Ivan Castillo Email & Phone Number

Phoenix, Arizona, United States

• Performed 80% of analysis in Linux distributions to prevent accidental detonation of malware and for the use of automated scripts to facilitate threat hunting for indicators of compromise (IOCs).
• Performed tier three analysis conducting log analysis, malware triage in support of incident response investigations in order to determine root cause with in-house and open source tools.
• Participated in weekly threat hunting meetings to share any new findings with the team as well as learn from others.
• Developed and presented comprehensive and accurate reports, security investigations, trainings and presentations forboth technical and executive audiences.

Phoenix, Arizona

• Enhanced current Standard Operation Procedures and Service Level Agreements to improve service delivery for the SOC and train other analysts with various open source and in-house tools.
• Provide assistance with log ingestion/integration of several applications into LogRhythm with guidance from team members and product support engineers, as well as fine tune rules to minimize false positives and.
• Investigate Data Loss Prevention incidents and escalate when necessary to the Compliance team for further action.

Tempe, AZ

• Provide enterprise wide monitoring, detection analysis & incident triage services in order to protect the digital assets and services of American Airlines, its customers, employees and partners.
• Analyze unusual traffic patterns in IBM QRadar to detect and prevent attacks and/or malware.
• Monitor all AA network devices and inform the Vulnerability Management team about any potential attacks with a sense of urgency to minimize business impact.
• Detect potential phishing/malicious emails in our environment and take appropriate action by blocking suspicious websites on Gateways, Search and Destroy malicious emails and blocking senders in EOP to mitigate.

Phoenix, Arizona

• Provide resolution to customer with issues relating to equipment failure by repairing aspects of equipment and in certain cases replacement of equipment.
• Exceeded key performance objectives of service and repair which includes maintaining a low rate of device exchanges by exhausting all repair options in-store before considering ordering replacement device.
• Created detailed service reports and documentation of each device submitted for repair.