Noela Ndum

SOC Analyst

Dynamic IT Security

01.2017 - Current

Implemented security measures to reduce threats and damage related to cyber attacks.
Investigated and resolved incidents of unauthorized access to sensitive information.
Investigate, analyze, and process phishing emails
Performed risk analysis to identify appropriate security countermeasures
Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts
Perform incident monitoring, response, triage and initiate response
Research new and evolving threats and vulnerability with potential with to impact the monitored environment
Conduct proactive monitoring, investigation, and mitigation of security incidents
Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies through monitoring of vulnerability scanning devices
Actively participate in information cybersecurity and vulnerability management programs including efforts related to vulnerability identification through scanning, remediation planning, tracking, implementation and log analysis
Performed Incident response as part of a team using NIST -800-61 Rev2 as a guide. Implement, reviewing, maintaining, and monitoring Information Security Management Systems involved in International and Commercial projects in accordance with Sans-20 critical controls.
Created, facilitated, and managed risk identification and remediation processes. Ensured risk remediation plans exist and are sufficient; track remediation plans to completion and ensure remediation is on-time and sustainable; ensure action plans and remediation of issues by Risk Owner
Conduct proactive monitoring, tracking, investigation, escalating, and analyzing systems for potential security anomalies using tools like Crowdstrike, DLP, FireEye NX
Investigated malicious phishing emails, domains, and IPs using Open-Source tools to recommend proper blocking methods based on thorough analysis
Investigate security breaches and other cyber security incidents, social engineering and malware events
Performed regularly scheduled vulnerability scanning and manage remediation of identified issues
Create and track incidents and request using ticket tool: ServiceNow, JIRA
Perform root analysis for cybersecurity incidents to support recommendation made to further improve client security posture
Developed plans to safeguard computer files against modification, destruction, or disclosure.
Conducted security audits to identify vulnerabilities.
Analyzed network traffic and system logs to detect malicious activities.
Administered and monitored firewalls, intrusion detection systems and anti-virus software to detect risks
Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations, and prioritization of events based on risk
Experience with incident response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusions attempts and false alarms, managing and tracking investigations to resolution
Familiar with the following technologies ; NIST incidence Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & common knowledge (ATT&CK)
Investigate all reported suspicious email and determine whether the emails are malicious, non-malicious or legitimate and reply to the user who reported the suspicious email with a message reporting the findings and any recommendations