Jonathan N. Email & Phone Number

Mclean, VA, US

• Authoring and presenting cyber threat intelligence briefings to internal and external stakeholders
• Development of KPIs and metrics for the cyber threat intelligence program
• Refining and enhancing cyber threat intelligence collection, analysis, and enrichment processes
• Continual improvement of threat modeling and threat detection
• Leading collaboration efforts with cross-functional teams to drive security and product enhancements
• Managing third party vendor relationships for security tools and services

Mclean, VA, US

• Utilization of intelligence collection and reporting tools to produce detailed, actionable analytical reports
• Leading the security operations team in executing proactive threat hunts
• Conducted technical tracking and profiling of cybercrime activities and advanced adversaries
• Identified and investigated emerging threat actor activities across diverse internal and external sources

Mclean, VA, US

• Spearheaded development and implementation of processes, procedures, and playbooks for cyber security operations, threat intelligence, and cyber fraud
• Triaging, investigating, and remediating cyber threats as a member of the CSIRT team
• Providing technical guidance and mentorship to Tier 1 Security Analysts
• Developed and contributed to post-incident after action reviews
• Creation, development, and tuning of Splunk alerts & dashboards based on relevant use cases
• Constructing and deploying security awareness training scenarios and phishing campaigns

Arlington, Virginia, US

Silver Spring, MD, US

• Leveraged SIEM, SaaS, and SOAR tools to triage, investigate, and remediate cybersecurity threats
• Improved security posture by building and tuning threat detections
• Performing 24/7 security monitoring of the enterprise network
• Analyzed packet captures using Wireshark and RSA NetWitness Investigator for malicious network traffic
• Monitored for and remediated DLP, account reset and password compliance, and PII incidents
• Utilized Active Directory to disable/enable accounts and assets

London, GB

• Triaged and remediated incidents and alerts escalated by Tier 1 analysts in accordance to the incident response workflow
• Drafted and enforced company SOPs to harden overall security posture of site security systems
• Supervised the drafting and dissemination of incident reports, memorandums, and threat research
• Utilizing various SaaS & proprietary security tools and technologies to assess and remediate threats across multiple security disciplines
• Assisted in the development, revision, and implementation of Standard Operating Procedures
• Interfaced with high-level government clients and participated in weekly Security Committee meetings

London, GB

• Continuously monitored intrusion detection and access systems for security incidents and abnormalities
• Analyzing packet captures using Wireshark and RSA NetWitness Investigator for malicious network traffic
• Utilized access management tools to disable/enable user accounts and grant or deny permissions
• Conducted inventory and security of sensitive assets (PIV cards, HSPD-12 badges, devices)
• Triaged, documented and escalated security incidents in adherence to standard operating procedures