Senior Staff Security Engineer
CurrentAt Ripple, I serve as a direct advisor to the CISO as the SME on Threat Detection and Response, and as a security generalist for the broader Information Security Team.I. Key Leadership Accomplishments - Partnered with the CISO to define team ownership, create a security strategy, and lead hiring, enhancing capacity and delivering a clear roadmap. - Assessed and optimized D&R tools (SIEM, SOAR), improving detection speed and accuracy. - Consolidated security signals into a single alert channel, optimizing triage and reducing missed alerts. - Established an On-Call Rotation for Security Event Triage and trained engineers for effective response. - Developed a tailored Incident Response Plan, enhancing preparedness and reducing MTTR. - Led Incident Response Tabletops and collaborated with Compliance to remediate issues.II. Key Technical Accomplishments - Built Security Tooling across AWS/Azure/GCP/IBM Clouds, providing complete cloud security visibility and improving detection coverage. - Designed an ETL Pipeline & Security Data Lake, reducing costs and boosting reliability. - Created custom detection rules in Google Chronicle/SecOps SIEM. - Developed automations that accelerated response times and reduced manual work. (i.e. Slack Bots for incident response, phishing remediation, and session revocation) - Deployed Thinkst Cloud Canary devices, enhancing threat detection. - Conducted Security Assessments, creating custom detections for risky behaviors. - Developed a framework to detect adversary domains, scrape malicious cryptocurrency addresses, and enable timely mitigation. - Formed partnerships to share indicators, preventing scams and saving millions. - Engineered a monitoring service for high-value cryptocurrency transactions, cutting response times from hours to minutes.III. Mentored the team in IaC with Terraform, Detection Engineering, Incident Triage, Systems Engineering, and Automation, enhancing their ability to tackle security challenges.