Daily duties include managing and investigating Sourcefire and RSA Security Analytics alerts.Successfully deployed and integrated Sourcefire Defense Center and 8 sensors in EMEA, OCEANIA and AMERICAS with RSA Security Analytics.Designed and deployed global RSA Event Stream Analysis (ESA) appliance and RSA Global Broker.Increased event notifications between Managed Service Provider and Confidential by improving reporting formats.Created processes and procedures for Security Operations to obtain daily threat intelligence and profile possible attackers.Created processes and procedures for event notifications and investigation triage.Created global procedure for onboarding new servers into Log Management Program.Successfully configured and monitored Security and System logs for over 8,000 servers globally. Achieved 95% compliance on log monitoring audit finding within 1 month.Provide monthly reports to senior management on current trending of cyber related events alerted via security infrastructure.Successfully designed and implemented Security Analytics Archiving solution to archive 12 months of log data.Lead 4 engineers in daily management of security environment tools and forensics operations.Operating Systems: Windows, Linux, MAC OSX, Backtrack 5 r3, Kali Linux Open Source Security & Research Tools: Wireshark, Cuckoo, Metasploit, Kiwi Syslog, Maltego Radium CE, Volatility, Recon - ng, Autopsy, OllyDbg, Hex Workshop Hex Editor, CFF Explorer, PEStudio, TOR Browser Bundle, PeiD, FOCA, PEView, DCode, IDAPro, Python, Perl Enterprise Security Tools: NetWitness, Palo Alto Networks, Cisco ASA, Bit9, Log Logic, Veracode, McAfee, Symantec, PwnieExpress, Sourcefire, McAfee Intrashields, FTK Enterprise, Access Data MPE, Rapid7 Nexpose, Imation Iron Key Enterprise, Maltego Radium, RSA Security Analytics, Solarwinds
0 kommentar(er)
