Profiles search

Erhan Saygin

Information Security Analyst | CompTIA Security+ | Security Operations | Cloud | Qualys | Splunk
Wylie, TX, United States

Details

Experience: * Create and track incidents and request with integrated ServiceNow (SNOW) ticketing and

automation system

• Packet-level analysis of network traffic to determine malicious events. This involves looking/examining packet details to extract domains, IPs, ports, and services involved in communication and triaging the details of the traffic against known malicious databases to determine anomalies.

• Used keywords to search logs (BlueCoat, Splunk) in order to identify users who have visited malicious sites or violated network policy. Also monitoring and analyzing data feeds of event logs like firewall logs.

• In-depth knowledge and experience with RMF, eMASS, APMS, and DoD scorecard reporting.

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and

assist in remediation of security incidents

• Perform analysis of log files of Firewall, IPS, IDS, Server and Proxy via Splunk

Conduct in-depth analysis of security events using SIEM platforms, network traffic analysis

tools, and other security monitoring technologies.

• Provide analysis and containment of compromised systems and mitigate root causes

• Identify, track, and investigate high-priority threat campaigns, malicious actors with the

interest, capability and TTPs (Techniques, Tactics and Procedures)

Provide support and collaborate Level 1 analysts to the Security Operations Center during

incident response and threat hunting activities that includes cyber threat analysis support, research, recommending relevant remediation and mitigation

• Perform forensic analysis to identify root cause analysis in logs, traffic flows and phishing

activities to identify malicious actors

• Review existing policies and guidelines to ensure compliance with National Institutes of

Technology (NIST) Risk Framework

* Expert in Vulnerability Assessment using Qualys, Nessus, and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.

2021 : Present

SCS

Information Security Analyst

* Follow detailed operational processes and procedures to appropriately analyze, escalate, and

assist in remediation of security incidents by using Microsoft 365 Defender.

• Managed and provided troubleshooting assistance for various technological systems,

software, and networks, improving overall efficiency and reliability

* Assisted with Identity and Access Management (IAM) services in Azure, enhancing the

company's security posture

• Developed and implemented an anti-phishing campaign and enforced

Multi-Factor Authentication (MFA) among staff, resulting in a significant reduction in

cybersecurity incidents

• Configured hybrid connectivity between Azure and on-premises environments, facilitating

seamless data transfer and improved operational capabilities

• Led incident response and recovery procedures, mitigating potential damages and

enhancing business continuity practices.

• Strong communication and teamwork abilities, collaborating with cross-functional teams

and effectively communicating technical concepts to non-technical stakeholders.

2017 : 2021

HPS

Security Operations Center Analyst
Company: SCS
Spoken Language: English, Turkish

About

Having a year of experience I am a confident, fast-working researcher, and collaborative team member, excellent problem solver, and have passion for continual learning and development. I have a very diverse background and am familiar with very different cultures of the world.

Holding COMPTIA + Security Certificate

Having knowledge of vulnerability assessment, and management.

Experience in using scanning tools like Nmap, Wireshark, Burp Suite, Nessus, Metasploit in Kali Linux

Experience in log analysis on the SIEM by using Splunk and Microsoft Sentinel, and based on the result, making recommendations to protect from possible threats.

Having experience and foundational knowledge about script tools, such as Python.

Having experience in conducting penetration tests on virtual machines by implementing specific tools like Metasploit frameworks in Kali Linux.

Having foundational understanding of TCP/UDP protocols and port setting for possible security threats.

Having foundational knowledge of NIST guidelines.

Having foundational understanding of OSI layers and implementing the knowledge for secure networking.

Having foundational understanding of Security tools, IDS, IPS and Firewalls, and their functionalities.