Stephane Monkam
Silver Spring,MD
Summary
Skilled SOC Analyst with 6+ years of experience in detecting network vulnerabilities, proficient in monitoring network systems. Continuous monitoring and responding to security alerts from multiple security tools. Well-versed in direct and remote analysis with strong critical thinking, communication, and people skills. I thrive under pressure in fast – paced environment while working to prevent cyber-attacks especially in business and corporate settings.
Overview
7
7
years of professional experience
Work History
SOC Analyst
Innovative Management Concepts (IMC)
Falls Church, VA
03.2023 - Current
- Apply incident handling processes, including preparation, identification, containment, eradication, and recovery, to protect enterprise environments from cyber threats.
- Investigate, analyze, and process endpoint alerts using security tools such as Microsoft Defender, FireEye NX, Symantec Endpoint Protection, CrowdStrike, and SIEM platforms like Splunk Enterprise Security (Splunk ES).
- Conduct phishing email investigations utilizing IronPort and FireEye EX, adhering to standard operating procedures (SOPs).
- Assess and process website review requests from internal users to determine access permissions using OSINT tools.
- Analyze and resolve Data Loss Prevention (DLP) alerts from McAfee DLP Manager and Splunk ES, escalating privacy-related incidents as needed to the Privacy Team.
- Continuously monitor and interpret threats using Intrusion Detection Systems (IDS) and SIEM platforms.
- Utilize Nessus for vulnerability assessments and security testing to identify and remediate potential risks.
- Monitor and analyze network traffic, IDS alerts, security logs, and events to detect anomalies and security incidents.
- Conduct triage and investigation using tools such as Splunk SIEM, Cisco Firepower, FireEye NX (IPS/IDS), McAfee DLP, and Bro network sniffer.
- Enforce security measures by blocking malicious domains, hashes, and IPs following organizational SOPs.
- Perform email log analysis in Splunk and Cisco Secure Email Threat Defense (CMD) to verify the status of malicious emails, quarantined messages, and dropped attachments.
- Collaborate with the Cyber Incident Response Team (CIRT) to investigate and remediate security incidents efficiently.
- Collaborate with internal teams, such as Detection Engineering, to refine detection rules and enhance automation workflows to close gaps in customer security posture.
- Differentiate between actual intrusion attempts and false positives, ensuring accurate threat identification and response.
- Contribute to the development of SOC processes and procedures to enhance incident response times and operational efficiency.
- Investigate endpoint security incidents leveraging tools such as CrowdStrike, Sophos, Cisco AMP, Sentinel One, Carbon Black (CB) and Trend Micro.
- Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
SOC Analyst
Caribou Thunder LLC
Colorado Springs, Colorado
11.2019 - 02.2023
- Utilized SIEM tools to investigate, triage, and respond to security alerts in a timely manner.
- Performed regular security log analysis to detect unauthorized access or suspicious activities.
- Monitored and analyzed security events and incidents to identify potential threats and vulnerabilities.
- Generated reports on security incidents, trends, and metrics for management review.
- Create custom rules in proxy to blacklist malicious domains.
- Investigate phishing alerts generated by Proofpoint and phishing emails reported by end users.
- Maintained and continuously updated the knowledge base documents with new processes and solutions as they occur.
- Documented and tracked incidents in the ticketing system.
- Maintained a customer-centric, and safety-first attitude.
- Perform Vulnerability scans and provide reports including remediation procedures.
- Investigate phishing alerts reported by our security tool Proofpoint and end users.
- Worked hand in hand with different teams to response to security incidents.
- Assist end users with security related issues.
- Work on different projects as assigned.
Education
Bachelor's degree - cyber security
University of Maryland Global Campus
MD07.2022
Skills
- Incident Response; Vulnerability Management
- Network Security Monitoring, Network-based analysis
- Experience in analyzing alerts from security tools such as IDS/IPS, EDR and SIEM
- Experience in installing operating systems such as Linux and windows
- Working knowledge of networking protocols and components including TCP/IP, DNS, SSH, DHCP
- Able to work in a fast-paced, deadline-driven, remote environment
- Good communication and writing skills
- Self-motivated and able to work in an independently or as part of a team
- Team player
- Detail oriented
- Ability to multitask
- Splunk/Wireshark/Nessus/Demisto XSOAR
- Snort/Firepower/FireEye/CrowdStrike/Carbon Black/Sophos
- Cisco Umbrella/Cisco AMP/Cisco Stealth Watch Cloud, Cisco Secure Email Threat Defense (CMD)
- McAfee/Bluecoat
- Palo Alto
- Linux/Windows/MacOS
- Microsoft Office 365 Suite/SharePoint/OneDrive/Sentinel
- Darktrace/Meraki
- ThreatGrid, AnyRun Sandbox/Cuckoo Sandbox/Silo Cloud Browser
- Virus Total, Domain Tools, IP/URLvoid, IBM X-Force, Reversing Labs
- MX Toolbox/CyberChef
- Virtualization/Virtual Box/VMware
- Google Chronicle SecOps
- PhishER, Cofense Triage
- Rapid7(InsightVM)
- Darktrace (IDS)
- Symantec Enforcer (DLP)
- SIEMs (LogRhythm)
- Proofpoint (Email Protection)
- Remedy (Ticketing)
- ServiceNow (Ticketing)
- Microsoft word, excel
- Microsoft Defender
- Menlo Security
- Tychon Rapid Query
- Mcaffee ePolicy
- OSINT
Timeline
SOC Analyst
Innovative Management Concepts (IMC)
03.2023 - Current
SOC Analyst
Caribou Thunder LLC
11.2019 - 02.2023
Bachelor's degree - cyber security
University of Maryland Global Campus
Other
US Citizen