Eindhoven, North Brabant, Netherlands
A enthusiastic and dedicated computing professional with a passion for IT Security and related fields. I started my career in IT working with support for Windows Desktops, and soon after I decided to enhance my knowledge in Windows Server, including server Virtualization and all its resources. When I had the opportunity to work with IT security, I began to focus more on this area, improving my knowledge of Linux systems and specializing in security technologies like Antimalware, IPS, Web Filter, Mail Filter, Vulnerability Scanning, Pentest. Currently I devote my time to expand my overall knowledge of security, security incidents analysis, development and implementation of security policies and realize a job of adequacy various Threat Cases using Big Data, where we have the challenge of maintaining a sufficient amount of information in an age of constant innovation of Cybercrime.
Currently working in a internationally sourced, SOC Senior Security Analyst team serving the IP/DS, SIEM, Vulnerability Management, Threat Hunting & SIEM use case development. Respond to escalated malicious incidents that require additional investigation and response planning. Review the Incident Response Program for potential modifications and provide recommendations for enhancements and/or process improvements. Advise on MSS service improvements where inefficiencies reside. Responsible for educational and career path advice, providing SIEM Training to other members of the SOC. Providing guidance and subject matter expertise to team members. Responsible for monthly Security Report for customers with high-level information as well as technical breakdowns of attacks and breaches that take place. Performing advanced threat hunting techniques for threats that can not be identified using existing automated security tools.
Responsible for SIEM Implementations on costumers, where I act as responsible for the KPIs creation and intelligence based on customers needs. Acting in solving information security problems and designing security solutions. Also responsible for pre-sales needs.
Responsible for the activities of the CSIRT team, responsible for organizing and directing the CSIRT, coordinate responses to IT security incidents. Manage incident response processes, policies and procedure updates to deal with future incidents. Realize the adequacy of various security controls using Big Data (SIEM).
Provide incident management services for security incidents supporting commercial customers. This includes coordination of technical resources and providing incident response and computer forensic analysis expertise. Analysis of security related logs to identify possible compromise of customer’s data, generating reports related to security incidents, incident handling, investigation and remediation best practices. Analyze and reverse-engineer the behavior of malware using both static and dynamic tools and techniques. Security monitoring methodologies such as packet capture, patterns, watch lists, log parsing, correlation, classification, event generation, filtering, asset, vulnerability data, IDS\IPS and SIEM technologies.