Warwick Webb Email & Phone Number

Reston, VA, US

Sydney, NSW, AU

Mountain View, California, US

Boston, Massachusetts, US

• Leading Rapid7 Managed Detection and Response (MDR) and Incident Response Consulting services.
• Grew the MDR business by more than 300% in four years.
• Built out a global security operations organization, with teams in the US, Ireland and Australia.
• Fully integrated our MDR and IR consulting lines of business.
• Evolved our XDR platform to better address the needs of our customers and our own SOC and incident response teams.

• Partnered with a leading hospital system to develop a managed security service focused on protecting small medical practices.
• Developed an innovative approach to securing these practices while providing real-time compliance data to support third-party risk management programs.
• Built, deployed and managed all production infrastructure and services.

San Francisco, California, US

• Led a security engineering team responsible for building, deploying and managing detection and response infrastructure.

San Francisco, California, US

San Francisco, California, US

• Built and led the Salesforce Computer Security Incident Response Team (CSIRT), a 24x7 team responsible for security monitoring and incident response across all Salesforce environments.
• Staffed up world-class teams in multiple geographic locations to provide robust follow-the-sun coverage.
• Led the response to complex high severity security incidents, coordinating incident response actions across multiple functional teams to rapidly contain and eradicate threats.
• Partnered with executive leadership, legal, PR, and customer support during incident response to determine business impact and manage internal and customer-facing communications.
• Developed a security monitoring and incident response tracking system on the Salesforce platform.

San Jose, California, US

• Led the US security analysis team for Symantec Managed Security Services.
• Responsible for the security monitoring of all Symantec MSS customers in North America.
• Managed a team of security analysts, from day-to-day oversight of service delivery to professional development and performance management.
• Consolidated two analysis teams with duplicate functions into one team with a single mission and clearly defined roles and responsibilities.
• Worked with customers to resolve complex issues or requests.

San Jose, California, US

• Overhauled the MSS log collection, analytics and storage architecture in order to reduce cost, improve performance and resiliency, and enable additional service offerings.
• Built a log management service for the archiving, alerting and reporting of operating system and application log data. Replaced the proprietary ticketing system used by Symantec SOCs with a new off-the-shelf workflow.
• Designed and implemented enhancements to the MSS analytics engine responsible for analyzing billions of security logs per day.

San Jose, California, US

• Defined operational policies and processes for Symantec Security Operations Centers (SOCs) worldwide.
• Routinely implemented automated filtering and event handling logic to reduce the volume of alerts presented to analysts. Updated technology and processes to detect and respond to new emerging threats.
• Developed a comprehensive set of operational metrics to measure the quality and efficiency of analysis services delivered to our customers.

San Jose, California, US

• Managed a team of security analysts responsible for the development of security content for Symantec products.
• Played a leadership role in all stages of the software development life cycle, including requirements gathering, design, development, QA, and ongoing product support.

San Jose, California, US

• Integrated numerous security products with Symantec Incident Manager. These integration efforts included installing and configuring security products, generating a representative set of security events, and writing the.
• Developed event filtering and correlation logic to enable the automated identification of security incidents.
• Trained and served as a security analyst at the Symantec Security Operations Center.

• Installed, configured, and analyzed the log output from a broad array of security products.
• Simulated attacks in a lab environment in order to study how hacker tools and techniques are detected.
• Developed log parsing and detection rule sets for the company's enterprise SIEM solution.
• Planned and executed the deployment of this software at government and commercial sites.
• Developed a comprehensive build, configuration management, QA, and software distribution process.

Master Of Science, Information Systems

Bachelor Of Science, Journalism, Political Science