Summary
Overview
Work History
Education
Skills
Certification
Ongoing educational path
Timeline
Generic

Ryan Mbah

Summary

Results-driven SOC Analyst with 3 years of experience, and Security Plus certification. Specialized in investigating and mitigating network, application, and endpoint alerts, with expertise in analyzing phishing emails, DLP alerts, and malware. Actively involved in incident response, conducting thorough investigations, and providing initial remediation. Proficient in utilizing various SIEM tools and collaborating with cross-functional teams for swift resolutions. Demonstrates strong logical and critical thinking abilities, extensive knowledge of computer network defense operations, and familiarity with MITRE ATT&CK and Cyber Kill Chain frameworks. Recognized for consistently delivering exceptional results in ensuring the security and integrity of critical systems and data.

Overview

7
7
years of professional experience
1
1
Certification

Work History

SOC Analyst

TEK-Global
02.2020 - Current
  • Demonstrated proficiency in common industry tools and technologies, including SIEM (Splunk, Splunk ES), endpoint security (FireEye HX, McAfee Antivirus, Cylance), OSINT, DLP (McAfee DLP Manager), and network security (Cisco IPS)
  • Collaborated closely with the Network Operations Center and Helpdesk to analyze suspicious events, develop security awareness, and promptly remediate security incidents.
  • Performed triage on alerts by determining their criticality and scope of impact.
  • Conducted thorough security event and alert monitoring and analysis utilizing SIEM tools such as Splunk Enterprise Security (Splunk ES) to identify potential threats and vulnerabilities.
  • Investigated and processed endpoint alerts using industry-leading tools like FireEye HX, McAfee Antivirus, Cylance, and OSINT tools for comprehensive threat analysis and response.
  • Investigated, analyzed, and processed phishing email alerts from IronPort and FireEye, following standard operating procedures
  • Monitored and analyzed web traffic, email communications, and system logs for unusual or suspicious activity, interpreting findings and recommending appropriate resolution actions.
  • Responded to reported security incidents, utilizing incident response processes to efficiently resolve or escalate incidents as needed.
  • Conducted in-depth forensics investigations using security tools like Splunk, FireEye, Cisco IPS, and OSINT to identify and mitigate potential intrusion attempts, compromises, and data breaches.
  • Worked diligently on the creation and implementation of preventative measures, including incident response and disaster recovery plans, to strengthen overall security posture.
  • Regularly researched and stayed current on information security industry news, blog posts, and emerging threats to proactively identify and mitigate risks to the organization.
  • Utilized tools like McAfee DLP Manager and Splunk Splunk ES to analyze and resolve DLP alerts, effectively ensuring the protection of sensitive information.
  • Collaborated with cross-functional teams to conduct threat hunting activities across the network, leveraging multiple internal and external sources of intelligence and cutting-edge security technologies.
  • Created detailed reports and documentation on incident investigations, root cause analysis (RCA), and preventative recommendations to enhance overall system security.

Data Analyst and Tech Support

Georgetown University Office Of Advancement
02.2017 - 12.2019
  • Maintained and updated the master database of Georgetown University,
    effectively synchronizing and reconciling student, alumni, and faculty records.
  • Expertly processed returned mail and Gifts Pledges, utilizing GAMBIT, Axosoft,
    and Alumni finder software to analyze, process, and update student and alumni
    records, streamlining administrative processes and ensuring data accuracy.
  • Provided prompt and effective assistance to customers through phone and e-
    ticket inquiries, ensuring timely resolution of computer system issues.
  • Conducted initial problem analysis, triage, and troubleshooting of customer
    issues, demonstrating strong problem-solving skills.
  • Escalated technical issues to network team or subject matter experts as
    necessary, ensuring efficient and appropriate resolution.
  • Offered direct assistance to customers via telephone and email, delivering
    excellent customer service and support.
  • Collaborated with staff associates and subject matter experts to resolve
    problems, while maintaining clear communication with network users and
    technical staff on problem status.
  • Assisted in compiling and preparing reports that highlighted progress, identified
    adverse trends, and provided recommendations based on information from the
    Call Management Tracking System.
  • Managed a comprehensive log of Frequently Asked Questions (FAQ) from all
    customer categories, ensuring accurate and up-to-date information.
  • Developed official answers to FAQs and distributed them to stakeholders,
    enhancing customer support and satisfaction.
  • Contributed to the preparation of procedure manuals and documentation for the
    help desk, facilitating efficient operations and knowledge sharing.
  • Assisted in conducting customer satisfaction surveys and tracking problem
    trends, making recommendations for improving customer experience based on
    survey results and trend analyses.
  • Contributed to the development of a comprehensive help desk training plan,
    ensuring effective training for personnel providing backup coverage and system
    users.
  • Performed additional duties such as unlocking user accounts and providing
    support for password resets, demonstrating versatility and commitment to
    customer support.

Education

Master of Science - Biohazardous Threat Agents & Emerging Infectious

Georgetown University
Washington DC
05.2017

Bachelor of Science - Medical Laboratory Science

University of Buea
Cameroon
07.2015

Skills

  • SIEM Tools like: IronPort, FireEye ETP (Email threat protection), McAfee DLP Manager, Splunk, FireEye Hx, Microsoft AZURE, Microsoft Defender ATP, Crowd strike, Carbon Black
  • ServiceNow ticketing systems
  • Software/Apps: Windows Active Directory, MS Server, Microsoft Office, Splunk, Wireshark,
  • Protocols: TCP/IP, DNS, Kerberos, Telnet, SSH, RDP, SMTP, FTP, LDAP, DHCP, HTTPS
  • Networking: Switches, Routers, Wireless Routers, Firewalls, Proxies, Pcap Analysis
  • Windows, Linux operating systems, Virtual machines, Microsoft Office Suite
  • Great communication skills and a good team player

Certification

  • Security +, Comptia

Ongoing educational path

Penetration Testing

Python Programming

Timeline

SOC Analyst

TEK-Global
02.2020 - Current

Data Analyst and Tech Support

Georgetown University Office Of Advancement
02.2017 - 12.2019

Master of Science - Biohazardous Threat Agents & Emerging Infectious

Georgetown University

Bachelor of Science - Medical Laboratory Science

University of Buea

Similar Profiles

CREATE PROFILE
Ryan Mbah