Raleigh-Durham-Chapel Hill Area
Our team at the forefront of cybersecurity, currently serving as a Cyber Security Consultant, harnesses my expertise in risk assessments and security training to fortify organizational defenses. With a Master of Math and a Bachelor’s in Applied Science, my approach is deeply analytical, shaping robust security frameworks and mentoring the next wave of cybersecurity talent. My expertise 5+ years solely focused on leveraged SOAR systems to enhance security alert responses and significantly reduce incident resolution times. My certifications in Splunk and IBM QRadar underpin a disciplined methodology for threat detection and mitigation, embodying a commitment to proactive defense strategies and continuous professional development in the rapidly evolving cybersecurity landscape.
•Provide cybersecurity consulting, assisting organizations in strengthening their security posture through risk assessments, security awareness training, and vulnerability mitigation. •Mentor aspiring cybersecurity professionals, guiding them in incident response, SIEM analysis, and ethical hacking methodologies.
• Monitor Information Security alerts using Security Orchestration Automation and Response (SOAR) to triage, mitigate, and escalate issues as needed while capturing essential details and artifacts. • Utilize sensor data and correlated logs containing AV, IDS, Windows events, Web Proxy, and similar data to establish context and rule out false positives. • Mitigate and contain identified threats using approved incident response methodologies. Initiate escalation procedures and incident response processes as defined in operational plan. • Perform analysis of security alerts to evaluate risk, determine containment action and identify required preventative measures. • Ensure proper documentation of security incidents including attack details. • Interact and aid other investigative teams within Visa on time sensitive, critical investigations. • Provide feedback to peer teams to enhance security sensor and improve detection capability. • Collaborate with operational support teams to ensure they are actively engaged in addressing potential security threats that can impact business. • Contribute to projects that enhance the security posture of the enterprise. • Operationalize actionable Threat Intelligence reports from internal and external sources. • Identify trends, potential new technologies, and emerging threats which may impact the business. • Respond to incoming reports of security incidents from the organization via calls and emails.
• Continously monitor the dashboard panels of Secureworks XDR for security alerts, and analyze the event logs ingested from a variety of different technologies across multiple platforms. • Detect and investigate potential threats, triage the alerts, and appropriately escalate incidents to L2/L3 analysts for additional assistance. • Utilize ServiceNow tool for management of incidents and ticket tracking. • Interact with customers to address their security issues through omni channel communication. • Prepare briefings and reports about the results of investigations on repeated low and medium alerts utilizing analysis methodologies. • Organize and conduct training sessions for new hires on SOC processes, procedures, workflows and utilized technologies such as Secureworks-Taegis XDR/VDR, SNOW, BT Cloud,Teams, CyberChef and etc. • Take active role in creation of Document Repositories. • Contributed latest threat intelligence news and reports for knowledge based documentation. • Used MITRE ATT&CK, an open framework and knowledge base of adversary tactics and techniques based on real-world observations, provides a structured method. • Used Open Source Reputation Channel’s such as VirusTotal, AbuseIP, AnyRun, Hybrid Analysis, Cisco Talos and Shoden collecting key findings for incident report. • Referenced Cyber Kill Chain to determine if malicious actor was able to perform all techniques and tactic’s.