Leveraging relationships across Threat Intelligence, Incident Response, and Red Teams I proactively build threat models and deliver detection solutions that mitigate future risks. My experience includes designing detection strategies that enhance the detection lifecycle and securing cloud environments against evolving threats.I specialize in researching and mitigating emerging cybersecurity exploits, vulnerabilities, and adversarial TTPs, with a focus on advanced threat actor behaviors. My work includes creating platform requirements to enrich alerts, automate remediation, and streamline incident response.In security incidents, I provide tactical detection support and develop advanced threat detection mechanisms. I continuously maintain and improve detection systems, documentation, and processes to ensure readiness against emerging threats.With a strong background in the MITRE ATT&CK framework, backend data structures (JSON, YAML), and query languages (SQL, KQL, Lucene), I conduct detailed security analysis across multiple platforms. I also develop custom tools, dashboards, and technical reports for stakeholders to enhance detection capabilities and maintain documentation for security processes.My focus on threat detection engineering, coupled with my extensive cybersecurity experience, allows me to deliver valuable contributions to ensure organizational security.

Strategic Audit and Security Enhancement: Comprehensive audit of our Azure environment, leveraging Microsoft Lighthouse and ARM templates. This visualized critical security gaps and emphasized the enhancement of our security protocols, significantly bolstering our cybersecurity framework.Threat Hunting and Analysis: refining our alert analysis process, making threat hunting and analyst investigations both efficient and effective with custom KQL queries, workbooks, and watchlists, automation scripts (PowerShell, Python). Elevating Threat Detection: A key focus of my role was enhancing threat detection within Azure Sentinel and Microsoft XDR Fostered a culture of creating detection rules based on applicable threats, closely aligning with the MITRE project. Implementing Detection as Code (DAS).APT Detection and Collaboration: Utilizing the MITRE framework Threat Intelligence research, Cyber Threat Emulations (CTE) team ensured the effectiveness of these custom KQL analytics for APT detection in Azure environments.Detection Engineer CI/CD Pipeline Implementation Gitlab Pipeline Implementation Technical Documentation and BaselineAdvanced Training and Capability Enhancement

- Distinguished NCO: Entrusted with critical computer network defense duties, including information security, system administration, and IT analyst responsibilities.- Information Security: Played a pivotal role in safeguarding sensitive data and critical infrastructure. Implemented robust security controls, policies, and procedures to ensure the confidentiality, integrity, and availability of systems and data.- System Administration: Managed and maintained unit-level data networks and information systems. Oversaw the installation, configuration, and troubleshooting of hardware and software assets, preventing downtime and addressing vulnerabilities promptly.- IT Analysis: Leveraged analytical skills to assess and improve IT infrastructure, identifying areas for enhancement and optimization. Conducted in-depth analysis of systems and networks to streamline operations and enhance efficiency.- Cybersecurity Expertise: Actively detected and shielded against unauthorized activity within sensitive SIPR and NIPR enclaves, utilizing a diverse arsenal of tools to analyze and respond to attacks and network threats.

- System Management: Assisting in maintaining and accrediting over 510 pieces of automation equipment and multiple commercial-off-the-shelf (COTS) software packages.- Hardware/Software: Developing annual plans for ADP hardware/software acquisition and ensuring STIGS policies were enforced.- Multi-Role: Served as System Administrator, Help Desk Analyst, Data Storage and Tracking Process Manager, and DEPO Email Manager. - Efficiency Improvement: Successfully reduced laptop reimage process time by an average of 10%.

- Security Management: Implemented and managed robust security controls, policies, and procedures to protect critical systems and data.- Vulnerability Assessments: Conducted regular assessments and implemented network security architectures.- Incident Response: Developed and executed incident response plans, conducting forensic investigations. - Training: Delivered comprehensive cybersecurity awareness programs, reducing social engineering attacks.