Rafael Ferrao
Cyber Security Operations Center Analyst
Kempton Park
Summary
Accomplished SOC Analyst with extensive experience at First National Bank, excelling in threat hunting, detection engineering, and incident response. Skilled in crafting advanced detections using Splunk and Microsoft query languages to proactively mitigate risks. Adept at fostering cross-team collaboration and aligning security operations with business goals to enhance organizational resilience and security posture.
Overview
3
3
years of professional experience
3
3
years of post-secondary education
6
6
Certifications
Work History
Security Operations Center Analyst L2
First National Bank, FNB
05.2024 - Current
- Led in-depth investigations of security incidents, correlating data across Splunk, endpoint detection tools, and network telemetry to determine impact and root cause.
- Proactively hunted for advanced threats by correlating behavioral anomalies, threat intel, and endpoint/network telemetry across Splunk and EDR platforms.
- Developed hypotheses based on MITRE ATT&CK and threat reports, turning them into actionable hunts and detections.
- Built custom queries and dashboards in Splunk to support threat hunting and trend analysis.
- Designed and fine-tuned detection rules and correlation searches in Splunk, improving signal-to-noise ratio and detection accuracy across the SOC.
- Operationalized threat intelligence into technical detections, aligning rules with evolving adversary TTPs (MITRE ATT&CK framework).
Security Operations Center Analyst L1
First National Bank, FNB
05.2023 - 05.2024
- Monitored and triaged security alerts in real time using SIEM platforms like Splunk to detect potential threats and anomalies.
- Performed initial investigation and escalation of incidents based on defined playbooks and procedures.
- Assisted in maintaining threat intelligence feeds and indicators of compromise (IOCs) used in day-to-day operations.
- Supported phishing triage efforts by analyzing suspicious emails and identifying malicious indicators.
- Participated in tabletop exercises and on-the-job training to build incident response and analysis skills.
Security Operations Center Analyst Intern
First National Bank, FNB
11.2022 - 03.2023
- Gained hands-on experience with security tools and platforms, including SIEM (Splunk), endpoint protection, and ticketing systems.
- Helped document processes, create runbooks, and improve internal knowledge bases.
- Participated in team meetings, threat intel briefings, and knowledge-sharing sessions to build cybersecurity fundamentals.
- Completed foundational certifications and labs to strengthen knowledge of threat actors, incident response, and network security.
Cyber Security Candidate
IACD
03.2022 - 08.2022
- Developed a strong foundational understanding of cybersecurity principles, including threat types, risk management, cryptography, and secure network architecture.
- Completed hands-on labs and virtual training in areas such as incident response, access control, vulnerability scanning, and basic forensics.
- Explored real-world threats and attack vectors through self-guided studies and online platforms like TryHackMe.
- Built a foundational mindset around blue team operations, threat detection, and cyber defense lifecycle.
Education
Bachelor of Science - Information Technology
Eduvos
Bedfordview, South Africa 01.2019 - 11.2021
Skills
- Tools & Platforms: Splunk (Advanced), EDR platforms, Threat Intelligence Feeds
- Techniques: Threat Hunting, Detection Engineering, Incident Response
- Languages & Querying: SPL (Splunk), Kusto Query Language (KQL), Structed Query Language (SQL), Python, Java
- Frameworks: NIST, MITRE ATT&CK, ISO 27001
- Soft Skills: Clear reporting, mentoring, cross-team collaboration
Certification
CompTIA - Security+ Certification
Timeline
Security Blue - Blue Team Level 1 (BTL1)
04-2025
Splunk - Core Certified Advanced Power User
11-2024
Security Operations Center Analyst L2
First National Bank, FNB
05.2024 - Current
Group-IB - Blue Team Analyst
08-2023
Splunk - Core Certified Power User
06-2023
Security Operations Center Analyst L1
First National Bank, FNB
05.2023 - 05.2024
Splunk - Core Certified User
03-2023
Security Operations Center Analyst Intern
First National Bank, FNB
11.2022 - 03.2023
CompTIA - Security+ Certification
09-2022
Cyber Security Candidate
IACD
03.2022 - 08.2022
Bachelor of Science - Information Technology
Eduvos
01.2019 - 11.2021
Similar Profiles
Chonya HamweendoChonya Hamweendo
Sales and Service Consultant at First National Bank, FNBSales and Service Consultant at First National Bank, FNB
Jaela MeekJaela Meek
Bank Teller at First National Bank, FNBBank Teller at First National Bank, FNB
Kaylush SubayaKaylush Subaya
NON-MOTOR CLAIMS ASSESSOR at FIRST NATIONAL BANK (FNB)NON-MOTOR CLAIMS ASSESSOR at FIRST NATIONAL BANK (FNB)
Marike BenadieMarike Benadie
Teacher at Laerskool Mooifontein PrimaryTeacher at Laerskool Mooifontein Primary
Linda ShamuyariraLinda Shamuyarira
Educator at St Catherines SchoolEducator at St Catherines School