• Established and Strengthened the CTI Team: Played a pivotal role in building WPP’s Cyber Threat Intelligence (CTI) team, consolidating insights from multiple sources for robust brand monitoring. Curated and streamlined 14,000 domains to 7,000, greatly improving monitoring efficiency.• Procured Advanced Tools: Led procurement of intelligence tools like Silobreaker, Recorded Future, ThreatConnect, and Mandiant, boosting threat detection and response.• Developed Priority Intelligence Requirements (PIRs): Collaborated with SecOps to create PIRs, building custom dashboards in Silobreaker and intelligence cards in ThreatConnect aligned with MITRE techniques.• Delivered Weekly Briefings: Presented weekly updates on emerging threats and industry trends to keep technical and non-technical stakeholders informed.• Authored Malware Reports: Produced detailed analyses on info stealer malware, supporting threat hunt teams with detection and hunting queries.• Supported Incident Response: Provided intelligence during major incidents, such as a Coinminer infection, and developed KQL queries for proactive threat hunts.• Led Vulnerability Intelligence: Established a function to reduce high-severity vulnerabilities, systematically managing zero-days and exposures.• Mitigated PII Exposure: Monitored dark web for PII exposure, providing actionable mitigation steps to users.• Integrated Threat Intelligence: Used ThreatConnect to consolidate intelligence sources and push indicators to Microsoft Defender for Endpoint, improving SOC reporting and reducing false positives.

Delivered Comprehensive Security Solutions: Provided high-quality security solutions, participating in security planning and conducting in-depth threat intelligence analysis to proactively mitigate risks for clients across various industries.Managed Security Incidents: Conducted triage, identification, and analysis of threat events, escalating incidents as necessary and creating analytical use-cases for anomaly detection. Enhanced client security postures through targeted incident handling.Conducted Security Awareness Training: Developed and delivered security awareness training programs, empowering clients to recognize and respond to potential threats, significantly reducing the likelihood of security breaches.Developed SIEM Alert Templates and Dashboards: Created customized SIEM alert templates and dashboards, enhancing the monitoring and detection capabilities of client security operations.

Managed Real-Time Security Monitoring: Oversaw real-time security monitoring, incident handling, and response activities across various log sources, ensuring swift identification and mitigation of threats.Conducted Vulnerability Assessments: Performed comprehensive vulnerability assessments, investigating phishing attacks, and conducting proactive threat hunting to identify and mitigate potential risks.Communicated Threat Severity and Remediation: Effectively communicated threat severity and provided remediation recommendations to clients, enhancing their overall security posture.

Conducted Security Monitoring and Log Analysis: Performed security monitoring and log analysis, researching evolving threats and vulnerabilities to provide actionable insights to the security team.Supported Incident Response: Escalated security alerts and provided critical support during incident response activities, contributing to the resolution of security incidents.