Ralph Williams
Woodland Hills,CA
Summary
A Cyber Security Analyst with 4 years proficient and thorough experience and a good understanding of information technology. Specialized in proactive network monitoring of SIEM, good understanding of security solutions like Anti-virus, Firewall, IPS/IDS, Email Gateway, Proxy, etc. Hands-on experience with ArcSight SIEM tool for logs monitoring and analysis, and ServiceNow ticketing tool for incidents response. Good knowledge of networking concepts including OSI layers, subnet, TCP/IP, ports, DNS, DHCP, etc.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Network Engineer
Apex System-Leidos-SMIT Project
06.2022 - Current
- Experience Installing, configuring, and maintaining network equipment such as Cisco routers, Cisco switches, Brocade switches, Juniper firewalls, and wireless access points
- Implement and enforce network security protocols, including firewalls, intrusion detection systems, and access controls
- Monitor network traffic for security breaches and investigate potential threats
- Daily Monitoring of network activities to access which networks are down and which networks are up and proceed in troubleshooting
- Experience with Port Patching, Configuration, and troubleshooting ports, assigning user VLAN and printer VLAN
- Diagnose and troubleshoot network issues using various network diagnostic tools and techniques
- Such as putty
- Analyze network performance data to identify bottlenecks and implement solutions to improve network efficiency
- Utilize network monitoring tools to constantly monitor network performance, identify potential issues, and proactively resolve them
- Maintain accurate documentation of network infrastructure, configurations, and procedures
- Provide technical support and guidance to end-users, including troubleshooting network connectivity issues and resolving user-related network problems.
Information Security Analyst
US NAVY
12.2019 - Current
- Establishing, monitoring, and maintaining radio frequency communication systems
- Operating and maintaining global satellite telecommunications systems
- Transmitting, receiving, and storing all incoming and outgoing messages
- Managing and coordinating information systems security across platforms and fleets
- Designing, installing, and operating wide-area-networks, computer systems, and associated devices
- Performing network system administration, maintenance, and training, and managing network security
- Installing applications, troubleshooting user problems, and providing training and assistance with use of computer hardware and software
- Writing programs to collect and distribute data for a variety of applications
- Ensuring proper security and handling of communications materials, systems, and equipment
- Performing diagnostics and data recovery operations and maintaining logs.
SOC Analyst
Teck Geek, Inc.
02.2017 - 12.2019
- Conducted real-time monitoring and analysis of security alerts received through SIEM tools
- Collaborated with other security team members to investigate and triage security incidents
- Utilized various security tools and techniques to identify and remediate security issues
- Provided forensic analysis oversight and guidance to internal and external incident response teams
- Conducted periodic security testing and identified vulnerabilities, providing recommendations for remediation
- Monitored various security-related metrics and generated regular reports for management
- Participated in incident management and business continuity planning activities
- Developed and maintained SIEM rules to detect and block unauthorized and malicious activities
- Conducted network intrusion detection and analyzed network traffic for anomalies
- Conducted threat intelligence analysis to ascertain and identify known and emerging threats
- Developed and maintained SOC procedures and guidelines
- Participated in security assessments and provided recommendations for security improvements
- Support Incident response and recovery process
- Escalating the security incidents based on the client's SLA and providing meaningful information related to security incidents by doing in-depth analysis of event payload, and providing recommendations regarding security incidents mitigation which in turn makes the customer business safe and secure
- Contacting customers directly in case of high-priority incidents and helping customers in the process of mitigating attacks
- Determine the scope off security incidents and their potential impact on the Client network; recommend steps to handle security incidents with all information and supporting evidence of security events
- Monitoring security systems and networks for anomalies
- Work closely with business units to ensure that they know what and how to feed data into the ArcSight SIEM
- Co-ordinate with networking teams to maintain and establish communication to remote ArcSight Connectors
- Investigate malicious phishing emails, domains, and IPs using Open-Source tools and recommend proper blocking based on analysis
- Installing ArcSight and Splunk Connectors
- Upgradation of ArcSight Connectors
- Integration of new devices with ArcSight such as Windows, Linux, CISCO Firewall, Routers, Switches, etc
- Doing the troubleshooting if any device is not sending the logs to ArcSight, or Splunk
- Creation of ArcSight content like Correlation Rules, Query, Report, Dashboards etc
- Maintain akeen understanding of evolving internet threats to ensure the security of client networks
- Troubleshooting SIEM dashboard issues when there are no reports getting generated or no data available.
