Agoura Hills, California, United States
Senior Information Security Analyst with hands-on experience in threat detection, incident response, and network security operations at a 10,000+ user higher education institution. Experienced across the full detection stack — IDS/Suricata, Palo Alto Panorama, NAC, EDR, and SIEM — with a track record of identifying and containing active malware campaigns, C2 infections, and phishing incidents with MFA bypass. Building toward GRC with intentional depth in the technical controls that compliance frameworks are built on.
• Detected and contained a 6-device RAT outbreak (PcClient.bal) with XOR-encoded C2, coordinating firewall blocks, EDL updates, and NAC MAC blocking. • Investigated domain-fronting C2 campaign (replevysquab.top) spanning 76 hosts over 7 days, identified via beacon interval analysis and Joe Sandbox. • Responded to phishing incident with MFA bypass — disabled account, invalidated sessions/cookies/bypass tokens, identified 4 Nigerian IPs through VPN pivot analysis. • Managed responsible disclosure from independent researcher involving potential FERPA-implicated data exposure. • Built and deployed VPN security awareness training with mandatory knowledge check as access gate. • Validated defense-in-depth architecture across Suricata, PAN-OS App-ID, Threat Prevention, and sinkhole layers.
• Managed device enrollment, configuration, and compliance for faculty, staff, and student endpoints via MDM, ensuring adherence to university security policies • Served as first-line escalation point for phishing reports across a 10,000+ user institution, triaging suspicious emails and coordinating with the security team on confirmed threats • Administered access control and permissions for university systems, applying least-privilege principles to protect sensitive institutional data • Developed and maintained knowledge base documentation and SOPs to standardize support procedures and reduce resolution time across the team • Delivered end-user training on security best practices, equipping faculty, staff, and students to recognize and respond to common threats
• Served as sole IT resource for a 10-15 person organization, independently managing all infrastructure, security tools, and end-user support across the company • Evaluated and hardened security infrastructure including firewall configuration, endpoint protection, and VPN implementation to reduce organizational risk • Monitored and responded to security events through traffic analysis, Windows forensics, and event log review, identifying and resolving unauthorized access and potential data integrity issues • Developed and delivered weekly IT training for all staff covering core business applications and security best practices
• Instructed and mentored adult students across all skill levels over 10+ years, developing personalized coaching approaches that drove consistent student retention and progression • Managed day-to-day business operations including scheduling, billing, and client communications, maintaining smooth studio operations alongside instructional responsibilities • Executed local marketing campaigns and client acquisition initiatives, sustaining an average of 3 new student enrollments per month consistently across the full tenure of the role • Demonstrated sustained leadership and performance accountability for over a decade — training others, managing operations, and growing a client base simultaneously