• Performed real-time analysis of over 25 security events per day, resulting in approximately a 10% reduction in incident response time. Security events include SIEM alerts, network traffic logs, and Tier 1 escalations. • Conducted in-depth analysis of phishing events to identify and mitigate potential threats. • Utilized Microsoft Defender EDR to investigate security alerts and analyze collected data. • Responded to security incidents, including malware infections, unauthorized access attempts, and unwanted software. • Collaborated with the Threat Management team to escalate and address critical security threats.

• Scoped and analyzed security events to determine their validity and priority. • Conducted host-based and network-based forensics analysis to investigate security incidents. • Collaborated with the automations team to improve the accuracy of security event detection and reduce false positives. • Participated in team meetings to audit and improve the SOC's frameworks, including MITRE ATT&CK and NIST Incident Response.

• Provided 24/7 security monitoring and incident response as part of the Threat Analysis team. • Monitored SIEM (Exabeam) alerts, conducted case investigations, and performed threat hunting activities. • Investigated unauthorized data sharing incidents using Microsoft DLP. • Performed threat analysis using FireEye Intrusion Detection platform and submitted suspicious files and URLs for sandbox analysis.

• Performed real-time security monitoring and analysis using Palo Alto xSoar SIEM and other security tools. • Conducted incident response activities, including host triage, malware analysis, and remediation efforts. • Collaborated with the IT Security Helpdesk to resolve security-related tickets and incidents.

• Implemented and monitored security systems across a wide range of products. • Managed the Crowdstrike Falcon Security profile policies and user accounts profiles. • Participated in incident response efforts and collaborated with the SOC Engineer team. • Managed the LastPass password platform, ensuring user account security and conducting monthly audits to confirm users who have left the company accounts are no longer active. • Developed and maintained security runbooks to improve incident response capabilities.

• Detected and assessed cybersecurity events and incidents across the enterprise. • Served as an escalation point for Tier 1 analysts and provided guidance on security investigations. • Developed and maintained security runbooks to improve incident response capabilities. • Managing the Akamai WAF for IP blacklisting and whitelisting, performed monthly IP block audits. • I worked in Kibana for Elasticsearch to observe and search for intrusion detections for the Discovery+ Platform due to Credential Stuffing attacks when testing the Discovery+ platform with limited users. This was part of the Pre-launch of the Discovery+ platform that has been moderately successful.• Endpoint Detection and Response using Carbon Black. Created Carbon Black project for Watchlist and hash blocking all Torrent and Keygen applications on user’s endpoint devices.• Participated in the SOC rebuild team, ensuring the SOC was following the MITRE ATT&CK framework.

• Monitored the security of critical systems, including email servers, database servers, and web servers. • Investigated security incidents and identified areas requiring new security measures or policy changes. • Managed the Splunk SIEM dashboard and performed threat analysis using FireEye Intrusion Detection platform.

• Monitored daily threats and alerts using SIEM and Fidelis to prevent unauthorized access to sensitive data. • Utilized FireEye Threat Analytics Platform and CounterACT for network monitoring and intrusion prevention. • Other responsibilities were performing software risk assessments for newly requested applications, writing Method of Procedure Guides for the SOC and providing timely incident resolution.

• Monitored security incidents in a 24/7 operating environment using intrusion detection and prevention technologies. • Deconstructed cyber-attack event sequences and performed malware analysis. • Utilized reverse engineering tools and techniques for network traffic analysis.

• Troubleshoot and isolate customer problems with hosted VoIP service• Manage and configure Checkpoint firewall rules for employee remote access• Determine root causes of problems across customer network, ISP, carrier and internal systems• Manage queue of trouble tickets, handling intake, escalation, resolution and closure• Communicate with customers via phone and email• Communicate with carrier partners via phone, email and web portal• Assist customers with configuring routers, firewalls and other network devices to optimum hosted VoIP performance.• Work with customers registering phones on the Aptela VoIP system, configuring phone profiles in the web GUI.• Perform network diagnostics and analyze results using tools such as Wireshark, Network Time• Machine, Ping, Traceroute.• Work a full time regular shift, rotational on-call schedule for weekends and after hours• Working and supporting other groups in the organization for testing and ticket escalation.• Capture and analyze PCAP files to identify root cause of network issues• Remote support of Linksys, Netgear and Sonicwall small business routers.• Configuring and troubleshooting mobile phones apps such as x-Lite, Zoiper, Fring and acrobits

Activities include coordinating and supporting all Help Desk Techs, responding to ticket escalations, supporting Instructors and remote learners. Served as a liaison to Product Management team for product support and support tool enhancements. Maintained a close working relationship with Tier 1 support, Virtual Learning Coordinators, external vendors associated with virtual learning, Shipping, Warehouse, Corporate Sales and Instructor Relations.Provide assistance regarding technical requirements for setup and/or running of Learning Tree International courses employing AnyWare.Build, upgrade, test, troubleshoot and repair AnyWare-related computer equipment and video hardware.Provide support and technical assistance to instructors and remote learners.

Perform simulating home network testing of Verizon FiOS and DSL network equipment utilizing DHCP, PPPoE and Static configurations using Window 2000, XP, Vista and MAC OS operating systems. Perform latency, throughput and functionally testing of the Actiontec router and DSL modems, Motorola set top boxes (STB) and Westell DSL modems. Tests includes Video on Demand (VOD) utilizing MoCA, gaming, streaming video, e-mail, port scanning, bit torrent, routing, stability tests, port to port LAN switching. Troubleshoot field related data and video issue as it relates to the customer routers and modems. Develop and implement requirement analysis, test plans, test cases for new products utilizing Excel and Word.

Install, configure, and test access points (Cisco 1100 and 1200), switches, DSL modems, gateway servers, ISP routers, integrate customer equipment, 3 rd party vendor equipment, etc. Pull, terminate, test and label Cat5e and LMR cabling throughout the customer site, as depicted in the project statement of work. Interfaced with customers to resolve installation problems relative to space and wire management, also performed de-installations of switches and routers. Responsible for working stand-by as it relates to after-hours maintenance or repair issues. After completion of maintenance call, a completion report was created for field supervisor with resolution details and any follow up status, if needed. Work with network operations center (NOC) during post installation checks and proof of performance acceptance upon completion of each statement of work.

Responsible for Network engineering, including technology analysis, Project Management, impact assessments, network standards, installation and management of network equipment. Maintenance and Tier-II operational support for high-availability production IP, Frame Relay and ATM WAN, consisting mainly of Cisco (IGX ATM Switch), Juniper, Lucent (PSAX Multiservice Gateway Switch), and other vendor equipment. Assist the NNOC, NNTSG, and Nextel Markets in the interpretation of real-time system alarming and system fault isolation. . VoIP implementation and support across the WAN (Cisco 8400 IGX and Lucent 4500 Packetstar Switch.) Worked in tandem with VoIP deployment team to design and test network components prior to deployment. Developed, implemented, and enforced written procedures for network operations, and monitoring.