Cyber Defense Center Specialist

• Nov 2022 - Present

• Examining the incidents escalated from the L1 analysts, evaluating the emerging threat intelligence, identifying the affected systems and the scope of the attack, collecting information on the systems that may be exposed to the attack for further research stages, determining and managing the remediation and recovery plan.• As a digital forensics investigator, leading and performing malware, windows, network and memory forensics.• Developing use case scenerios and writing SIEM correlation rules to detect web exploitation attempts, windows lateral movements, post exploitation techniques, malware behaviours and suspicious network activities.• Performing detailed analysis of alerts and potential threats, as well as alert correlations across CDC monitoring and threat detection tools.• Identify and analyze anomalies in event data to identify security issues.• Provide analysis and reporting of threats, vulnerabilities and incidents.• Additional risk management activities as needed for threats. Show less

Senior Cyber Defense Center Analyst

• Apr 2022 - Oct 2022

• Identify and analyze anomalies in event data to identify security issues.• Provide analysis and reporting of threats, vulnerabilities and incidents.• Monitors and investigates incidents and sometimes further actions incident response.• Document and disseminate reports and notifications of findings in a timely SLA.• Additional risk management activities as needed for threats.• As a digital forensics investigator, leading and performing malware analysis.• Developing use case scenerios and writing SIEM correlation rules to detect web exploitation attempts, windows lateral movements, domain persistence techniques, malware behaviours and suspicious network activities.• Performing daily detect & respond functions, working closely with CDC processes on SIEM and SOAR.• Performing detailed analysis of alerts and potential threats, as well as alert correlations across CDC monitoring and threat detection tools. Show less

Cyber Defense Center Analyst

• Dec 2020 - Apr 2022

• Perform daily detect & respond functions, working closely with SOC processes on SIEM and SOAR.• Performs detailed analysis of alerts and potential threats, as well as alert correlations across SOC monitoring and threat detection tools.• Identify and analyze anomalies in event data to identify security issues.• Provide analysis and reporting of threats, vulnerabilities, and incidents.• Monitors and investigates incidents and sometimes further actions incident response.• Document and disseminate reports and notifications of findings in a timely SLA.• Additional risk management activities as needed for threats. Show less

Cyber Security Instructor

• Apr 2020 - Present