Paul John

Information Security Professional

New York City Metropolitan Area

About

Experience

  • Incident Response Lead at The Depository Trust & Clearing Corporation (DTCC)
    Oct 2024 - Present · 1 yr 9 mos

    ● Led day-to-day operations and strategic performance for a high-performing security team. ● Served as Incident Commander for major (P1) incidents and acted as the primary escalation point for critical tasks. ● Drove continuous security improvements using metrics, stakeholder feedback, and threat intelligence. ● Mentored, trained, and empowered team members, aligning individual growth with organizational goals.

  • Cyber Security Analyst at NuHarbor Security
    Feb 2023 - Sep 2024 · 1 yr 8 mos

    ● Analyze both raw and processed security alert and event data to identify potential security incidents, threats, mitigations, and vulnerabilities. (Splunk) ● Support follow-on actions, such as coordinating with other organization teams to facilitate remediation of the alert/event/incident, and close out the investigation. ● Support client tuning objectives as needed ● Develop, populate, and enhance client facing reporting

  • Information Security Analyst II at U.S. Commodity Futures Trading Commission
    Jun 2020 - Jul 2021 · 1 yr 2 mos

    ● Incident responder to critical incidents and threats ● Create and tune detections for Splunk ES SEIM ● Threat hunting on client’s networks and logs, looking for attacker presence ● Perform security alert and event monitoring (IDS/IPS, EDR, Phishing)

  • DoD Cyber Crime Center (DC3) (Full-time · 1 yr 6 mos)
    • Senior Intelligence Analyst
      Oct 2018 - Mar 2020 · 1 yr 6 mos

      ● ​Conduct Incident Report Analysis on incidents reported under applicable DFARS ● ​Evaluate raw intelligence as well as produce and publish finished intelligence ● ​Provide analysis supporting assessments of the overall impact of data loss on current and future USAF weapons programs, scientific and research projects, and warfighting capabilities

    • Journeyman Cyber Security Instructor
      Oct 2018 - May 2019 · 8 mos

      ● Develop and present curriculum material to active duty Military personal ● Conduct research in order to develop technical manuals for training ● Provide students with experience and knowledge aligned with course objectives

  • IT Security Operations I at MIT Lincoln Laboratory
    Sep 2015 - Oct 2017 · 2 yrs 2 mos

    ● ​Maintain and operate lab wide Vulnerability Assessment deployment (SecurityCenter/Nessus) ● ​Administration of Carbon Black ● ​Triaging of McAfee Web Gateway Proxy issues via tickets and infrastructure changes ● ​Revamped lab antivirus scanning of removable media (Python script to automate process) ● ​Automated vulnerability scanning jobs, creation of reports, and securely mailing results to division heads (Python)