Cyber Security Analyst
Malcrove EMEA Technology LLC
مجموع سنوات الخبرة :4 years, 10 أشهر
The job responsibilities include but not limited to the following:
• Leading, building, and maturing the threat hunting program, creating new detection methodologies, and providing expert support to incident response and monitoring functions.
• Applying analytical and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response.
• Developing, maturing, and maintaining TTP or attack pattern detection.
• Performing the full threat hunting cycle, including developing EDR detection rules, recommending, and mitigating the effects caused by an incident.
• Analyzing large and unstructured data sets to identify trends and anomalies indicative of malicious activities.
• Assisting in incident response activities such as host triage, malware analysis, remote system analysis, end-user interviews, and remediation efforts.
• Proficiently performing Level 3 Threat Hunting activities with a focus on security alert rule tuning.
• Optimizing security alert rules to reduce noise and improve detection accuracy.
• Responsible for training new L1 analyst recruits on Cyber Defense Center (CDC) procedures and tools.
My job responsibilities include but not limited to the following:
• Managing Linux based physical and virtual infrastructure, automation, containerization, and orchestration tools.
• Managing orchestration & containerization tools such as Kubernetes and Google Cloud Platform.
• Orchestrating solutions using various tools with a focus on Kubernetes and Google Cloud Platform.
• Writing and maintaining scripts and automation using Python, and Bash.
• Configuring and managing data visualization services, such as Grafana, Apache Superset, and Kibana.
My job responsibilities include but not limited to the following:
Monitoring and analyzing logs of critical assets and applications
Designing correlation rules and reporting
Fine-tuning of existing correlation rules to reduce false positives
Incident Response
File Integrity Monitoring (FIM) using Wazuh
Identification of vulnerabilities, risks, threats, and compromises
Coordination with other teams for patches and countermeasures
My training included but not limited to the following:
Working in NOC.
Experienced different servers and setting them up at Data Center
Took part in setting up different servers in the newly established data center.
Setting up computers to the new domain at the data center.
My training included but not limited to the following:
C#.NET Desktop Application development.
Database Management on SQL Server
Report generating in Crystal Reports
1) Academic Credential Verification Using Blockchain Technology - Final Year Project 2) File Encryption System using XOR Stream Cipher 3) Tetris Computer Desktop Game 4) Home Security System 5) Inventory Management System 6) Dictionary Using IntelliSense 7) Dynamic Image Web Serve 8) E-Light Archiver 9) CredoSwipe 10) Cyber Warfare & Terrorism
