• Advised senior leadership on critical security issues, indicators of compromise, and risk mitigation strategies.• Led cyber threat hunting engagements and managed departmental technologies for all SOC projects.• Architected and implemented the agency's Emerging Threats program in conjunction with vulnerability management initiatives.

Provide road map for revised cyber security posture to and assimilation of all merger and acquisition clients into the WSP network. Lead Project review and 3rd party risk assessments for all Mergers and Acquisitions through organization. Engineer security solutions such as established Incident response, EDR and NDR. Review Email security status and provide industry standard feedback. Review Pen test results and provide remediation steps for any known vulnerabilities Run vulnerability scans using Nessus for potential Mergers and Acquisition clients. Provided Analysis around core functions of Incident handlers and inspection of potential security breaches and incidents. Build vulnerability and threat reports. Evaluate emerging threats and provide active threat hunting.

• Led project deployment and completion for Incident Response Tools in SOC, including Qradar, Mcafee ePO, Rapid 7 Nexpose, and more.• Supervised a team of SOC incident respondents/administrators, providing analysis on potential security breaches and incidents.• Built vulnerability and threat reports, evaluated emerging threats, and conducted active threat hunting following the cyber kill chain model.

Cyber Security Engineer in the S.O.C

information security engineering

information security risk management

information security engineer

Participate in weekly project production meetings for phases or the project reportingReview reports for modification or specifications of phases and project deadlines.Migrate Unix/Linux servers, Remove and replace Policies on Unix\Linux servers Using Quest QAS/VAS and O.A.T tools.Review Users, Application accounts, and file share permissions on All Accounts.Create, Review, and modify change management and controls for server Migration and remediation

Review security logs for anomalies, patterns, and variants using ArcSight.Research, review, and report on all potential vulnerabilities to the network.Coordinate reporting to other teams and information gathering of risks.Review Logs files and reports from IPS, IDS, Proxy Servers and MS Servers.Performs initial triage of all security events and in depth analysis of threats to the network as well as proactive security measures.Security vulnerability scanning for web hosts, network devices, and all computer systems.Write, review, edit, documents and procedures on processes. Standard operating procedures (SOP’s)

Security operations center analyst security review, alert monitoring, Analysis, Event classification, reporting and device health investigation.Creating, Provisioning, and Modifying end user and system accounts. Providing security around files folders and applications

Create, modify, and delete end-user and system accounts for applications and operating platformsEnsure proper authorization is received/issued/created for all access changesAdminister security and access across multiple computing platforms. Unix, Linux, Active Directory, Oracle.Troubleshoot access issues including review of current access setups and working with end users, developers, and infrastructure staff to identify and correct issues.

Technical support for all lines of business.