Profiles search
Vitalis Kwene
An accomplished Security Analyst with 4 plus years of experience in Information Technology and Cybersecurity, encompassing desktop support, network administration, network security and cyber security in diverse busines
Lanham, MD, United States
Details
Experience:
▪ Track threat actors, their tactics, techniques, and procedures (TTPs), and their associated Indicators of Compromise (IOCs).
▪ Capture intelligence on threat actor TTPs/IOCs and coordinate it with Open-Source Intelligence (OSINT).
▪ Monitor security solutions using Splunk; SIEMs, firewall appliances, intrusion prevention systems, data loss prevention systems, analysis tools, log aggregation tools.
▪ Improve work-flow processes through SOP and work templates.
▪ Conduct proactive monitoring, investigation, and mitigation of security incidents
▪ Analyze security event data from the network (IDS, SIEM).
▪ Perform static malware analysis on isolated virtual servers
▪ Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
▪ Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
▪ Research new and evolving threats and vulnerabilities with potential to impact the monitored environment
▪ Conduct log analysis using Splunk
▪ Identify suspicious/malicious activities or codes.
▪ Monitoring and analysis of security events to determine intrusion and malicious events.
▪ Search firewall, email, web, or DNS logs to identify and mitigate intrusion attempts.
▪ Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis.
2021 : Present
Metropolitan Washington Airports Authority
Information Security Analyst
▪ Addressed, implemented, and repaired routing, IP switching, firewalls and remote protocols on LAN, WAN and VLAN and WLAN.
▪ Supported Network Technologies- Ethernet, TCP/IP, VoIP, Wi-Fi, Mobile, FTP, SNMP, VPN, DHCP, NAT, DNS, SSL, SSH and TLS.
▪ Opened and managed WebEx conference calls during system, web, or service outages.
▪ Monitored internet traffic and configured load balancers for effective network distribution.
▪ Troubleshoot numerous incident tickets to resolve customers’ issues.
▪ Supported multiple technical service platforms in the mainframe, client-servers, and proxy servers.
▪ Maintained and updated enterprise backup tapes and files.
▪ Documented and provided report to management before, during and after any incident. Provided tier 2 technical assistance and support to onsite and remote associates.
▪ Supported applications like NetIQ, Azure, Oasis, Unity, MYIT, ATLAS, VMware, Outlook, Azure, Cisco, McAfee, Bitlocker, AirWatch, and Good Mobile Messaging.
▪ Updated and controlled software patches and antivirus signatures on systems.
▪ Managed SharePoint, Outlook, Airwatch, Skype for business, and MS office Suite.
▪ Troubleshoot network printers, server, desktop, and network systems.
▪ Performed diagnostic software programs to resolve problems faced by remote associate.
▪ Supported IAM tickets through Active Directory, Mainframe, Azure and MOAT systems.
▪ CSAM, CISCO Firewalls, Incidence response, malware analysis, IDS, IPS, Nessus, Wireshark, AWS
2015 : 2018
Capital Care, Inc.
Information Security Analyst
▪ Capture intelligence on threat actor TTPs/IOCs and coordinate it with Open-Source Intelligence (OSINT).
▪ Monitor security solutions using Splunk; SIEMs, firewall appliances, intrusion prevention systems, data loss prevention systems, analysis tools, log aggregation tools.
▪ Improve work-flow processes through SOP and work templates.
▪ Conduct proactive monitoring, investigation, and mitigation of security incidents
▪ Analyze security event data from the network (IDS, SIEM).
▪ Perform static malware analysis on isolated virtual servers
▪ Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
▪ Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
▪ Research new and evolving threats and vulnerabilities with potential to impact the monitored environment
▪ Conduct log analysis using Splunk
▪ Identify suspicious/malicious activities or codes.
▪ Monitoring and analysis of security events to determine intrusion and malicious events.
▪ Search firewall, email, web, or DNS logs to identify and mitigate intrusion attempts.
▪ Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis.
2021 : Present
Metropolitan Washington Airports Authority
Information Security Analyst
▪ Addressed, implemented, and repaired routing, IP switching, firewalls and remote protocols on LAN, WAN and VLAN and WLAN.
▪ Supported Network Technologies- Ethernet, TCP/IP, VoIP, Wi-Fi, Mobile, FTP, SNMP, VPN, DHCP, NAT, DNS, SSL, SSH and TLS.
▪ Opened and managed WebEx conference calls during system, web, or service outages.
▪ Monitored internet traffic and configured load balancers for effective network distribution.
▪ Troubleshoot numerous incident tickets to resolve customers’ issues.
▪ Supported multiple technical service platforms in the mainframe, client-servers, and proxy servers.
▪ Maintained and updated enterprise backup tapes and files.
▪ Documented and provided report to management before, during and after any incident. Provided tier 2 technical assistance and support to onsite and remote associates.
▪ Supported applications like NetIQ, Azure, Oasis, Unity, MYIT, ATLAS, VMware, Outlook, Azure, Cisco, McAfee, Bitlocker, AirWatch, and Good Mobile Messaging.
▪ Updated and controlled software patches and antivirus signatures on systems.
▪ Managed SharePoint, Outlook, Airwatch, Skype for business, and MS office Suite.
▪ Troubleshoot network printers, server, desktop, and network systems.
▪ Performed diagnostic software programs to resolve problems faced by remote associate.
▪ Supported IAM tickets through Active Directory, Mainframe, Azure and MOAT systems.
▪ CSAM, CISCO Firewalls, Incidence response, malware analysis, IDS, IPS, Nessus, Wireshark, AWS
2015 : 2018
Capital Care, Inc.
Information Security Analyst
Company:
Metropolitan Washington Airports Authority
About
An accomplished Security Analyst with 4 plus years of experience in Information Technology and Cybersecurity, encompassing desktop support, network administration, network security and cyber security in diverse business environments that demand strong organizational, technical, and interpersonal skills. Detail-oriented and resourceful with a proven ability to complete independent and team projects on time and in accordance with company goals and client needs. In dept practical experience in security Operation Center (SOC), Risk Assessment, System Development Life Cycle (SDLC), Cyber Threat Intelligence (CTI), Cyber Threat Research, Network Operation center (NOC) and System Administration Support. Also applied security processes and standards like SDLC, Cyber Kill Chain, Tactics Techniques and Procedures (TTPs), FedRAMP, FISMA, ISO and NIST.
Profile Photo
