Pratt Oben
Ypsilanti,MI
Summary
Motivated and passion-driven IT professional with notable success in triaging, analysis and handling of security incidents/alerts to meet security standards and business goals. With five years of experience ranging from SOC operations, cyber threat analysis & Incident response, email threat protection and phishing email analysis, network security monitoring & risk mitigation, DLP monitoring, endpoint detection and response. Skilled in adapting to new situations and challenges to best enhance the organizational brand.
Overview
5
5
years of professional experience
Work History
Incident Response Analyst
AutoDesk (ADSK)
12.2019 - Current
- Monitor and analyze logs and alerts from a variety of different tools across multiple platforms in order to identify vulnerabilities and exploits to mitigate security risk.
- Responding to security incidents, handling of security incidents and forensic analysis duties.
- Performed technical analysis involving threat event data and evaluating malicious activity.
- Hands-on experience with DLP alerts, and email triaging, assessing, and analyzing incidents in phishing and malware.
- Managing rules and policies, tuning request recommendations/submissions.
- Managed email security solutions and maintain email rules and filtering.
- Assess the security impact of security alerts and traffic anomalies to identify malicious activities and take mitigating actions.
- Intake of bug bounty vulnerability reports, triaging, working and communicating with security champions/engineers for fixes and patches.
- Understanding of security vulnerabilities, attacker exploit tactics/techniques, and methods for remediation.
- Effectively documenting of cyber threat analysis, preparing comprehensive handoff or escalation of alerts/events.
- Writing technical articles for knowledge sharing within the team.
- Other regular reporting includes, Daily Cyber Headlines, Weekly Threat Updates, Monthly Threat Briefing and an Annual Threat Landscape
SOC / Information Security Analyst
FedEX
02.2017 - 11.2019
- Generate end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
- Experienced with working in 24x7x365 security operation settings.
- Adhere to policies, procedures, and security practices.-Resolve problems independently and follow documented escalation procedures
- Performed active security monitoring and investigating complex security alerts/events to identify indicators of compromise.
- Conducted advanced phishing email analysis to identify true/false positives.
- Handled user requests and questions received via phone, e-mail, through internal ticketing system in timely and detail-oriented fashion to resolve multitude security related situations
- Providing log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions.
- Developed and updated internal documentations, such as detailed procedures, playbooks,
- Performed review of log files, correlate data sets, and document evidence and findings for all incident investigations.
- Review analysis of peers and less experienced analysts for accuracy, quality, and adherence to SOC standards.
- Partnered with security engineering and operations teams to manage SIEM platforms, including design and engineering; and develop process and program documentation as needed
- Perform network security monitoring and incident response
- Engaged in Threat Hunting activities.
- Reviewed violations of computer security procedures and developed mitigation plans.
Education
Bachelor of Science - Information Technology
University of Buea
Cameroon2013
Skills
- Technical depth with specialties on : Malware analysis, host analysis, security monitoring, log analysis and forensic tools
- Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools
- Experience with cloud security, logging, monitoring, and alerting tools (AWS, Azure)
- Knowledge of features, tools, and processes used for maintaining secure environments
- Working knowledge with Microsoft Active Directory
- Familiar with Cyber Kill Chain / MITRE ATT&CK frameworks and Incident response life cycle
- Excellent written and verbal communication skills
- Excellent critical thinking, analytical skills and organizational skills
- Always willing to learn arising technologies and acquire new skills quickly
- Significant practical knowledge with Linux and Windows operating systems
- Experience with scripting languages (PowerShell, Python, etc)
- Experienced in designing playbooks for responding to security incidents
- Ability to view new processes and procedures as opportunities for enhancement, growth and improvement
Tools
EDR ( CrowdStrike Falcon, SentinelOne, Cybereason)
Cloud ( AWS GuardDuty, MS Defender for Cloud, Azure & MCAS)
Network (FireEye NX, DarkTrace and Fortigate, NBA for Splunk)
Logs and Packet analysis (Splunk ES, Wireshark and tcpdump)
SOAR (Splunk Phantom, FortiSOAR and Demisto SOAR)
Ticketing (ServiceNow, BMC Remedy and Jira)
DLP (Google DLP, Cisco Ironport DLP and Forcepoint DLP)
Email Protection (Proofpoint Enterprise, Tap and Trap, MS O365 Defender)
Timeline
Incident Response Analyst
AutoDesk (ADSK)
12.2019 - Current
SOC / Information Security Analyst
FedEX
02.2017 - 11.2019
Bachelor of Science - Information Technology
University of Buea
Similar Profiles
Mariah SyrettMariah Syrett
Engineering Manager at AUTODESKEngineering Manager at AUTODESK
Carmichael G. AlvarezCarmichael G. Alvarez
Deal Desk Analyst at AutodeskDeal Desk Analyst at Autodesk
Wayne ScottWayne Scott
Sr. Technical Support Specialist at AutodeskSr. Technical Support Specialist at Autodesk
Madison BellusMadison Bellus
Janitor at 242 Community ChurchJanitor at 242 Community Church
Christina HolmesChristina Holmes
Caregiver at Curavitae (Kennedy Care)Caregiver at Curavitae (Kennedy Care)