Jeremy Banahene

Information Security Analyst

Ph. (804) 396-6402 | Em. Oseib2133@gmail.com

INFORMATION SECURITY ANALYST

Professional Summary
 10 years of experience in Cyber Security, Networking, Security audit, security
assessments, Risk Management, Security Awareness and Training, and Information
Systems Management.
 Experienced in the creation of reports on Cyber Security events and Vulnerabilities found
in vulnerability assessment scans using tools such as (Nessus, OpenVAS, Retina CS).
 Investigated and analyzing Cyber Security events found in vulnerability scans and
suggest countermeasures to mitigate the threats.
 Penetrated tested systems and networks for vulnerabilities and auditing by performing
Footprinting and Scanning using tools such as Nmap, Hping3, Whois lookup, Path
Analyzer Pro, OpUtils, Google hacking.
 Skilled in finding Cyber Security vulnerabilities and risks in computer networks and
resolve those vulnerabilities by ensuring patch management, security in-depth, and
updating systems.
 Performed security assessments and audits for compliance with the NIST Risk
Management Framework.
 Followed Incident Response Plan to mitigate system breach, document findings, and
perform post-incident analysis to update the Incident Response Plan.
 Performed Access Control Identity Management, Penetration Testing, Vulnerability
Assessment, SOC Analysis, Incident Response, and Threat Mitigation.
 Experienced in evaluating systems for Cyber Security best-practices and vulnerabilities
by performing systems Footprinting and scanning with tools such as Whois Lookup,
DNSstuff, Social Engineering Toolkits.
 Experienced in performing log analysis, intrusion detection/prevention, and incident
management as SOC Analyst by reviewing alerts from various SIEM tools.
 Hands-on experience in using tools such as IDA Pro, ArcSight, Splunk, LogRhythm,
AlienVault, Nessus, Wireshark, ForgeRock, Tcpdump, and Nmap.
 Skilled in collecting network traffic and perform analysis from network devices such as
Firewall, IDS/IPS, Antivirus, Switches, and Router traffic through Log and Event-based
on TCP/IP.
 Experienced with AWS Cloud Security and architectural technology.
  Experienced in monitoring systems for any anomalies, proper updating, and patch
management by taken systems baseline.
 Proficient in using encryption and hashing tools such as the MD5 online tool, Hash Calc,
and Crypto Demo.
 Experienced in malware analysis including viruses, worms, trojans, botnets, and rootkits
using both static and dynamic analysis.
 Good background knowledge on common protocols such as HTTP, FTP, SSH, DNS,
DHCP, SNMP, SMB, TLS, SSL.
 Expert in using applications such as Microsoft Office Suite/365 (Word, Excel,
PowerPoint).
 Skilled in Networking protocols and packet analysis tools, Computer Networking and
TCP/IP stack

Technical Proficiencies

Investigative/Pentest tools
 Wireshark  MyDNSTools
 NMAP  DIG
 Burpsuite  Path Analyzer Pro
 Email Tracker Pro  Maltego
 Web-stat  Recon-ng
 Whois  Netscan Tool Pro
 Protocol Analyzer  Colosoft ping tools
 Nessus  Proxy Switcher
 Saint  OpManager
 AirCrack-ng  Netcat
 Hashcat  AirCrack
 Zenmap  John the Ripper
 Netcraft  OpUtils
 Shodan  Engineer Toolset
 Geo IP Lookup tool  Kismet
 Ettercap  Cain and Abel
 Hping3

Operating Systems
SIEM  Security Onion
  Splunk  Kali
 ArcSight  Mac OS
 LogRhythm  Windows Server Desktop Editions

IDS/IPS
CYBERSECURITY FRAMEWORKs
 Snort
 HIPPA  Sourcefire
 NIST 800 SERIES  TippingPoint
 SOX  AlienVault
 COBIT  Advanced Threat Protection (ATP)
 RMF

