SOC Analyst Team Lead

• Mar 2022 - Present

• Provide Technical Lead Support to clients, vendors and coworkers as required.• Serve as Tier 3 level for complex technical and procedural escalations.• Responsible for development and execution of incident response plans for escalated response processes.• Proactively identify indicators of compromise and generate and execute Incident Response Plan upon detection.• Provide Incident remediation and prevention documentation.• Handle User and Entity Behavior Analytics (UEBA) use cases of potential security incidents and security events in accordance with SOC processes and procedures.• Identification and resolution of complex issues in customer environments.• Develop resolution and implementation plans• Work in collaboration with other security and company departments (operations, legal, sales) to help identify / resolve chronic issues and assist with the creation and implementation of corrective / preventative action plans• Research, analyze and identify potential vulnerabilities and security deficiencies• Initiate escalation procedure to counteract potential threats/vulnerabilities.• Research and implement customer generated change requests for MSS products.• Responsible for operation, maintenance, and monitoring of network hardware and related control software providing a variety of customer services. Observe and control the status and performance of all security components of company products and services.• Perform tasks associated with the installation, turn up and maintenance of security infrastructure and escalation of same.• Conduct security training, new hire training and network impact reviews.• Coordinate repair and maintenance of security system with security integrators. Liaise directly with third party vendors / suppliers.• Participate in company sponsored job related activities plus training to further develop your management and technical skills.• Manage the compliance of ticket handling times with the measured SLA’s Show less

Security Engineer

• Oct 2020 - Mar 2022

During my current Role I have been using different Cybersecurity Tools like the following: • Managed EDR instances using CrowdStrike, Cisco AMP, Sophos, VMware Carbon Black & Microsoft Defender ATP• Remotely managed endpoints using N-Able• Managed DNS block/allow lists using Cisco Umbrella and edited/created policies• Managed/monitored network traffic alerts using Microsoft Sentinel• Used Odoo for time entry and troubleshooting notes for customers• Using Microsoft Cloud App Security to monitor risky user logins and security events• Contacted user to resolve spam email issues and verify any compromised devices/accounts• Tested malicious links and files using a virtual desktop environment • Verified domains by investigating IP addresses verifying ownership and related services• Performed Vulnerability Scans with Qualys using a Virtual Appliance in Azure.• I also provided guidance to the Level 1 Analyst by conducting ongoing training sessions on all of the above tools. Show less

Security Specialist 2nd Level

• Jun 2019 - Oct 2020

Me desempeño como Especialista de Segundo Nivel para diversos servicios de Ciberseguridad.Como Antivirus, Antispam, Data Loss Prevention, Cifrado de Discos y Borrado Seguro.

Academia Ciberseguridad

• Apr 2019 - Jun 2019