Micah Funderburk

Senior Detection Engineer | AWS Community Builder

United States

About

Glory to the Most High, Jesus Christ! I’m a cybersecurity professional with over six years of experience specializing in cloud threat detection, infrastructure security, and detection engineering. My background spans enterprise environments, with hands-on expertise in virtualization, cloud platforms (AWS, Azure), Windows & Linux administration, network security, and automation. Currently, I focus on developing cloud-native detection content and Python-based detection models to identify and mitigate threats at scale. I also leverage data engineering and DevSecOps principles to enhance visibility, streamline detection pipelines, and strengthen overall cloud security posture. I'm here to connect with like-minded individuals, share knowledge, and grow in this ever-evolving field. Feel free to reach out!

Experience

  • LastPass (3 yrs 9 mos)
    • Senior Detection Engineer
      Apr 2024 - Present · 2 yrs 4 mos

    • Detection Engineer
      Nov 2022 - Present · 3 yrs 9 mos

      - Security Monitoring & Incident Response - Building/tuning/modifying detections using various query languages. - Threat Research - Utilizing DevOps principles to manage detection content as code - Creating automations for various SOC workflows. - SIEM Management - Log Ingestion (normalization/parsing/enrichment) - Drafting internal documentation for knowledge transfer and standard operating procedures.

  • Technical Reviewer at Packt
    Feb 2024 - Apr 2024 · 3 mos

    Tasked with ensuring the validity, relevance, and technical accuracy of the book's published content. (Automating Security Detection Engineering: A hands-on guide to implementing Detection as Code by Dennis Chow)

  • Information Security Analyst I at Novant Health
    Feb 2022 - Dec 2022 · 11 mos

    • Investigated security alerts and analyzed detected events to understand attack targets and methods. Determined the impact of an event, conducting continuous security monitoring of the network. • Monitored for unauthorized personnel, connections, devices, and software. • Assessed detection processes for continuous improvement of internal security procedures. • Monitored external data sources to maintain currency of threat landscape to determine which security issues may have an impact on the enterprise. • Communicated detected cyber security events to the appropriate parties, categorized security incidents, and escalated events as a security incident where appropriate.

  • Associate Information Security Analyst at Brooksource
    Jul 2021 - Feb 2022 · 8 mos

    Associate Cyber-security analyst contractor at Novant Health.

  • Network & System Administrator at Box Board Products
    Aug 2019 - Jul 2021 · 2 yrs

    • Deployed, managed, and configured virtual machines using VMware ESXI platform, as well as SAN storage, NFS shares, data stores, and virtual networks. • Managed firewalls, email security gateways, WSUS server, spam filters, endpoint antivirus, content filtering proxy server, and managed other security configurations. • Managed organizations environment using automation, group policies, active directory, PowerShell. Managed workstations/servers (Windows and Unix/Linux systems) and provided technical support to end users (help desk). • Organized Cyber security training for end users and helped develop processes and policies to contribute to the organizations security standards.