PROFESSIONAL EXPERIENCE

ALTRIA GROUP, Richmond, VA

Cyber Security Engineer / Analyst
01/2018 – Present
Duties include monitoring alerts and network activity across the company’s computing
infrastructure. Implement policy, encourage awareness, and deliver guidance to reduce risk and
exposure.
 Monitored network traffic for security events and perform triage analysis to identify
security incidents with respect to Confidentiality, Integrity, and Availability.
 Responsible for detecting successful and unsuccessful intrusion attempts through
analysis of relevant event logs and supporting data sources by utilizing SIEM tools
such as Qradar and Splunk Enterprise.
 Experienced in working with AWS cloud security.
 Installed and configured of network security devices such as Firewall Palo Alto (Suite),
Routers, Switches, IDS/IPS using McAfee Endpoint, Symantec Endpoint, Carbon Black,
and Servers.
 Monitored, analyzed, and interpreted network traffic alerts using SIEM tools
 Skilled in how to collect security logs, application logs, system logs and monitors
privileged users to mitigate threats
 Monitored network traffic for suspicious activity by continuous monitoring with various
security tools (e.g., Wireshark, Tcpdump, Splunk, ArcSight) to identify potential
incidents, network intrusions, and malware events.
 Monitored systems, identifying, studying, and resolving all instances/events reported by
various SIEMs alerts (SourceFire, Tipping Point).
 I analyzed and researched large sets of logs on end devices to detect potential malicious
 activities.
 Conducted system security evaluations and assessments, documented and reported
security findings using NIST 800 guidance per the continuous monitoring requirements.
 Provided scanning of range operating systems and test beds using SCAP compliance tool
and Nessus vulnerability scanner for independent security analysis.
 Monitored systems, detecting, analyzing, and resolving all incidents/events reported by
various SIEM tools.
 Performed security control assessment of all assigned systems, developed test plans and
assessment reports in support of information security policy.
 Streamlined the phishing analysis to an almost analyst-free experience.
 Applied understanding the function and content of information security policies,
standards, procedures, and practices as well as threats, risks and vulnerabilities at a
functional level.
 Experienced in working with Azure cloud.
 Responded to computer security incidents by collecting, analyzing, providing detailed
evidence (network log files), and ensure that incidents are recorded and tracked in
accordance with its guideline and requirements.
 Participated in the creation of enterprise security documents (policies, procedures,
standards, guidelines, and playbooks) under the direction of the Chief Information
Security Officer.
 Assisted I.T staff with understanding and resolving system vulnerabilities.
 Conducted risk assessments and collaborated with Management and technical team to
provide recommendations regarding any changes that were being implemented on
assigned systems.
 Performed and analyzed vulnerability scan reports and worked with stakeholders to
establish plans for sustainable resolutions.
 Completed tasks such as researching and identifying security vulnerabilities on the
networks and systems.
 Used vulnerability analysis tools such as Nessus to run scans on operating systems.
 Monitored controls post authorization to ensure continuous compliance with the security
requirements by evaluating vulnerabilities through Nessus scan results and work with the
IT staff for mitigation actions.
 Reviewed the PAOM in order to validate the items uploaded in the POAM tracking tools
support the closed findings and coordinate promptly with stakeholders to ensure timely
remediation of security weaknesses.
 Researched emerging threats and vulnerabilities to aid in the identification of network
 incidents.
 Implemented deep drive analyses on alerts received from Splunk and took actions on
remediation process.