Education
Master of Science, Cybersecurity and information Assurance -
WGU
Salt Lake City, UT12.2025
Bachelor of Science in Cybersecurity -
Columbia College
MO, Missouri Columbia10.2023
Skills
- 4 years experience in detection, response, mitigation, and reporting of cyber threats affecting networks
- 4 years of practical experience with log management and SIEM (Splunk, IBM, QRadar, ArcSight)
- Experience using ticketing systems for tracking (Jira, Remedy, ServiceNow)
- Strong understanding of incident response methodologies and reporting
- Possesses a solid understanding of CP/IP protocol suite, security architecture, and common TTPs (tactics, techniques, and procedures) used by that threat actor
- 4 years experience with systems analysis and digital Forensic Tools (FTK, Autopsy, Encase, Prodiscover, winHex)
- Experience with SOAR platforms, such as (Swimlane, IBM Resilient, Splunk Phantom, Siemplify)
- Experience with endpoint protection platform platforms, such as (SentinelOne, McAfee ePO, Cybereason, and Endgame)
- Ability to assess information on network threats such as scans, computer viruses, or complex attacks
- Experience with packet analysis such as HTTP Headers and status codes, SMTP traffic and status codes FTP traffic and status codes
- Working knowledge of network protocols and common services, web application firewalls, and vulnerability assessment (HTTPS, HTTP, SMTP, FTP, UDP, TCP/IP)
- Experience in software development life cycle, automation technologies, and continuous integration and continuous development pipeline
- Naturally, nature is persistent and determined, and loves solving problems and puzzles analytically with rigorous uncompromising integrity
- Experience working in a team-oriented, collaborative environment with a high level of analytical and problem-solving skills
- Email Analysis
- Incident Responds
- Erecting firewalls
- Endpoint Detection and Response
- Nessus Vulnerability Management
- ArcSight
- Splunk SIEM
- Scripting
- Linux OS (Redhat, CentOS)
- Cyber Security
- End Device Integration with SIEM tool
- Data security
- Wireshark software
- IDS/IPS Integration
- Intrusion Test Oversight
- Incident Response Management
- CIS Compliance
- Digital Forensics
- Malware Analysis
- Cloud Engineer
- SQL
Certification
- SAFe Agile Scrum Master, 81263288-7296, Scale Agile, Inc
- CompTIA CASP+, BS8SGHTQMF11QBSK, CompTIA
- CompTIA Security+, H435JNPSBJBEQBWV, CompTIA
- CompTIA Network+, WBVL690SDBQE1T9H, CompTIA
- CompTIA CySa+, BLXFCS1YMNV1159B, CompTIA
- CCNA, 2bf34f7375654c208aee1d0de368117c, CISCO
- ISC2 CC
Accomplishments
- CompTIA Security Analytics professional certification: - CSAP certification
- CompTIA Security Analytics Expert- CSAE Certification
- SIEM- EXPERT – SOC Analyst Certified
Timeline
Network Engineer
Apex System-Leidos-SMIT Project
06.2022 - Current
Information Security Analyst
US NAVY
12.2019 - Current
SOC Analyst
Teck Geek, Inc.
02.2017 - 12.2019
Master of Science, Cybersecurity and information Assurance -
WGU
Bachelor of Science in Cybersecurity -
Columbia College
Similar Profiles
Matthew KellerMatthew Keller
Cybersecurity Analyst at Leidos (Portsmouth Paducah Project Office)Cybersecurity Analyst at Leidos (Portsmouth Paducah Project Office)
Jessica WolschlegerJessica Wolschleger
Project Management at Leidos (VA CMOP/Automated Prescription Fulfilment System)Project Management at Leidos (VA CMOP/Automated Prescription Fulfilment System)
Ankit Kumar SinghAnkit Kumar Singh
Project Manager at Apex Mega ProjectProject Manager at Apex Mega Project
Artin PourfarziArtin Pourfarzi
Sports Medicine Assistant at Agoura High SchoolSports Medicine Assistant at Agoura High School
Mia MenseMia Mense
Volunteer Umpire at Westlake Agoura Girls SoftballVolunteer Umpire at Westlake Agoura Girls Softball