Security Operation Analyst
-Perform Threat Hunting for malicious activity across the network, endpoints, and in the cloud.-Manage Cortex XDR. Planned installation and built policies for EDR. Investigate incidents and remediate based off severity and business impact. Create whitelist and exceptions for benign findings and false positives. Update agents and planning additional Operating System deployment plan. -Wrote Incident Response Playbooks and PowerShell scripts to aid in remediation. Identified additional Playbooks needed and participate in Tabletop exercises.-Conduct Incident Response using security tools for detection and responding to reported incidents. Coordinate with multiple teams for remediation and inform leadership of status. Lead team discussions for preventing future incidents and present leadership solutions. Develop signatures to detect similar activity in security tools.