SAIC (Science Applications International Corporation) Virginia Beach, VA

Information Security Analyst
06/2014 – 1/2018
Responsibilities consisted of leveraging security best practices, applications and controls for the
system and network security to protect against threats and vulnerabilities
 Conducted risk assessments and collaborated with Management and technical team to provide
recommendations regarding any changes that were being implemented on assigned systems.
 Performed and analyzed vulnerability scan reports and worked with stakeholders to establish plans
for sustainable resolutions.
 Completed tasks such as researching and identifying security vulnerabilities on the networks and
systems.
 Used Nessus to run scans on operating systems.
 Monitored controls post authorization to ensure continuous compliance with the security
requirements by evaluating vulnerabilities through Nessus scan results and work with the IT staff
for mitigation actions.
 Performed threat and vulnerability analysis and providing warnings of anticipated
exploitation.
 Executed security monitoring and reporting, analyzing security alerts, and escalate
security alerts to local support teams.
 Monitored and tracked security vulnerabilities to ensure affected systems are patched.
 Monitored servers, network gears, and applications in the operation center environment.
 Experienced in analyzing phishing emails when detected, analyze malicious links and
attachments, analyze user impact via Splunk, remove phishing emails from exchange
servers and block unwanted URL/IP Address.
 Managed development of processes and procedures to improve incident response times,
analysis of incidents, and overall SOC functions.
 Perform Vulnerabilities Testing and Risk Assessment to prioritize risks and suggest
actions.
 Used Wireshark as sniffer tool for troubleshooting and inspecting packet.
 Evaluated a range of network and host-based security appliance logs (Firewalls, NIDS,
HIDS, Sys Logs, etc.) to ascertain the correct remediation actions and escalation paths for
each incident.
 Developed, implemented, and enforced network security procedures consistent with
security policies.
 Worked on different networking concepts and routing protocols like OSPF, RIP, BGP,
DHCP, DNS, and other LAN/WAN technologies.
 Analyzed expanding network, ran fiber, and implemented wireless communication
networks such as 802.11a, 802.11b, 802.11g, 802.11n and 802.11ac.
 Maintained and managed devices using monitoring tools like Nagios, SNMPv3, and
 resolving issues effectively.
 Resolved all IP network issues to reduce waste and downtime using ICMP tools such as
Ping, IP Config, Nbtstat, Netstat, Tracert, etc
 Performed Ethical Hacking on company network for vulnerabilities, auditing, verifying
security controls, exploitation, and generating reports.
 Performed security testing and analysis to identify vulnerabilities and violations of
information security.
 Monitored and analyzed Intrusion Detection Systems (IDS) alerts to identify security
issues for remediation.
 Used a safe browser to browse the internet intelligently and safely without executing
malicious files or content.
 Assessed security patch implementation according to the patch management program on
servers, workstations, and network environments for adequacy and efficiency.
 Handled updates for anti-virus software on systems.
 Worked as a key member on exclusive teams within a SOC that was committed to
resolving complex threats, and security issues, where I specialized in network-based
solutions for preventing attacks.
Verizon Wireless, Los Angeles, CA
Security Operations Analyst
3/2010 – 6/2014
 Supported day to day data security operations.
 Monitoring security patch levels of the servers, workstations and network environments, and anti-
virus systems.
 Performed proactive network monitoring and threat analysis.
 Recommended and addressed the acceptability of the software products for continuous monitoring
project.
 Monitored and analyzed Intrusion Detection Systems (IDS) to identify security issues for
remediation.
 Assisted in planning, development and security of a system that aims to establish a security
infrastructure.
 Developed and maintained security Implementation policies, procedures and data standards.
 Executed security data management plans for the design and implementation of data collection,
scheduling and review clarification and reporting systems.
 Experience investigating, capturing, and analyzing events related to cyber incidents
 Documented and logged technical incident detail for future reference.
 Developed and implemented a complete restructure of security groups to more effectively manage
domain permissions to resources.
 Assessed business process to identify potential risks.
 Experience researching emerging cyber threats to understand and present hacker methods and
tactics, system vulnerabilities, and indicators of compromise
 Analyzed log data from SIEM tools such as Splunk, and WireShark to identify threats and
vulnerabilities on the network to prevent cyber security incidents.
 Monitored and analyzed Intrusion Detection Systems (IDS) to identify security issues for
remediation.
 Monitored the general support system for vulnerabilities and threats including patch management,
weak password settings, and weak configuration settings.
 Managed Security Assessment and Authorization (SA&A) process to support continuous
monitoring activities in accordance with NIST and FISMA requirements and guidelines.
 Reviewed and analyzing log files to report any unusual or suspect activities.
 Worked with system data including but not limited to security event logs, system logs, proxy and
firewall logs.
 Assisted in deploying network monitoring and threat analysis.
 Monitored the TCP / UDP / IP traffic and turned off ICMP protocol on servers that
contained confidential business data.
 Reviewed cybersecurity controls to determine if the controls were implemented correctly.
 Trained users with Cloud migration, Acceptable use policy, Systems Updating, Patch
Management, Social Engineering awareness and training, Password best practices, Handle
Emails, Endpoint protection, Encryption, Hashing, Network Defends, etc.
 Distributed weekly security status reports to executives.
 Executed incident response within the incident response development (detection, triage,
analysis, mitigation, reporting, and documentation).
 Responsible for change management procedures by auditing and evaluating change
management logs for accountability.
 Organized application teams to implement encryption and tokenization solutions for level
six processes on the OSI model.
 Experienced knowledge of network devices (Cisco routers and checkpoint security
solutions).
 Assisted in Incident Response and systems recovery to mitigate threats
 Monitored traffic for anomalies based on alerts received from various sources, triggers,
and tickets generated by internal government staff and endpoint devices.
 Assessed and analyzed log files to report any unusual or suspect activities.
 Designed and continuously upgraded standard operational processes used by the SOC.
 Identified and assessed applicable risks, determining appropriate mitigating actions,
developing a Cyber Supply Chain Risk Management (C-SCRM) Plan to document
selected policies and mitigating actions, and monitoring performance against the Plan.
 Focused on increasing visibility and control over the organization, partners, suppliers, and
customers.
 Ensured Supply chain security by applying end-to-end process encryption across the entire
supply chain and providing enhanced systems assurance and safe working environment.
 Tracked and traced programs through established sources of all parts, components, and
systems.
 Ensured that Security requirements are included in every Request for Proposals (RFP) and
contract documents.
 Managed selected vendors in the formal supply chain, are educated and address any
vulnerabilities and security gaps
 Implemented security policies and controls with respect to vendor products that are either
counterfeit or do not match specifications
 Education
 Bachelor of Science in Logistics Supply Chain Management

Training and Certifications

 CompTIA Security + Certified – CE
 CompTIA Network + Certified – CE
 EC-Council Certified Ethical Hacker – CEH
 AWS Certified Solutions Architect – Associate