Yohannes Teklu
Virginia Beach,Virginia
Summary
A multifaceted professional, Experience and skills in threat and vulnerability management, information security analysis, information security architecture, information security policy design, risk assessment, security incident response, and security solution implementation and administration.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Cloud Security Analyst
Amazon
Suffolk, VA
08.2022 - Current
- Work on a day-to-day basis to document vulnerabilities, launch on-site scans, schedule scans, and mitigate vulnerabilities
- Performed real-time proactive Security monitoring and reporting on various Security enforcement systems, such as Splunk (SIEM), Endpoint Protection, ATP defender, Malware Analysis, Firewalls, IDS& IPS, Web Security etc
- Managing all ACC systems from endpoint perspective using McAfee ePO tool which includes managing Agent, VSE, pushing client tasks
- Implemented and configured Cisco tetration and Cisco Email security from scratch
- Performed log ingestion in Azure Sentinel and configured connectors
- Experienced with Azure E5 security tools products (Defender ATP, Azure Sentinel, Azure ATP, Office 365 security, security center, Defender for Identity, Defender for endpoint
- Developed security use-cases and provide tuning of Azure Sentinel to ensure proper alerting of security threats
- Assisted is the initial SIEM deployment and oversee SIEM operations, finetuning SIEM and associated use cases, data queries, and dashboards
- Responsible for security patch deployment to windows and linux servers
- Performed installation and configuration management of security systems and applications including Cisco Email Security, Cisco tetration, Burp Suite, Microsoft defender ATP, including policy assessment and compliance tools, network security appliances and host-based security systems
- Provided leadership in architecting and implementing security solutions towards Nessus, ATP defender, Cisco tetration, Cisco Umbrella, Cisco stealthwatch and Cisco Email security
- Created three step Security awareness training program using KnowBe4 and SANS LMS
- Investigated workstations, endpoints, servers and applications for ransomware infections using Endpoint tools
- Develop reports that detail compliance and security gaps including risk severity level, systems impacted, business risk summary, and recommendations that re-mediate all findings
- Administered AzureAD for providing O365 and Defender ATP permissions
- Identified vulnerabilities, recommend corrective measures and ensure the adequacy of existing information security controls
- Configure and upgrade Nessus and ATP defender vulnerability management console
- Analyze various vulnerability reports and create a remediation plan for them
- Setup new scan engines and configure firewall rules to separate scans based on different domains
- Research all vulnerabilities present in ACC environment and to figure out various strategies to implement to secure assets and to generate the risk.
Cloud Security Engineer
Fanueil
Yorktown, VA
03.2019 - 06.2022
- Continuously monitored threats to IT environment which includes actively monitoring Akamai Web application Firewall, monitoring IDS for malicious traffic, regular monitoring for malicious AP's and compromised credentials
- Developed Azure Sentinel queries and assisted creating security policies, executes, and managed data system and network security across the enterprise
- Assisted and implemented security policies and procedures such as user login and authentication rules, security breach procedures, escalation procedures, security auditing procedures and the use of firewalls and encryption routines
- Provide 24x7 Tier3 support to Global threat operations team and incident response and investigation process to the NT's security incidents
- Daily monitoring of WAF using Akamai and provided traffic metrics
- Monitored Alert logic WAF and handled daily operations including providing metrics
- Provided weekly status reports and metrics to the upper management
- Highly proficient with Azure Sentinel, Microsoft Cloud app security, Defender security center, Intune and other Microsoft security platforms
- Managed, configured and monitored azure security center
- Performed Security monitoring including log aggregation, collection, correlation and alerting of security events and incidents
- Configured alerting rules and assisted for real time alerting in Azure Sentinel for events
- Responsible for white listing and blacklisting of indicators of compromise in various tools such as Microsoft Defender, O365, MCAS, Palo alto and Cisco ASA
- Perform threat hunting on regular basis and block IOCs in the appropriate tools
- Gather intel from Threat intelligence different security sources to monitor the environment for zero-day attacks, Phishing campaigns, blocking indicators of compromise, setting security alerts
- Performed Forensic analysis with Magnet Axiom
- Manage administrative tasks in security tools and performs off boarding of accounts from NT
- Build and tune KQL queries for investigation purposes
- Worked on complex assignments and provided security solutions
- Analyzed security analysis reports for security vulnerabilities and recommending feasible and appropriate options to Vulnerability management team
- Monitored multiple logs across diverse platforms such as F5, Palo Alto, Azure AD, Cisco ASA, and others to uncover specific activities as they occur from platform to platform
- Responded to security incidents, conducting forensic investigations on the affected devices and provide complete reports to the management
- Worked with managed service providers, log sources and various teams to identify threats to NT and provided effective mitigations to avoid business interruptions and resolved issues including third party monitoring tools.
Education
Bachelor's Degree -
Western Governors University
Skills
- IT Security
- Threat and Vulnerability Management
- Information Security Analysis
- Information Security Architecture
- Security Policy Design
- Risk Assessment
- Incident Response
- Security Solution Implementation
- Administration
- Application Security
- Identity and Access Management
- Network Security
- Microsoft Azure
- Microsoft Defender for Identity and Endpoint
- Microsoft Cloud App Security
- Microsoft Exchange Center
- Microsoft Compliance Center
- SIEM Operations
- SIEM Implementation
- SIEM Monitoring
- Threat Intelligence
- Malware Analysis
- Cyber Threat Detection
- Security Advisory Integration
- QRadar
- Splunk
- Google Chronicle
- IT Risk Management
- Threat and Vulnerability Analysis
- System Authorization
- DLP
- Endpoint Security
- IPS/IDS
- SIEM Security
- Application and Web Security
- Cloud Security
- Firewalls
- Operating Systems
- Security Intelligence
- Vulnerability Management
- Web Security
Certification
- Security plus
- Microsoft 365
- A+
Languages
English
Full Professional
Timeline
Cloud Security Analyst
Amazon
08.2022 - Current
Cloud Security Engineer
Fanueil
03.2019 - 06.2022
Bachelor's Degree -
Western Governors University
Similar Profiles
Ruben Frausto JrRuben Frausto Jr
Maintenance Technician III at AmazonMaintenance Technician III at Amazon
Sreeram TRSreeram TR
Catalog Manager at AmazonCatalog Manager at Amazon
Yashvvi JangidYashvvi Jangid
Senior Risk Analyst at AmazonSenior Risk Analyst at Amazon
Vivian MaxwellVivian Maxwell
Associate at AmazonAssociate at Amazon
Daryl Drake NecesitoDaryl Drake Necesito
Instacart Shopper, DoorDash, Ubereats at Uber EatsInstacart Shopper, DoorDash, Ubereats at Uber Eats