Cyber Security Analyst
Cisco Systems - Saudi Arabia
Total des années d'expérience :8 years, 2 Mois
• Responsible for working in a 24/7 Security Operation Centre SOC and cyber defence centre environment .Monitor and Analyse network security events by using SIEM.
• Experience of realm of incident investigation, intrusion detection/handling, triage, networking, system log analytics and SIEM security Facets.
• Malware analysis and prompt Incident Response.
• Recognizing successful / potential intrusions and compromises through review and analysis of relevant event detail information.
• Leverage emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
• Gather and evaluate asset data for further investigation to determine and direct remediation along with recovery efforts.
• Working and collaborating with IR Lux-Platinum Cisco Team.
• Developing Soft skills and user awareness methodology for mitigating security breaches.
I have been working with McAfee ESM, Cisco AMP, TAMKEEN, Cisco firepower, McAfee Nitro, Alien Vault, Splunk, Secure Works, Phishme Triage, Wireshark, Nmap, Qualys, Nessus, Symentic EPS, Bit9 and much more.
Managing wholesale traffic.
• Recognizing successful / potential intrusions and compromises through review and analysis of relevant
event detail information.
• Launch and track investigations to resolution. Recognizes attacks based on their signatures. Differentiates
false positives from true intrusion attempts.
• Alerts concerned stakeholders of intrusions and potential intrusions and compromises to their IT
environment.
• Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques
and notifies concerned when appropriate.
• Conduct periodic Vulnerability Assessment and Reporting.
• Configuration Review of security devices.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed
services.
• Respond in a timely manner (within documented SLA) to support, threat and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Respond to needs and questions of customers concerning their access to network resources through their
managed device
• Adhere to policies, procedures, and security practices.
• Resolve problems independently and understand escalation procedure
• Publish reports/dashboards to applicable teams as per agreed schedule
• Implementation of TCP/IP protocols, Network Analysis and Network Security Applications.
• Knowledge of common internet protocols and applications.
• Experience of realm of incident investigation, intrusion detection/handling, triage, networking, system
log analytics and SIEM security Facets.
• Firewalls Configurations and NIPS/NIDS.
• Carrier, Interconnect and Service creation and implementation.
• Provisioning of customers to different destinations.
• Capacity management of carriers.
• Diagnosis, Troubleshooting and analyses of issues.
• Problem resolution.• Strategic and Tactical planning.
• Negative margin implementation on customer.
• Routing operation for different Suppliers.
• Maintenance of services.
• Testing and Monitoring.
• Voice Traffic handling over peak hours.
• Identify departmental needs and make suggestions regarding technical direction.
• Managing customer and supplier interconnects over breaches and taking necessary specific action on
time.
• Analyze commercial needs.
• Responding to inquiries from commercial, service providers and outside vendors and etc. to provide
technical assistance and support.
• Testing different routes upon commercial request.
• Online conversation with customers and suppliers on skype to tackle issues and provide efficient
technical support.
• Activation of retail cards, CDR’s downloading and storing on servers.
• Monitoring performance reports of customers and suppliers and take necessary actions upon issues.
• Solving customer trouble tickets technically and responding them on mail.
• Intimating Supplier by opening trouble tickets on them for their respective issues.
• Trouble ticket investigation in depth through Wireshark and after finding root of issues taking
necessary steps to solve the issues.
• Increasing profit by efficient utilization of routes via applying best routing techniques.
• On time and quick response to TT’s by solving them.
• Proactive Monitoring of Active calls on switch to minimize chances of system halt.
• Carriers Balance supervision, in case of expiry timely intimation to finance to cater with.
• Implementation of TCP/IP protocols, Network Analysis and Network Security Applications.
• Knowledge of common internet protocols and applications.
• Monitoring performance reports of customers and suppliers and take necessary actions upon issues.
• Carrier, Interconnect and Service creation and implementation.
• Provisioning of customers to different destinations.
• Routing operation for different Suppliers.
• Maintenance of services.
• Intimating Supplier by opening trouble tickets on them for their respective issues
• Proactive Monitoring of Active calls on switch to minimize chances of system halt.
• Increasing profit by efficient utilization of routes via applying best routing techniques.
• Testing different routes upon commercial request.
• Activation of retail cards, CDR’s downloading and storing on servers.
CERTIFICATIONS & TRAININGS: •CCNA Routing & Switching Certified Cisco ID No CSCO13128481 CEHv10,ECIH,Elearn junior penetration tester and SAN FOR508 advance incident response threat hunting and Advance forensics. • Microsoft Certified Solution Expert Training • Cisco IOE (Internet of Everything) and Podcast • Cisco Cyber security • Cisco Mobility Fundamentals • Cisco Entrepreneur Training • Cisco GET CONNECTED (Computer and Internet Navigation Skills)