Summary
Overview
Work History
Education
Skills
Accomplishments
Languages
Certification
Timeline
Generic

Charles Okocha

Summary

Cybersecurity and cloud professional with 6+ years of experience across SIEM engineering, Azure administration, and security operations. Proven expertise with ArcSight, QRadar, Splunk, and Azure Sentinel, including developing correlation rules, onboarding 1,000+ devices, tuning connectors, and building dashboards that improve SOC detection. Adept at integrating security tools, automating log ingestion, and optimizing SIEM performance to reduce false positives and accelerate incident response. Strong foundation in Windows/Linux systems, cloud infrastructure, and identity management with a track record of strengthening enterprise security posture.

Overview

6
6
years of professional experience
1
1
Certification

Work History

Senior Technical Support Specialist(SIEM Engineer)

OpenText
04.2024 - Current
  • Resolved critical Logger swap memory exhaustion in 3 production environments by applying MySQL memory locking, kernel tuning, and JVM heap optimization, reducing swap usage from 100% to 0%.
  • Diagnosed and fixed timezone-related ingestion failures in SAP Real-Time Security Audit connectors processing 4.2M events/day, restoring continuous 24/7 collection.
  • Troubleshot SSL/TLS handshake failures for Windows Native Event Log connectors across 134 servers, configuring WinRM HTTPS listeners and certificates to restore full Security/System/Application log flow.
  • Engineered recovery for ArcMC agent upgrade failures by implementing manual installation procedures and LocalSystem permissions, restoring management for 15+ distributed Logger nodes.
  • Automated certificate renewal for ESM port 9000 services with keytool scripting, eliminating service disruptions across multi-manager deployments.
  • Developed PowerShell health-check scripts to monitor connectors, achieving 95% auto-remediation of JVM termination issues.
  • Reduced connector deployment time from days to hours by resolving multi-layer issues (date parsing, folder permissions, timezone mismatches).
  • Delivered comprehensive memory management solutions (MySQL buffer pools, huge pages, kernel swappiness), improving Logger throughput by 30%.
  • Documented fixes for “Access Denied” JVM wrapper service errors, preventing 8-hour outages in critical log collection infrastructure.

Azure Admin / Engineer

Ontario Teachers Insurance Plan. OTIP
05.2021 - 04.2024
  • Managed Azure infrastructure (VMs, networking, AD, RBAC, backup, site recovery), improving scalability and resilience.
  • Integrated Azure Sentinel SIEM to monitor subscriptions, configure alerts, and strengthen compliance posture.
  • Automated resource deployments with ARM templates, Azure CLI, and PowerShell, reducing manual effort by 30%.
  • Deployed governance policies for RBAC, VM sizing, and tagging, ensuring cloud security and cost optimization.
  • Guided adoption of Zscaler, MFA/SSO, and conditional access, elevating enterprise security maturity.
  • Wrote, reviewed and edited technical document in accordance with template requirements.

