowdstrike
  • Falcon, Azure Sentinel, AWS GuardDuty, SolarWinds, Wireshark
  • Cloud Security: Azure Security Center, Azure Sentinel, Azure Key Vault, Azure
  • Web Application Firewall (WAF), AWS Security Hub, AWS GuardDuty, AWS
  • Web Application Firewall (WAF)
  • Networking: Cisco routers & switches, Palo Alto firewalls, IPv4, IPv6, TCP/IP
  • LAN/WAN, NAT, ACLs, OSI Model, VPN, sub-netting
  • Frameworks: NIST CSF, HIPAA, PCI-DSS, ITIL
  • Platforms & Operating Systems: AWS Cloud, Microsoft Azure, Microsoft
  • Office 365, Windows OS, Windows Server, Linux
  • Ticketing Systems: ServiceNow, Remedy, Cherwell, KACE, HP Service Manager
  • Scripting & Coding Languages: Python, Powershell, Bash, HTML
  • Other Tools: Nmap, Nessus, Autopsy, Snort, Metasploit, Burp Suite
  • Other: Virus Total, URLVOID, URLSCAN, PhisTool, SharePoint, LogMeIn

Certification

CompTIA Security+ IBM and ISC2 Cybersecurity Specialist IBM Cybersecurity Analyst Professional Certificate Google Cybersecurity Professional Certificate Proofpoint Certified Identity Threat Specialist Microsoft Cybersecurity Analyst Professional Certificate Palo Alto Networks Cybersecurity Professional Certificate (ISC) ² Certified in Cybersecurity Specialization Infosec Cyber Threat Hunting Qualys Vulnerability Management Detection and Response

Additional Information

  • Authorized to work in the US for any employer (US Citizen), Willing to relocate: Anywhere

Work Preference

Work Type

Full TimeContract Work

Work Location

RemoteOn-SiteHybrid

Important To Me

Work-life balanceCareer advancementCompany CultureFlexible work hoursPersonal development programsPaid sick leaveTeam Building / Company RetreatsPaid time offWork from home optionHealthcare benefits401k matchStock Options / Equity / Profit Sharing4-day work week

Work Availability

monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Timeline

Cybersecurity Analyst

Securityparagon
01.2024 - Current

Security Analyst

Hitachi Data Systems
07.2022 - 10.2023

Jr. Information Security Analyst

Jubilee Consulting
11.2021 - 05.2022

MBA -

National University
08.2014 - 09.2016

BBA -

National University
07.2010 - 06.2014

Similar Profiles

  • Dom Lamour

    Dom LamourDom Lamour

    Financial Specialist at Platform FundingFinancial Specialist at Platform Funding

  • Monique Jackson

    Monique JacksonMonique Jackson

    Behavioral Health Technician at Community Services For Every1Behavioral Health Technician at Community Services For Every1

  • Darien Chandler

    Darien ChandlerDarien Chandler

    Bartender at New York Beer ProjectBartender at New York Beer Project

  • Gennesis Rodriguez Ortiz

    Gennesis Rodriguez OrtizGennesis Rodriguez Ortiz

    Assistant Director at Doodle Bugs! Children's Learning AcademyAssistant Director at Doodle Bugs! Children's Learning Academy

  • James Blue

    James BlueJames Blue

    Cybersecurity Analyst (SOC I) Apprentice, Cybersecurity Analyst (SOC I), SOC at Talent Solutions, IncCybersecurity Analyst (SOC I) Apprentice, Cybersecurity Analyst (SOC I), SOC at Talent Solutions, Inc

CREATE PROFILE
Minhazul ChowdhuryCybersecurity Analyst