Post-Incident Analysis and Reporting
Nilson Tang
Senior SOC Analyst/CERT Team Member
Hong Kong
Summary
Seasoned cybersecurity professional with over 5 years of extensive experience as a Security Operations Center (SOC) Analyst, CERT team member, and Security Engineer/Analyst. Skilled in incident response, threat detection, SIEM management, and implementing advanced security measures. Seeking a challenging role to leverage expertise in enhancing cybersecurity strategies and mitigating emerging threats for organizational resilience and security excellence.
Overview
6
6
years of professional experience
5
5
years of post-secondary education
3
3
Certifications
3
3
Languages
Work History
Senior SOC Analyst/CERT Team Member
Thales
05.2021 - Current
- Managed Security Information and Event Management (SIEM) platform, including creating and fine-tuning correlation rules and mappings with MITRE ATT&CK framework, enhancing threat detection capabilities.
- Utilized tools such as malware sandbox, Endpoint Detection and Response (EDR) systems like Sentinel One, email protection solutions such as ProofPoint, and orchestration platforms like XSOAR to proactively identify and respond to security threats.
- Contributed to Computer Emergency Response Team (CERT) in responding to security incidents, coordinating efforts to contain and eradicate threats effectively.
- Assisted in developing incident response playbooks and SOPs, supporting streamlined response processes and adherence to industry best practices.
- Participated in post-incident analysis and reporting, assisting in identifying root causes and recommending preventive measures to enhance security posture.
- Supported tabletop exercises and simulations to test incident response readiness and improve team coordination.
- Maintained accurate documentation of all CERT activities, facilitating knowledge sharing across multiple business units.
- Reduced false alarms by fine-tuning intrusion detection system configurations based on historical analysis of incidents.
Security Engineer/Security Analyst
CITIC Telecom CPC
07.2020 - 05.2021
- Provide 2nd tier support on Managed Security Services, specifically on information security incident management; Investigate, respond and provide recommendations in timely manner
- Design and maintain SIEM(Splunk) rules with on-going tuning
- Implemented, and maintained security controls and technologies to protect against cyber threats and vulnerabilities, including hardware and software hardening measures.
- Prepare, review and update operation procedures and guidelines
- Perform Managed Security Services devices change management; Test and apply patches or upgrades with records
- Prepare service reports for customer and internal parties
- Regular meeting with customer for service review
SOC Analyst
Thales
10.2018 - 07.2020
- Assisted in monitoring and analyzing security events and alerts to identify potential threats and vulnerabilities.
- Supported incident response activities, including initial investigation, documentation, and escalation of security incidents.
- Contributed to development and maintenance of SOC processes, procedures, and documentation.
- Participated in security tool deployment(e.g. Log Collector/Receiver, SIEM, Firewalls, VPNs & VMs) and configuration, ensuring optimal performance and effectiveness.
- Collaborated with senior SOC analysts to enhance threat detection capabilities and response strategies.
- Prepare service reports for customer and internal parties
- Monthly meeting with customer for service review
Education
Information System Security -
Sheridan College
Oakville, Toronto, ON 09.2013 - 09.2018
Skills
Endpoint Security
Incident Response
SIEM management
Metasploit Framework
Tabletop Exercises and Simulations
Post-Incident Analysis and Reporting
Certification
CISSP - Certified Information System Security Professional
CISM - Certified Information Security Manager
Blue Team Level 1 (BTL1)
Timeline
Senior SOC Analyst/CERT Team Member
Thales
05.2021 - Current
Security Engineer/Security Analyst
CITIC Telecom CPC
07.2020 - 05.2021
SOC Analyst
Thales
10.2018 - 07.2020
Information System Security -
Sheridan College
09.2013 - 09.2018
Similar Profiles
Laurent HIRSCHLaurent HIRSCH
Responsable Opérationnel Client at ThalesResponsable Opérationnel Client at Thales
Omar SIXOmar SIX
Marketing and Sales Executive at ThalesMarketing and Sales Executive at Thales
Patrick KennedyPatrick Kennedy
Machine Operator at ThalesMachine Operator at Thales