Windows System Engineer

Manulife Americas. (ON Canada)
09.2019 - 05.2021
  • Working as Windows server admin. Installing, configuring and troubleshooting on the Windows server 2008 2008R2 and 2012.
  • Responsible for third-level support for all server related issues. Implemented security policy and virus protection
  • Participated in complete system builds, upgrades, migrations, code deployments and patch management.
  • Prepared and maintained documentation of technologies, standards and procedures.
  • Responsible to maintain all windows servers operating systems from Windows 2008 R2- 2012 .
  • Administrated server consolidation program through use of VMware ESX server and VMware Virtual Center, creating VMs, using/building VM templates and customization files, and scheduling tasks.
  • Assist in P2V and V2V conversion of Windows 2000 and Windows 2003 server editions using enterprise VMware converter and also installed the VMware tools on that machines.
  • Installation, configuration and management of multiple server suites Windows 2003/2008 on VMware ESX server
  • Job includes installation and configuration of VMware ESXi 4.1, installation and configuration of VMware Virtual Center Server and creating Virtual Machines
  • Prepared the strategy and implemented ESXi Migration.
  • Implemented the migrations of ESX servers from 3.5 to 4.0 and from 4.0 to ESXi 4.1
  • Designed and implemented vSphere 5.0/5.1 Lab environment.
  • VMware cluster with HA and DRS.
  • Performed Hot Cloning, Cold Cloning, Classic vMotion and Storage vMotion.
  • Security hardening and Monitoring of VM's ESX servers CPU, Memory, Disk, Network Utilization for Security Compliance.
  • Designing an Active Directory and Network Infrastructure, Forest and Domain Infrastructure.
  • Implementing Group Policy, Managing and Monitoring Dynamic Host Configuration Protocol DHCP managing and monitoring Domain Name System DNS .
  • Installation, configuration and administration of Windows 2008 R2/Windows 2012 server core domains in an enterprise network environment.
  • Configuring Mail server for remote Access, recipient policy, Server Policy, Mailbox policy.
  • Administering Information store Management, Public folder Management, Exchange system Manager Management, Groups and Address List Management, administrative Group Management
  • Setting up permission, delegating permission, Routing Groups and Routing groups Connectors.
  • Provide support to application teams on IIS configuration, Ensure availability and capacity of key services such as file, print, DHCP and DNS.
  • Server hardware troubleshooting by using through RIB/ILO and HP SIM .
  • Hardware firmware upgrade for physical servers like HP, Dell and IBM.
  • Performance optimization, regular health checks on servers and Systematic Troubleshooting of problems.
  • Installing and Managing Active directory and FSMO Roles Transfer in Active Directory forest.
  • Troubleshooting replication issues in active directory.

Education

Bachelor's degree - Applied Information Technology in Economics

Volgograd State Technical University Russia

Skills

  • SIEM Platforms: ArcSight ESM/Logger/Connectors, Splunk, IBM QRadar, RSA EnVision, AlienVault, Azure Sentinel
    Threat Detection: Correlation rules, dashboards, reporting, MITRE ATT&CK, incident escalation, false-positive reduction
    Engineering & Integration: FlexConnector/UDS parser development, systemd automation, log parsing, connector tuning
    Cloud Security: Azure (IaaS, PaaS, Sentinel SIEM, AD, RBAC), AWS Security, Azure Site Recovery, Key Vault
    Security Tools: IDS/IPS, SOAR (Phantom), Zscaler, BeyondTrust, Trend Micro, SafeNet, Palo Alto, FireEye
    Infrastructure: VMware, Hyper-V, RHEL/Linux, Windows Server, Active Directory, DNS, VPN, MFA/SSO
    Scripting & Databases: PowerShell, Shell, SQL, Azure CLI, Oracle, MySQL, MSSQL

Accomplishments

  • Optimized ArcSight Logger performance, reducing swap usage from 100% to 0% in 3 production environments, ensuring uninterrupted log ingestion.
  • Restored high-volume log collection by fixing SAP audit connector failures impacting 4.2M events/day, eliminating data loss and restoring compliance reporting.
  • Cut connector deployment time by 70% by resolving multi-layer parsing and timezone issues, accelerating onboarding of critical log sources.
  • Improved SOC efficiency by 35% through fine-tuning ArcSight correlation rules and filters, reducing false positives and triage workload.
  • Prevented 8-hour outages in log collection infrastructure by documenting and resolving JVM wrapper permission failures.
  • Strengthened enterprise cloud security posture by implementing Azure Sentinel monitoring, RBAC, MFA/SSO, and governance policies, ensuring compliance across multi-subscription environments.
  • Automated certificate renewals and connector health monitoring with PowerShell and keytool scripting, achieving 95% auto-remediation success rate and eliminating manual errors.

Languages

English
Native or Bilingual

Certification

  • Microsoft Azure Fundamentals certification (AZ900)
  • Microsoft Azure Certified Administrator (AZ104)
  • CompTIA Security +
  • CompTIA Network +
  • ITILv4

Timeline

Senior Technical Support Specialist(SIEM Engineer)

OpenText
04.2024 - Current

Azure Admin / Engineer

Ontario Teachers Insurance Plan. OTIP
05.2021 - 04.2024

Windows System Engineer

Manulife Americas. (ON Canada)
09.2019 - 05.2021

Bachelor's degree - Applied Information Technology in Economics

Volgograd State Technical University Russia

Similar Profiles

CREATE PROFILE
Charles Okocha