- Established and operated an advanced, scalable, Threat hunting program consisting of 2 FTE Threat hunters, 8 Cross-functional hunters, 24/7 SOPs, custom tooling, and a purpose-built Threat Intelligence and Hunt ticketing system- Successfully identified active 0-day APT threats at multiple stages of the attack chain using a combination of emerging Threat Intelligence and awareness of common adversary techniques, tactics, and procedures- Became a top resource for supporting high-profile… Show more - Established and operated an advanced, scalable, Threat hunting program consisting of 2 FTE Threat hunters, 8 Cross-functional hunters, 24/7 SOPs, custom tooling, and a purpose-built Threat Intelligence and Hunt ticketing system- Successfully identified active 0-day APT threats at multiple stages of the attack chain using a combination of emerging Threat Intelligence and awareness of common adversary techniques, tactics, and procedures- Became a top resource for supporting high-profile and high-impact incidents- Created advanced SIEM Dashboards in Splunk to orchestrate hunting of atomic IOCs across all relevant data sources, drastically improving the speed and consistency of simple IOC hunts. These later became the basis for Automated hunting, for which I was also involved in development and driving the need- Communicated risk of recurring and emergent threats to both Leadership and the corresponding teams in proximity of those threats- Helped establish an “Operational Risk Registry” to track the status of risks discovered from Threat Hunting and Incident Response lessons learned- Measured program progress with both OKRs and KPIs in line with the higher Cyber Operations organizational objectives- Developed multiple reporting dashboards related to the intelligence and hunting programs’ activities- Analyzed Threat Intelligence from a curated list of open and closed source Intelligence sources- Held highest overall achievement score in ImmersiveLabs cyber training platform amongst 32 peers (107k points). Also held highest number of labs completed at difficulty levels 8, 9, and 10. In total: 750+ labs, 249 CEU’s, in approximately 4 years Show less

- Led a team of Cyber Security professionals tasked with performing SOC operations, incident response and various cyber security enhancing projects- Key provider of evidence to attain NIST 800-171 compliance- Primary incident responder for all Tier 3 incidents- Onboarded, trained, and mentored junior SOC and CIRT members, including the development of SOPs for all members to follow for various frequent use case scenarios- Identified numerous improvement opportunities for Splunk… Show more - Led a team of Cyber Security professionals tasked with performing SOC operations, incident response and various cyber security enhancing projects- Key provider of evidence to attain NIST 800-171 compliance- Primary incident responder for all Tier 3 incidents- Onboarded, trained, and mentored junior SOC and CIRT members, including the development of SOPs for all members to follow for various frequent use case scenarios- Identified numerous improvement opportunities for Splunk Correlation rules, Firewall Rules, and Endpoint Security configurations- Established and maintained a formal company-wide Phishing Awareness and Response Program. Including simulated campaigns, reporting metrics, and phishing response SOPs.- Reduced company-wide phishing susceptibility by 65%- Represented the company at industry conferences including those specific to Government Defense and Aerospace Contractors Show less

- Served as top tier, dedicated technical account support for Symantec’s flagship enterprise product: Symantec Endpoint Protection, which included functionality for Antivirus, Host Firewall, Host IPS, and Network access Control- Simultaneously serviced 3 Fortune 500, and 2 Fortune 100 accounts with Endpoint environments ranging from 15k to 220k Endpoints each- Achieved a 100% customer renewal rate during my tenure and received positive reviews from each of my 5 named accounts during… Show more - Served as top tier, dedicated technical account support for Symantec’s flagship enterprise product: Symantec Endpoint Protection, which included functionality for Antivirus, Host Firewall, Host IPS, and Network access Control- Simultaneously serviced 3 Fortune 500, and 2 Fortune 100 accounts with Endpoint environments ranging from 15k to 220k Endpoints each- Achieved a 100% customer renewal rate during my tenure and received positive reviews from each of my 5 named accounts during every review period- Provided direct expert level support to the named contacts within my 5 dedicated customer accounts on issues ranging from: active virus outbreaks, intrusion events, installations, upgrades, configuration, product defects, and enhancement requests- Worked high severity issues across a 24/7 Follow the Sun support model with TAMs in EMEA and APAC- Leveraged other advanced company resource departments as needed to resolve the needs of the customer, including Back Line Engineering, Security Response, and Malware Analysis Teams- Represented the company on Executive Level Briefs with the customer, engaging additional company resources where fitting for the call Show less

- Supported SSL certificate suite of products at the enterprise level. Ranging from Enterprise Managed PKI services to small business customers.- Consistently maintained High Customer Satisfaction ratings and case volume- Created and updated Knowledge Management Articles regarding Technical Troubleshooting and Instructional Guides