Tambe Tambe
Summary
Highly skilled and dedicated cybersecurity professional with expertise in monitoring and identifying security issues, conducting vulnerability analysis, and coordinating mitigation efforts. Intrusion Detection, Threat and Malware Analysis and participating in Security Incident Response process until remediation Proficient in performing system maintenance, delivering security awareness training, and maintaining confidentiality of sensitive information. Committed to staying updated with cybersecurity trends and implementing effective security measures. A team player with good written and verbal communication
Overview
5
5
years of professional experience
Work History
SOC Analyst
Unisys
06.2022 - Current
- Consistently monitoring and working on alerts generating on Splunk
- Investigating, analyzing, and processing phishing email alerts from IronPort and FireEye EX following standard operating procedures
- Assisting in creating Splunk dashboards to capture all customized logs generated by systems and applications
- Evaluating and processing Web Site Review Requests from internal users to access blocked websites using OSINT tools
- Assisting in creating new use cases and performing SOC testing
- Creating and updating SOC run books as required
- Performing endpoint investigations using FireEye and McAfee epos
- Investigating attachments and links for imbedded malware using FireEye ETP, IronPort, and Threat Grid
- Giving client recommendations on how to securely resolve escalated issues
- Training new employees on how to handle investigations and safely deal with phishing emails
- Developing follow-up action plans to resolve reportable issues and communicating with other IT teams to address security threats and incidents accordingly
- Supporting Incident Response till resolution following Standard Operation Procedures (SOP)
- Prioritizing and differentiating between potential intrusion attempts and false alarms
- Assisting with the development of processes and procedures to improve incident response times, analysis of incidents, and overall, SOC functions
- Responding to computer security incidents by collecting, analyzing, preserving digital evidence, and ensuring that incidents are recorded and tracked in accordance with organizational SOC requirements
- Using McAfee DLP to protect intellectual property and ensuring compliance by safeguarding sensitive data
- Analyzing email logs to confirm malicious emails were not delivered or are quarantined and malicious attachments dropped
- Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS), security events and logs to identify abnormal and suspicious activity
- Working with SOC Engineers and other SMEs to operate Intrusion detection and prevention systems (IDS/IPS) such as SNORT and Sourcefire to analyze, detect worms and vulnerability exploit attempts
- Staying up to date with current vulnerabilities, attacks, and countermeasures.
Cybersecurity Analyst
Today’s Technology
06.2021 - 06.2022
- Providing 24/7/365 real-time monitoring of security tools, dashboards, and email alerts
- Reporting security incidents using ServiceNow ticketing system for events that become a declared incident and require Tier 3 Incident Response review
- Performing triage on alerts by determining their criticality and scope of impact
- Triaging and investigating alerts coming from cloud endpoints such as CloudTrail and Guard Duty
- Reviewing and collecting asset data; indicators of compromise, logs, configurations and running processes, on these systems for further investigation and reporting
- Involved in planning and implementing preventative security measures and in building incident response and disaster recovery plans
- Investigating, analyzing, and processing retroactive and reported phishing email alerts from IronPort while following standard operating procedures
- Use O365 Threat Explorer to analyze, scope and determine the recipients of the phishing emails withing the company
- Evaluating and processing Web Site Review Requests from internal users to access blocked websites using OSINT tools
- Working incidents from initial assignment to final resolution
- Assisting in building SOPs as needed or directed to facilitate SOC operations and processes
- Fully documenting assigned tickets to show all work performed and attach the required artifacts in order to pass Security Lifecycle Review (SLR)
- Working incidents from initial assignment to final resolution
- Monitoring the health of security devices and syslog instances and responding to anomalies as defined in the SOP
- Performing email-based investigation and successfully containing phishing emails and potential email account takeovers
- Performing threat intelligence including open-source investigations to identify current attacks that may target the client’s industry
- Providing support in identifying malicious network activity, threats impacting network operations and developing appropriate countermeasures, eliminating network threats and vulnerabilities
- Investigating alerts and performed searches on Splunk SIEM
- Investigating phishing alerts up until containment and eradication
- Performing risk analyses to identify appropriate security countermeasures
- Maintaining data management and storage systems to protect data from compromise
- Developing team communications and information for meetings
- Participating in continuous improvement by generating suggestions, engaging in problem-solving activities to support teamwork
- Assisting in performing Root Cause Analysis (RCA) and make preventative recommendations for incidents and events
- Recognizing potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools
- Creating, tracking, and working to resolution Normal and Standard job-related Change Requests
- Assisting with the creation of the daily SOC report and Shift reports and pass down emails to the incoming shift members
- Participating in daily security meetings with team members and customer teams.
Help Desk Analyst
Top Group Technology
01.2019 - 06.2021
- Resolved complex technical issues that arose on client computer using troubleshooting
- Effectively made recommendations to IT users on selection of hardware and software
- Successfully administered user accounts, Exchange mailboxes, and security and distribution
- Managed assets inventory and deployed desktop images to end users
- Worked directly with HR dealing with New Hire Onboarding Process and trained
- Diagnosed, troubleshoot and resolved a range of software, hardware and connectivity issues
- Excel in asking probing questions and researching, analyzing and rectifying problems
- Assisted in determining requirements and developing plans to ensure smooth installation and documentation of new software and applications
- Performed analysis/troubleshooting of pcs peripheral devices including printers
- Performed scans on PCs ensuring network devices are 100% compliant with latest security patches
- Participated in revolving on-call schedule to provide 24/7 service to users
- Troubleshoot various technical issues dealing with printers, network, and phone systems.
Education
Bachelor in Information Technology -
University Of Yaoundé 1
CompTIA
Skills
- Malware Analysis/Endpoint Security
- Incident Response/Cyber Threat Intelligence
- Data Loss Prevention/Anti-Phishing
- Wireshark/Snort/MCAS
- Network Security Protocols/ TCP/IP
- Nessus- for vulnerability
- Thread Grid/Anyrun
- Splunk ES/ Jira
- Firepower/ FireEye
- Phishing Awareness
- ServiceNow/SharePoint
- CrowdStrike/TrendMicro
- Palo alto/Cisco IronPort/O365
- Linux/Windows/ Virtual Machines/
- Citrix
- Active Directory/Microsoft Office
- Virus Total, Domain Tools, IP/URL void, IBM X-Force
- AWS Cloud Security Guard Duty/ CloudWatch/CloudTrail
Timeline
SOC Analyst
Unisys
06.2022 - Current
Cybersecurity Analyst
Today’s Technology
06.2021 - 06.2022
Help Desk Analyst
Top Group Technology
01.2019 - 06.2021
Bachelor in Information Technology -
University Of Yaoundé 1
CompTIA
Similar Profiles
Debra StognerDebra Stogner
Sr. HR Business Partner at UnisysSr. HR Business Partner at Unisys
Morris BanksMorris Banks
Field Engineer at UnisysField Engineer at Unisys
Naresh Kumar KothapallyNaresh Kumar Kothapally
Service Manager at UnisysService Manager at Unisys
Rinchuila ShatsangRinchuila Shatsang
Customer Success Associate at UnisysCustomer Success Associate at Unisys
null null
SOC Security Analyst / Incident Response SOC Analyst at Saic (Science Applications Int.)SOC Security Analyst / Incident Response SOC Analyst at Saic (Science Applications Int.)