Solomon Esibe

SOLOMON CHINEDUM ESIBE Lagos, Nigeria | -|-| linkedin.com/in/solomon-esibe-82b417102 Summary A highly motivated and detail-oriented aspiring Cyber security Analyst with a solid foundation in network security, vulnerability management, and threat analysis. Eager to apply hands-on training with industry-standard security tools and frameworks like Qualys, Snort, and the OWASP Top 10 to help protect organizational assets and contribute to a robust security posture. Technical Skills • Security Tools: Qualys Vulnerability Management, Snort, Wireshark, OWASP ZAP, Nmap • Languages: Python (for security automation scripts, log parsing, and packet analysis with Scapy), SQL (for querying security event logs and user access databases) • Operating Systems: Linux (Debian/Ubuntu, Kali for security testing and server management), Windows • Frameworks & Concepts: OWASP Top 10, MITRE ATT&CK, Incident Response Lifecycle (PICERL), SOAR, Risk Management, SIEM Fundamentals Cyber Security Training & Hands-On Experience Qualys Vulnerability Management • Narrative: Trained to leverage the Qualys Cloud Platform to conduct comprehensive vulnerability scans, interpret results, and manage the remediation lifecycle from detection to closure. • Hands-On Labs: ◦ Configured and executed authenticated and unauthenticated vulnerability scans across diverse assets in a lab environment. ◦ Analyzed scan reports to prioritize findings based on Common Vulnerability Scoring System (CVSS) scores and asset criticality. ◦ Generated mock remediation tickets detailing vulnerabilities and providing actionable guidance for system administrators. Threat Intelligence • Narrative: Developed skills in gathering, analyzing, and applying threat intelligence from various sources to proactively identify and defend against potential threats. • Hands-On Labs: ◦ Utilized Open-Source Intelligence (OSINT) tools like Virus Total, Shodan, and AbuseIPDB to investigate Indicators of Compromise (IOCs) such as malicious IPs, domains, and file hashes. ◦ Mapped threat actor behaviors from intelligence reports to the MITRE ATT&CK framework to understand attack techniques. Network Traffic & Analysis with Snort • Narrative: Gained practical experience deploying and configuring the Snort Intrusion Detection System (IDS) to monitor network traffic for malicious signatures and anomalous behavior. • Hands-On Labs: ◦ Analyzed captured network traffic (PCAP files) in Wireshark to identify suspicious patterns indicative of an attack. ◦ Authored and tested custom Snort rules to generate alerts for specific threats, such as SQL injection attempts and unauthorized port scans. Incident & Risk Management • Narrative: Acquired a foundational understanding of the incident response lifecycle and risk assessment principles to effectively manage and mitigate security events. • Hands-On Labs: ◦ Participated in tabletop exercises simulating a ransomware attack to practice decision-making for containment and recovery. ◦ Applied a risk matrix to evaluate vulnerabilities based on their potential impact and likelihood, informing prioritization efforts. ◦ Drafted a complete incident report for a simulated data breach, detailing the event timeline, analysis, and lessons learned. OWASP Top 10 Web Application Security • Narrative: Developed a strong working knowledge of the OWASP Top 10, focusing on identifying and mitigating the most critical security risks affecting web applications. • Hands-On Labs: ◦ Used Burp Suite to intercept and manipulate HTTP requests to identify and exploit vulnerabilities like Broken Access Control (A01:2021) and Cross-Site Scripting (XSS). ◦ Executed basic SQL Injection (A03:2021) payloads within a secure, sandboxed web application to understand its impact and detection. Education Google Cybersecurity Certificate and ongoing SOC1 training on TryHackMe- https://tryhackme.com/p/engrsolomon.