Key Result Areas: SOC L3 Activity, Incident Response, VA & AV Management• Engineered realistic cyber-attack scenarios for training and simulation, replicating malicious campaigns to bolster team preparedness and response strategies• Researched and analyzed Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IoCs), utilizing Recorded Future and MISP to enhance defensive strategies and user training against live cyber threats• Oversaw the integration of global threat intelligence feeds and utilized Advanced EDR solutions for endpoint monitoring, leveraging Vectra Cognito to enhance threat detection and cyber-attack response• Directed network security operations through Deep Packet Inspection (DPI) and collaborated with Active Defense Analysts to triage and analyze threat events, ensuring timely escalation and resolution• Championed proactive threat hunting initiatives, implementing the Cyber Kill Chain and MITRE ATT&CK Frameworks to counter advanced persistent threats and mitigate attack vectors• Contributed to the development and tuning of SIEM use cases and security control configurations, using IBM QRadar and Splunk to significantly improve threat detection and response capabilities• Managed vulnerability assessments and compliance activities, employing Qualys for web application scanning and Tenable for vulnerability management, and developed remediation plans for identified vulnerabilities• Spearheaded the creation and maintenance of SOC documentation and Standard Operating Procedures (SOPs), providing strategic oversight on active Plans of Action and Milestones (POA&M) for information security• Implemented Security Orchestration, Automation, and Response (SOAR) solutions, utilizing Palo Alto Cortex XSOAR, to streamline incident response workflows, reduce manual effort, and enhance overall security operations

• 8 years of professional experience in the field of cyber security and worked closely with CISO, business managers, information risk advisors, solution architects and system engineers to identify, design and implement security controls which provide value driven risk reduction. • Experience in the field of security information and event management (SIEM)at enterprise level and successfully configured and implemented multiple SIEM solutions(Q-Radar, RSA envision and LogRhythm). • Perform hunting for malicious activity across the network and digital assets