New York, New York, United States
Michaela is a Senior Associate within RSM’s Managed Security practice (RSM Defense / Unit 26), working primarily as a SOC analyst with a focus on threat hunting and detection engineering across regulated and commercial environments. Her work centers on incident triage, investigations, and escalations within a SOC, while embedding proactive threat hunting into daily operations. She builds and tunes custom, behavior‑based detections across endpoint and cloud telemetry using Microsoft Defender / Microsoft Sentinel (KQL) and SentinelOne (S1QL), prioritizing high‑confidence signal over alert noise. She initiated and drove threat hunting and detection engineering capabilities in CMMC environments, where auditability, explainability, and response consistency are critical. A background in PCI DSS, HITRUST, and HIPAA compliance shapes how detections and response workflows are designed, ensuring they are not only effective, but defensible and operationally repeatable. She enjoys fast‑paced SOC environments, collaborating across global teams, and helping mature detection and response programs grounded in real attacker behavior.
Managed Security (RSM Defense / Unit 26) - Provide SOC incident triage and reactive response across multiple client industries using threat intelligence, SIEM ingestion, and alert aggregation to support investigation and containment - Drive SOAR operational maturity by recommending workflow improvements and operationalizing standardized remediation actions through Torq-based automation and analyst guidance - Author and maintain runbooks (e.g., Torq remediation runbooks) to enable consistent, auditable response actions such as endpoint isolation and reduce manual effort - Initiate and drive threat hunting and detection engineering capabilities for CMMC environments, establishing initial hunting workflows and custom detection coverage aligned to emerging threat intelligence - Serve as a threat hunter and detection engineer across commercial and CMMC environments, creating and tuning custom detections in Microsoft Defender (Microsoft Sentinel (KQL)) and SentinelOne (S1QL) - Build and submit high-confidence custom detections for regulated environments, including Intune destructive device actions (remote wipe/retire/reset) and other high-risk patterns - Train and enable new hires across the U.S., India, and El Salvador on SOC workflows, analyst foundations, physical security/visitor management, and threat hunting practices Cyber Compliance – Secure Payment (PCI Services) - Led client interviews, evidence review, and control observations while managing PCI ROCs and SAQs end-to-end - Managed 10+ concurrent consulting engagements with overlapping deadlines while maintaining delivery quality and stakeholder coordination - Generated $125,850 in cybersecurity services sales in four months (2.5x annualized goal pace), supporting pipeline growth and client expansion - Developed repeatable PCI control testing templates and contributed to the team’s first Secure Software Lifecycle (SLC) request list to standardize evidence collection and improve assessment efficiency
- Advised clients on Payment Card Industry Data Security Standard (PCI DSS) compliance, performing assessments against PCI DSS v3.2.1 and v4.0 - Evaluated client environments by reviewing network and system configurations, security controls, policies, procedures, and technical evidence to determine program effectiveness - Analyzed artifacts such as vulnerability scans, packet captures, system configurations, and documentation to validate PCI requirements and identify compliance gaps - Supported remediation efforts by documenting findings, clarifying control expectations, and aligning recommendations to PCI requirements - Developed and modified Windows and Linux (bash) scripts to assess system and Active Directory configurations during technical reviews
- Represented RSM on campus at Penn State by supporting recruiting initiatives, including career fairs, information sessions, and student engagement events - Acted as a liaison between students and RSM recruiters, sharing information on internships, full‑time opportunities, and firm culture - Promoted RSM’s employer brand through peer outreach and campus involvement, helping increase awareness of career pathways - Collaborated with recruiters and fellow ambassadors to support campus engagement strategies and candidate identification
- Recorded and maintained accounts receivable and payable transactions with accuracy and attention to detail - Organized and filed financial and operational documentation to support day‑to‑day business processes - Assisted with data entry and shipment coordination, ensuring records were current and complete
- Supported instruction for Security and Risk Analysis and Cybersecurity courses, including SRA 231: Decision Theory and CYBER 342W: Cyber Incident Response - Guided students through applied coursework related to cyber risk analysis, incident handling, and response documentation - Provided feedback, grading, and instructional assistance, reinforcing clear technical communication and analytical reasoning - Assisted instructors in facilitating discussions and evaluating student work in a writing‑intensive, security‑focused curriculum
- Assisted customers with merchandise selection and proper sizing, delivering a positive and supportive in‑store experience - Supported floorsets and visual merchandising by replenishing and organizing inventory to brand standards - Maintained an organized sales floor during high‑traffic periods, balancing customer service with operational tasks
- Participated in a simulated security, privacy, and risk scenario focused on addressing real‑world client concerns - Collaborated with peers on case discussions and presentations, strengthening communication and teamwork skills - Engaged with RSM professionals to gain insight into consulting career paths, firm culture, and professional development