Security Engineer
CurrentSecurity engineer within the EPP team at Amazon.
Please complete the CAPTCHA to continue
A concise factual answer block for searchers comparing this professional profile.
James R. is listed as First gen, Gritty and Quitty, Data Detective, Insights and Improvements, Insider Threat at Amazon Security, based in Washington, District of Columbia, United States. AeroLeads shows a matched LinkedIn profile for James R..
James R. previously worked as Security Engineer at Amazon Security and Data and Detection Engineer at Yahoo. James R. holds Bachelor’S Degree, Security And Risk Analysis from Penn State University.
I dig data. You ever just wonder if anomalies are actually anomalies? Simple stats your type of fun on Saturday night? Well that’s me. I’m taking network security logs and finding the “fun” things happening. What happens when multiple “fun” things happen, well then you got one hell of a party!! My background is a mix of SOC, data analysis, and investigations. Technology empowers me! Creatively rethinking what’s possible. Challenges really are fun 😅. I like to think of myself as a Data Detective 🕵️♂️. More fun updates: LLM’s are awesome, even more so in a detection context. Building the next-gen insider framework for detection engineers and business folks alike.
Company context helps verify the profile and gives searchers a useful next step.
A career timeline built from the work history available for this profile.
Security engineer within the EPP team at Amazon.
Sunnyvale, Ca, Us
Building out the next generation insider threat and traditional detection engineering solutions.
Mclean, Va, Us
Built detection, hunt, and content development for a tech/telecommunications Insider Threat team. Developed the strategy to build a detection platform on top of ES Splunk without native UEBA. Prioritized and facilitated data onboarding based on insider threat kill-chain. Used advanced dashboard building within Splunk to allow for faster response times and made it easier to find the bad.
Mclean, Va, Us
Closely worked with Fortune 500 company to understand and document Incident Response and Monitoring processes. Built Incident and Monitoring cyber fusion center blueprint. Assisted in building Incident Response runbooks. Researched knowledge management solutions to determine best courses of action. Coordinated runbook consolidation into OneNote to mimic future ServiceNow solution for knowledge management. Built monitoring runbook.
Mclean, Va, Us
Responded to potential threats within a commercial client’s network through monitoring of security alerting portal. Investigated and triaged potential incidents using open-source intelligence (OSINT) and Cyber Threat Intel. Coordinated escalation and response actions within the network. Led large-scale removal of potentially malicious or exploitable software from systems on the network. Assisted in the development of a knowledge management system on Confluence. Coordinated fusion processes between Incident Response, Cyber Threat Intelligence, Threat Defense Operations, Tier 1 Monitoring, Vulnerability Management, and Team leads. Built scripts and logic to automate metric gathering to allow for enhanced awareness of inter and intra-team efficiency and overall mean time to respond for a large pharmaceutical client.
Mclean, Va, Us
Created advanced Splunk knowledge to coalesce data sources within environment for better user attribution. Developed insider threat dashboards within government clients network to detect possible insider threats. Utilized INSA, CERT, and NIST frameworks to develop use cases. Performed hunt and monitored Splunk dashboards to detect possible insider threats.
Mclean, Va, Us
Performed retroactive hunt and triage within confidential clients network. Utilized client systems to triage alerts. Analysis incorporated the use CrowdStrike’s endpoint tool, RSA’s Security Analytics tool, and open source intelligence (OSINT) collections. Used the information from the platforms to create tickets detailing facts about the connection type, destination reputation, network anomalies. Leveraged a local Splunk installation to provide visibility and correlations on traffic obtained from the PaloAlto firewalls.
Mclean, Va, Us
Developed standard operational procedures (SOP) for client. These SOPs included response to SQL injection attacks, data exfiltration, malicious IP investigation, and critical systems takedowns, empowering the client to triage and respond to security and network incidents. Developed Splunk queries and data correlations to allow real-time alerting and hunting.
Mclean, Va, Us
Developed multi-threaded python tool to enable Tier 1 cyber threat intelligence (CTI) analysts to better perform their job through automation of web scraping and reporting metrics, optimizing resources spent on a managed service activity by reducing total time spent from three hours per day to fifteen minutes per day. Monitor Splunk alerts for potential threats, and take necessary actions. Review log information from Splunk and escalate ticket dependent on information reviewed. Investigate other proprietary sources of information from Splunk dashboards to determine if action is needed. Stay up to date on major security blogs and news sites for new threats and vulnerabilities. Assist in forensic investigations. Build out tools to enable Tier 1, 2 and 3 analysts to better perform their hunting.
Mclean, Va, Us
• Researched drones and live aerial mapping systems to determine market and products for live aerial mapping, including live video overlays, with team of 6 other interns• Programmed Graphical User Interface (GUI) interface for combining live video feed with a mapping overlay to provide customer with a competitive and cost effective product using multiple languages including: Python, Java, and C++• Coordinated the Graphical User Interface, Video Processing, and Hardware groups’ single visions into a unified project which was executed and delivered for the SIG Booz Allen internship• Presented final prototype to 200+ Booz Allen Hamilton employees and interns, offering a creative and cost effective solution
Quick answers generated from the profile data available on this page.
James R. works for Amazon Security.
James R. is listed as First gen, Gritty and Quitty, Data Detective, Insights and Improvements, Insider Threat at Amazon Security.
James R. is based in Washington, District of Columbia, United States while working with Amazon Security.
James R. has worked for Amazon Security, Yahoo, and Booz Allen Hamilton.
You can use AeroLeads to view verified contact signals for James R. at Amazon Security, including work email, phone, and LinkedIn data when available.
James R. holds Bachelor’S Degree, Security And Risk Analysis from Penn State University.
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trial Search contacts