Soc Analyst
Current• Tracking and monitoring over 70 cyber-actors, integrating threat intelligence into client security platforms for proactive detection and mitigation.• Developed and managed phishing detection rules (Sigma Rules), including monitoring open ports, DNS records, and exposed assets to prevent potential risks.• Phishing Reconnaissance and Honeypotting to gather intelligence on adversary behavior and enhance security posture.• Expertise in Python for automation and data integration, leveraging syslog, HTTP, and SSH protocols.• Linux system administration, ensuring 24/7 secure operation of MISP and troubleshooting performance issues in MySQL databases.