Ben Braun

Senior Information Security Analyst | Threat Detection & Incident Response | GCIA

Agoura Hills, California, United States

About

Senior Information Security Analyst with hands-on experience in threat detection, incident response, and network security operations at a 10,000+ user higher education institution. Experienced across the full detection stack — IDS/Suricata, Palo Alto Panorama, NAC, EDR, and SIEM — with a track record of identifying and containing active malware campaigns, C2 infections, and phishing incidents with MFA bypass. Building toward GRC with intentional depth in the technical controls that compliance frameworks are built on.

Experience

  • Senior Information Security Analyst at Pepperdine University
    Mar 2024 - Present · 2 yrs 5 mos

    • Detected and contained a 6-device RAT outbreak (PcClient.bal) with XOR-encoded C2, coordinating firewall blocks, EDL updates, and NAC MAC blocking. • Investigated domain-fronting C2 campaign (replevysquab.top) spanning 76 hosts over 7 days, identified via beacon interval analysis and Joe Sandbox. • Responded to phishing incident with MFA bypass — disabled account, invalidated sessions/cookies/bypass tokens, identified 4 Nigerian IPs through VPN pivot analysis. • Managed responsible disclosure from independent researcher involving potential FERPA-implicated data exposure. • Built and deployed VPN security awareness training with mandatory knowledge check as access gate. • Validated defense-in-depth architecture across Suricata, PAN-OS App-ID, Threat Prevention, and sinkhole layers.

  • Senior Technical Analyst at Pepperdine University
    Apr 2023 - Jan 2024 · 10 mos

    • Managed device enrollment, configuration, and compliance for faculty, staff, and student endpoints via MDM, ensuring adherence to university security policies • Served as first-line escalation point for phishing reports across a 10,000+ user institution, triaging suspicious emails and coordinating with the security team on confirmed threats • Administered access control and permissions for university systems, applying least-privilege principles to protect sensitive institutional data • Developed and maintained knowledge base documentation and SOPs to standardize support procedures and reduce resolution time across the team • Delivered end-user training on security best practices, equipping faculty, staff, and students to recognize and respond to common threats

  • Technical Support Engineer at CARET
    Jan 2022 - Apr 2023 · 1 yr 4 mos

  • IT Manager at HK TOLOVE Education Consulting Co.
    Nov 2020 - Jan 2022 · 1 yr 3 mos

    • Served as sole IT resource for a 10-15 person organization, independently managing all infrastructure, security tools, and end-user support across the company • Evaluated and hardened security infrastructure including firewall configuration, endpoint protection, and VPN implementation to reduce organizational risk • Monitored and responded to security events through traffic analysis, Windows forensics, and event log review, identifying and resolving unauthorized access and potential data integrity issues • Developed and delivered weekly IT training for all staff covering core business applications and security best practices

  • Instructor/Manager at Shan Tung Kung Fu LLC
    Sep 2004 - Jun 2015 · 10 yrs 10 mos

    • Instructed and mentored adult students across all skill levels over 10+ years, developing personalized coaching approaches that drove consistent student retention and progression • Managed day-to-day business operations including scheduling, billing, and client communications, maintaining smooth studio operations alongside instructional responsibilities • Executed local marketing campaigns and client acquisition initiatives, sustaining an average of 3 new student enrollments per month consistently across the full tenure of the role • Demonstrated sustained leadership and performance accountability for over a decade — training others, managing operations, and growing a client base simultaneously