Daniel Macias Email & Phone Number

Anaheim, CA, US

New York, NY, US

Lake Forest, California, US

• Redesigning security architecture to meet SOC 2 Type 2 compliance standards
• Oversight of entire security infrastructure for both US and European teams
• Designing SIEM integrations with AlienVault as the company transitions fromon-prem software to a SaaS platform via AWS GovCloud
• Integration of Crowdstrike for both EDR and CSPM for Kubernetes security
• Integrating security reviews in SDLC by SAST, DAST and image scanning(AquaSec, Crowstrike for Kubernetes)
• Coordination of user security awareness training by utilizing KnowBe4administration

St Louis, Missouri, US

• Opening and managing incident detection tickets, coordinating response activities, monitoring andmanaging workflows in vulnerability management, device compliance monitoring systems, endpointprotection, and privileged.
• Tracking and reporting on information security vulnerabilities and risks Monitoring IDS alerts, networktraffic, cloud monitoring systems, logs and metrics to detect and report threats
• Automation of vulnerability reporting by creation of dashboards on Sumo Logic for C-Level executives
• SIEM administration and architecture development for ingestion of logs through multiple platformsincluding AWS and Prisma DLP
• Development of automation alerting workflows and creation of webhooks via Pagerduty, Slack, and Jira
• Administration of AWS services to create more efficient security processes(Guardduty, Security Hub, AWSWAF, Encryption Techniques)Notable Achievements:

New York, NY, US

• Detect and defend against various forms of attacks by analyzing security-related events and alerts byutilizing various tooling (AWS WAF, Sumo Logic, AWS GuardDuty, DataDog)
• Develop and configure WAF/Bot Management software (AWS WAF, CloudFlare, PerimeterX)
• Provide stakeholders with concise, detailed, and well-written incident reports, root causes identification, andremediation recommendations.
• Coordinate and track incident response activities with other teams and third parties. This includesremediations arising from Red Team tests and external penetration tests.
• Perform non-event driven security reviews, including but not limited to patching, firewall rules, systemconfiguration checks and vulnerability reports
• Conduct Blue Team exercises and drills to evaluate and improve processes and technologies related tovarious controls including but not limited to threat detection, incident response, patching, remediation anduser.

Hyannis, Massachusetts, US

• Develop/translate more than 150 incident response runbooks for the IR team in collaboration with the rulemigration to assist bridge the Splunk ES knowledge gap.
• Analyze network traffic and IDS/IPS alerts, investigate intrusion attempts, and perform in-depth tracing andanalyses of exploits and attacks.
• Lead author / developer for remediation process SOP’s for multiple audits such as AWS security audits andCIS audits/hardening.Notable Achievements:
• Migration of multi-billion dollar financial enterprise from IBM Qradar to the Splunk ES SIEM platform.
• Transposed 200+ Qradar security alerts to Splunk ES correlation searches.
• Organized, prepared, and led the company's first AWS security audit. The initiative and additionaltraining/studies which enabled the audit’s success saved the company over $20k by not outsourcing.

Irvine, California, US

• Tasked with creating, configuring, and managing firewall solutions and management tools includingWatchGuard System Manager and Sophos Central.
• Managed and configured SIEM to lower the volume of false positives to enhance overall SOC productivity.
• Aligned routing devices, deployed VPNs, and resolved customer network security-related issues.Notable Achievement:
• Developed and authored Incident Response Playbook / SOP’s.

Santa Ana, CA, US

• Developed, operated, and maintained all virtual server environments (AWS, Azure, and VMWare).
• Facilitated training/development opportunities for new employees on software and company IT procedures.
• Oversaw image deployments, firewall configurations (Sophos), as well as network integrity with SolarWinds.Notable Achievement:
• Authored new processes for device management and other enhancements to improve operational efficienciesand the hardening of device security.

Los Angeles, California, US

• Monitored the Security Incident Event Management (SIEM) console correlated with proprietary WebApplication Firewall (WAF) software.
• Performed threat hunting for adversarial tactics, techniques, and procedures.
• Provided active threat monitoring of (WAF) appliances for 100+ clients.Notable Achievement:
• Conducted vulnerability trend analyses and risk assessments to capture near real-time security posture forvarious levels of management including executives

Phoenix, Arizona, US

• Tasked with providing timely and effective technical assistance for multiple technologies including Windowsand Mac OS based endpoints (laptops, desktops, and thin clients), tablets, and smartphones (IOS &Android), and.
• Proactively resolved customer issues with equipment and services.
• Responsible for automating data backups while simultaneously hardening network in-house security.Notable Achievement:
• Consistently provided just-in-time support at the help desk and across campus and responded to departmenttechnical emergencies to minimize data loss, to meet deadlines, and supported user needs.

Bachelor’S Degree, Computer And Information Systems Security/Information Assurance

Master Of Science - Ms, Cybersecurity And Information Assurance