Tomasz Wilczyński
Cyber Security Analyst
Warszawa,
mazowieckie
Umiejętności
Cisco IOS
Microsoft Word
Juniper Junos
Środowisko Windows
bezpieczeństwo sieci
Certyfikat Cisco CCNA Routing and Switching
Języki
angielski
podstawowy
Doświadczenie zawodowe
Cyber Analyst
Cyber Analyst in Global Security Operations Center
-Monitoring real-time security breach events
-Analysis of detected security incidents
-Categorize security incidents and prioritize them
-Finding relationships between events, correlating cases, branches, alerts, incidents
-Collect key information and describe them for the needs of the second line of support and carers and business system owners
-Cooperation with the second and third SOC line and world-wide markets
-Maintain technical documentation and operational logs
Network monitoring :
-working with IDS and IPS devices
-DLP and UTM solutions, L3 firewalls, WAF's and ACL-based device's
-Taking active role against attack type of SPAM, Phishing and Spear Phishing.
-Taking a training with users via a lot of different SPAM campaigns.
-Participating in DevOps, learning processes and building a ready-made solution
-Close cooperation with IBM and Cisco on the development of playbook processes, solutions, and introductory guides in GSOC processes
-Close cooperation with Threat Intel Department
-Business trips abroad as part of the need
-Ability to work in highly advanced SandBox environment
-Analysis of detected security incidents
-Categorize security incidents and prioritize them
-Finding relationships between events, correlating cases, branches, alerts, incidents
-Collect key information and describe them for the needs of the second line of support and carers and business system owners
-Cooperation with the second and third SOC line and world-wide markets
-Maintain technical documentation and operational logs
Network monitoring :
-working with IDS and IPS devices
-DLP and UTM solutions, L3 firewalls, WAF's and ACL-based device's
-Taking active role against attack type of SPAM, Phishing and Spear Phishing.
-Taking a training with users via a lot of different SPAM campaigns.
-Participating in DevOps, learning processes and building a ready-made solution
-Close cooperation with IBM and Cisco on the development of playbook processes, solutions, and introductory guides in GSOC processes
-Close cooperation with Threat Intel Department
-Business trips abroad as part of the need
-Ability to work in highly advanced SandBox environment
System and Network Operator -ATM
System and Network Operator
-Interacting with vendors and customers for problem notification and resolution
-Monitors, troubleshoots, and escalates to appropriate fix agents within the fault and Incident
-Assists with remote restore issues on various network platforms
-Manage incident, problem, and change tickets in accordance with change management guidelines and procedures
-Provide input and feedback for the use and optimization of NOC management applications/tools and NOC processes and procedures
-Provide quality, timely, and accurate end-to-end support for any issues within defined areas of responsibility, including but not limited to phone, email and instant message contacts; document/track incidents in the ticketing system
Tools:
-Fastgis
-ServiceNow
-Jira
-Nagios
-Monitoring based on SNMP protocol
-Monitoring based on SCADA
-Monitors, troubleshoots, and escalates to appropriate fix agents within the fault and Incident
-Assists with remote restore issues on various network platforms
-Manage incident, problem, and change tickets in accordance with change management guidelines and procedures
-Provide input and feedback for the use and optimization of NOC management applications/tools and NOC processes and procedures
-Provide quality, timely, and accurate end-to-end support for any issues within defined areas of responsibility, including but not limited to phone, email and instant message contacts; document/track incidents in the ticketing system
Tools:
-Fastgis
-ServiceNow
-Jira
-Nagios
-Monitoring based on SNMP protocol
-Monitoring based on SCADA
Customer Service Specjalist
Customer Service - ATM
-Customer support and help in solving customer IT issues (first line of support)
-Coordination - receiving, forwarding to further support lines, and monitoring user requests
-Helpdesk help
-Correspondence and customer support in English
-Analysing customer needs and suggestions
-Registration of notification "Remote Hands" type
-Granting permissions on client portals
-Dedicated product customer support
-Create announcement for colocation and authorize visitors
-Make changes to access lists for collocation and backup offices
-Coordination - receiving, forwarding to further support lines, and monitoring user requests
-Helpdesk help
-Correspondence and customer support in English
-Analysing customer needs and suggestions
-Registration of notification "Remote Hands" type
-Granting permissions on client portals
-Dedicated product customer support
-Create announcement for colocation and authorize visitors
-Make changes to access lists for collocation and backup offices
Szkolenia i kursy
Certification :
- CISCO CCNA R&S
In the way :
-CISCO CCNP R&S
-CEH
-CompTIA+ Security
- CISCO CCNA R&S
In the way :
-CISCO CCNP R&S
-CEH
-CompTIA+ Security
Specjalizacje
IT - Administracja
Administrowanie sieciami
IT - Administracja
Bezpieczeństwo/Audyt