Raleigh-Durham-Chapel Hill Area
Senior Incident Response Analyst (L6) at Elastic, leading cross-functional response efforts across cloud, SaaS, CI/CD, and endpoint environments, with a focus on coordinating complex investigations and driving effective remediation. Backed by nearly 7 years of incident response consulting experience, specializing in ransomware, advanced persistent threats (APTs), and active network intrusions. Proven ability to translate deep technical findings into clear, actionable guidance for both technical teams and executive stakeholders while aligning response strategies with business priorities. Recognized for maintaining composure in high-pressure situations, mentoring junior analysts, and delivering consistent investigative accuracy in fast-paced environments. Founder of DFIRDominican.com, a platform dedicated to sharing blogs, jobs, and resources with the broader DFIR community.
Senior Incident Response Analyst on the Threat, Detection, & Response (TDR) team within Elastic’s InfoSec department. Serving as incident commander on complex security incidents across the global enterprise environment spanning cloud, SaaS, CI/CD, and endpoint systems.
Principal Consultant on the DFIR team within Palo Alto Networks' Unit 42 Reactive Services practice. Serving as case lead or technical lead on large, complex incident response engagements for Global 2000 (G2K) customers, and providing coaching and mentorship to junior and senior consultants.
Senior Consultant on the DFIR team within Palo Alto Networks' Unit 42 Reactive Services practice. Served as technical lead or workstream lead on large, complex incident response engagements for Global 2000 (G2K) customers, assisted with leading internal innovation and enablement projects, and provided coaching and mentorship to new team members.
Manager on the Cyber Threat Management (CTM) team within KPMG's Cyber Security Services practice. Served as technical lead on incident response investigations in support of engagement managers.
Senior Associate on the Cyber Threat Management (CTM) team, formerly Cyber Response Services (CRS), within KPMG's Cyber Security Services practice. Led workstreams during incident response investigations including ransomware, advanced persistent threats (APTs), and active intrusions. Created saved queries, visualizations, and dashboards to help facilitate and streamline host analysis workflow.
Consultant on the incident response team within CrowdStrike's Professional Services practice. Performed host and network based forensics across various enterprise environments.
Senior Associate within Kroll's Cyber Risk practice. Investigated roughly 30+ cyber related incidents including ransomware, business email compromises (BECs), insider threat, intellectual property (IP) theft, and mobile device cases.
Associate within Kroll's Cyber Risk practice. Performed forensic imaging, evidence intake, evidence handling, and proper chain of custody procedures on all inbound physical evidence for the Cyber Risk practice.