+ Detection & Data Engineering: expertise in designing and implementing advanced detection strategies to fortify cybersecurity defenses and secure the ingested data is properly disposed on SIEM for hunting and investigations;+ Frameworks Mastery: MITRE ATT&CK Matrix applied to everyday SOC activities;+ Threat hunting: proactive identification and investigation of potential threats to preemptively strengthen security measures;+ Cyber Threat Intelligence: offensive/defensive research… Show more + Detection & Data Engineering: expertise in designing and implementing advanced detection strategies to fortify cybersecurity defenses and secure the ingested data is properly disposed on SIEM for hunting and investigations;+ Frameworks Mastery: MITRE ATT&CK Matrix applied to everyday SOC activities;+ Threat hunting: proactive identification and investigation of potential threats to preemptively strengthen security measures;+ Cyber Threat Intelligence: offensive/defensive research for consistent improvements on SIEM detections and cyber maturity by providing valuable information to the security operation team to anomalies identification;+ SOAR Automation: development of security orchestration, automation, and response solutions for efficient incident response;+ Use cases: crafting effective use cases for threat detection and response across diverse systems and devices;+ Incident Analysis: proficient in cybersecurity incident and detection analysis, with a hands-on war room experience;+ Process Optimization: Design of internal processes with a focus on performance and results, contributing to overall operational efficiency;+ Consultancy and Support: providing valuable support and internal consultancy to the monitoring and incident response teams (Tier 1, 2);+ Reporting Expertise: performing reports in cybersecurity context to show the real value of the real time monitoring;+ Programming Skills: strong foundation in programming logic, with practical application of Python on production servers and for automation purposes;+ Advanced English; Show less

+ Threat Hunting as a Habit+ SIEM troubleshoot (multiple vital points of infrastructure as system, OS, application and network communication)+ Team Work to target performance, results and knowledge shares + Customer relationship: working on cooperation model, leading meetings weekly as supplier to achive the costumer goals on security operation center environment by executing threat hunting tasks, ioc research, use cases development+ Incident Response based on MITRE and best… Show more + Threat Hunting as a Habit+ SIEM troubleshoot (multiple vital points of infrastructure as system, OS, application and network communication)+ Team Work to target performance, results and knowledge shares + Customer relationship: working on cooperation model, leading meetings weekly as supplier to achive the costumer goals on security operation center environment by executing threat hunting tasks, ioc research, use cases development+ Incident Response based on MITRE and best practices on cybersecurity context dealing with War Rooms and executing log hunting to security incident investigation, working also with SIEM reports and ioc/evidence analysis+ Script development to automate repetitive routines and integrate new event source on different systems (by using a good doc, there’s no worries about how to do it as you just need to follow the cookbook)+ Log RAW Analysis (Windows, AD, Firewall, EDR, Exchange, WAF, Linux, Citrix, Microsoft 365 )+ Python, PowerShell, Bash, C#, JavaScript, Java+ DevOps: Not a skill, a life style on production systems+ SIEM Use Cases code development based on a bunch of devices as told previously. The alerts are create to monitor the environment and triggers when it identify anomalies like DDoS, API Web Shell, Windows Security Offences, Email Security, User behaviour, Suspicious Network Traffic etc. This exercise requires threat intel and hunting, code development plus programming logical, QA tests and production insertion making each use case a single project + English: Leading troubleshooting against our SIEM suppliers dealing with the followed processs by first opening the ticket to explain the case issue, including what I’ve tried and searched about it, after the details usually it’s occurs a tech meet, where I usually lead and share about the problem to the analyst on the other side, after the troubleshoot its important to make sure to learn how the case was solved for possible future similar situations Show less

+ Threat Hunting+ Incident Response+ Full Stack Developer+ SIEM Troubleshoot + Log Analysis (Windows, AD, Firewall, EndPoint devices)+ Python+ DevOps+ Use Case creation for production environments

+ Bash / script+ MSSQL+ ASP NET+ HTML / CSS / Bootstrap+ AJAX / Javascript + Programming Logic

Developing solutions using HTML5, CSS3, NodeJS, JS, MySQL, C#, HTMLAGILITYPACK and XML for a fintech focusing on the Value Chain Finance market.

• Customer service • Network setting;• Remote computer control;• Computer maintenance;• Supporting in big events (Audio Visual);