Security Operations Centre Manager

• May 2022 - Present

Threat Hunting & SOC Team Lead

• Oct 2019 - May 2022

Responsible for daily operations and management of CommSec’s Security Operations Centre & vulnerability scanning service CheckScan+, providing an exemplary service for all managed customers. Responsible for leading and managing a team of SOC analysts. Conducting regular 1:2:1 meetings with each team member to outline short and long term goals. Responsible for recruitment for all SOC analyst levels including graduate SOC analysts. Overseeing of internal training and putting training plans to help encourage their professional growth and hard skills. Overview of implementation and design of SIEM, SOAR, Firewall, Endpoint Protection solutions to customer networks.Measuring SOC performance metrics including KPI's, SLA's, team capacity/capability and project updates while delivering monthly updates to senior management.Responsible for creation and maintenance of policies, procedures and business continuity plans for the Security Operations Centre. Liaising with external auditors to demonstrate controls for the initial and surveillance audits for ISO27001:2013.Responsible for onboarding new customers to managed services such as SIEM, SOAR, Vulnerability Scanning, Anti-Phishing training, Password management, Multi-Factor Authentication, Endpoint Detection & Response, Firewall as a Service (Sophos, Palo Alto & Fortinet), Network Operations and Data Loss Prevention.

SOC Analyst

• Jul 2019 - Oct 2019

Responding to customer incidents escalated from our Tier 1/2 SOC analysts. Development of procedures and playbooks that are key to responding customer incidents. Onboarding new software and applications to improve the efficiency and productivity of the MSOC team.• Conduct proactive monitoring and investigation of incident activities.• Conduct full forensics investigation from initial triage to post-incident.• Provide remediation advice and treatment to both technical and non-technical customers. • Development and utilisation of threat hunting techniques to detect and defend against potential exploits and breaches. • Generate assessment reports and provide solutions to clients for all cyber security related needs.• Review, recommend and configure security policies that need to be implemented into the SOC framework.• Continuous research on new threat and vulnerabilities that impact monitored environments.• Investigate malicious phishing emails, domains and IPs using open-source tools and recommend blocking based on analysis.• Designing and implementation of the web application vulnerability scanning platform CheckScan+.• Analyse and validate critical web application security flaws as defined by OWASP top 10.• Customization and scheduling web app scans based on client requirements.• Building web application vulnerability risk reports with an analytical insight.

SOC Analyst

• Aug 2018 - Jul 2019

Responsibilities:Responding to SIEM Alerts/Customer logged incidents, accurately reporting on a ticketing system. Escalating incidents to level 2/3 analysts. Monitoring customer IDS/IPS and network assets. Performing vulnerability scans and weekly/monthly vulnerability reports. Regularly updating team processes and knowledge bases. Preforming ad-hoc tasks, projects and reports. Responsibilities:Responding to SIEM Alerts/Customer logged incidents, accurately reporting on a ticketing system. Escalating incidents to level 2/3 analysts. Monitoring customer IDS/IPS and network assets. Performing vulnerability scans and weekly/monthly vulnerability reports. Regularly updating team processes and knowledge bases. Preforming ad-hoc tasks, projects and reports.

Patrol Officer

• Jun 2013 - Aug 2018

Responsibilities: Maintain a high level of customer service, process payments, troubleshoot barrier & point of sale equipment & reporting of daily statistics and charge backs. Responsibilities: Maintain a high level of customer service, process payments, troubleshoot barrier & point of sale equipment & reporting of daily statistics and charge backs.

Work Experience

• Feb 2014 - Mar 2014

As part of the Post Leaving Cert(PLC) FETAC Level 5, I was required to partake in work experience at a company of my choice. I worked along side of the European, Middle Eastern & Asian Business Technical Support Department. I also worked with the Irish & UK Marketing Department. As part of the Post Leaving Cert(PLC) FETAC Level 5, I was required to partake in work experience at a company of my choice. I worked along side of the European, Middle Eastern & Asian Business Technical Support Department. I also worked with the Irish & UK Marketing Department.