STENESTALYNE M CHEGHE

• Investigate, analyze, process, and resolve network security event alerts using SIEM tools; FireEye NX, Cisco Sourcefire and Splunk Enterprise (Search & Reporting)
• Investigate, analyze, process, and resolve phishing email alerts using various tools.
• perform network troubleshooting to isolate and diagnose common problems
• Review and analyze security event alerts and identify IOCs in network level, application, and endpoint to determine if they are false or true positives
• Provide intermediate event analysis, incident detection, and escalate as needed to Level 3 Analyst with documented procedures
• Remain current on cyber security trends and intelligence (open source and commercial) in order to guide the security analysis & identification capabilities of the SOC team
• Ensures that all identified events are promptly validated and thoroughly investigated
• Investigate, analyze, process, and resolve endpoint security event alerts using SIEM tools; FireEye HX, McAfee Antivirus, and Splunk Enterprise Security
• Actively take part in incident response to endpoint compromise such as host triage, dynamic malware analysis, remote system analysis, end-user interviews, and remediation efforts
• Utilize Splunk Logs to search, analyze, and investigate machine-generated alerts from company’s network, application, and endpoint devices
• Analyze log data (firewall, network flows, IDS, IPS, System logs) to perform root cause of security incidents to include all stages of the cyber kill chain as appropriate
• Worked with other teams to enforce security of applications and systems.
• Perform Threat Intelligence by reviewing reports on threat actors, identifying IOCs, and checking for hits in our systems before blocking malicious IOCs using FireEye HX, Carbon Black, and approved Firewall
• Investigated and resolved incidents of unauthorized access to sensitive information.
• Follow, create, and update changes to SOPs and other similar documentation
• Educated and trained users on information security policies and procedures.
• Oversee documentation owned by SOC team including but not limited to Standard Operating Procedures (SOPs) and Operational Level Agreements (OLAs)
• Implemented security measures to reduce threats and damage related to cyber attacks.
• Coordinate response, triage and escalation of security events affecting the company’s information assets and activities with the Incident Response team
• Analyzed network traffic and system logs to detect malicious activities.
• Conduct log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources
• Conducted security audits to identify vulnerabilities.
• Correlate network, cloud, and endpoint activity across environments to identify attacks and unauthorized use
• Administered and monitored firewalls, intrusion detection systems and anti-virus software to detect risks.
• Review alerts and data from sensors
• Monitored use of data files and regulated access to protect secure information.
• Provide customers with incident response support, including mitigating actions to contain activity
• Reviewed violations of computer security procedures and developed mitigation plans.
• Maintain awareness of current cyber threats, attack methodologies, and detection techniques
• Monitored computer virus reports to determine when to update virus protection systems.
• Executed penetration testing to identify security weaknesses and develop disaster recovery plans.
• Recommend improvements in security systems and procedures.
• Developed plans to safeguard computer files against modification, destruction, or disclosure.
• Encrypted data and erected firewalls to protect confidential information.
• Skilled at working independently and collaboratively in a team environment.
• Performed risk analyses to identify appropriate security countermeasures.

Job Reference ;

• MR Roger Centrafrique
• Phone:2406590833
• Immediate Suppervisor: Mr Claude Koulibaly
• Phone; 2408995572
• Email: ckoulibaly@gmail.com

• As Incident Responder I provides rapid initial response to any cyber threats against enterprise and equally work as part of a team that participates in any investigations into potential and actual cyber events observed in the enterprise and also participate in support capacity conducting analysis and implementation of findings from security audits and vulnerability tests using best-practices to further enhance security posture of the enterprise
• Investigated and resolved incidents of unauthorized access to sensitive information.
• Passionate about learning and committed to continual improvement
• Worked with other teams to enforce security of applications and systems.
• Conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response
• Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response
• Develop and build security content, scripts, tools, or methods to enhance incident investigation processes
• Lead Incident Response activities and mentor junior SOC staff
• Self-motivated, with a strong sense of personal responsibility
• Work with key stakeholders to implement remediation plans in response to incidents
• Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership
• Flexible and adaptable self-starter with strong relationship-building skills
• Strong problem solving abilities with an analytic and qualitative eye for reasoning
• Skilled at working independently and collaboratively in a team environment
• Support junior personnel during investigations, working groups, and standup meetings as well as serving as alternate escalation point for issue resolution for junior analysts
• Support peers and senior personnel with documentation, metrics and security program initiatives in a force multiplier role
• Analyze reports, dashboards, and alerts to provide operational oversight of security posture of the enterprise environment
• Monitor and address all service tickets and digital correspondence coming into queue(s) and engage resources as appropriate to resolve any outstanding issues
• Analyzed network traffic and system logs to detect malicious activities.
• Managed time efficiently in order to complete all tasks within deadlines
• Implemented security measures to reduce threats and damage related to cyber attacks.
• Identified issues, analyzed information and provided solutions to problems
• Participated in team projects, demonstrating an ability to work collaboratively and effectively
• Educated and trained users on information security policies and procedures.
• Proven ability to learn quickly and adapt to new situations
• Demonstrated respect, friendliness and willingness to help wherever needed
• Proved successful working within tight deadlines and a fast-paced environment
• Strengthened communication skills through regular interactions with others
• Paid attention to detail while completing assignments
• Worked flexible hours across night, weekend and holiday shifts
• Developed and maintained courteous and effective working relationships

Job Reference:

• Job Reference ;
• Immediate supervisor: Roseline Tchuinkeu
• Phone: 2024600091
• Email Address: tchuinkeuroseline@gmail.com