Andrew W. Email & Phone Number
Who is Andrew W.? Overview
A concise factual answer block for searchers comparing this professional profile.
Andrew W. is listed as Principal Cybersecurity Engineer, Threat Prevention Engineering at Ally, based in United States. AeroLeads shows a matched LinkedIn profile for Andrew W..
Andrew W. previously worked as Principal Cybersecurity Engineer | Cyber Analytics and Data Science at Ally and AVP, Identity Defense at Bank Of America. Andrew W. holds B.A., German Language And Literature from University Of North Texas.
Email format at Ally
This section adds company-level context without repeating Andrew W.'s masked contact details.
Review company-level records connected to Andrew W. before choosing the right outreach path.
About Andrew W.
Languages: Splunk SPL, Python, HTML, CSS, JavaScript, C++Core Strengths: Information Security Professional with a demonstrated history of working in Cybersecurity, Threat Intelligence and Data Analytics. Skilled in Incident Response, Threat Hunting, OSINT, Threat Detection, Engineering and Automation. Soft Skills: Teaching and Mentoring, Business Acumen, Strong Communication and Teamwork Skills, Strong Presentation Skills, experience with multiple Compliance Frameworks (NIST, PCI DSS, ISO 27001)
Andrew W.'s current company
Company context helps verify the profile and gives searchers a useful next step.
Andrew W. work experience
A career timeline built from the work history available for this profile.
Principal Cybersecurity Engineer | Cyber Analytics And Data Science
Avp, Identity Defense
• Built, tuned and enhanced SPL for multiple teams.• Designed a network of interconnected dashboards in Splunk• Integrated external data sources into Splunk dashboards• Built account monitoring dashboards in Splunk• Built and implemented Splunk alerts to detect anomalous account activity • Created user behavior baselines (UBA) and used daisy chaining to detect anomalous activity• Developed a prioritization system for handling egregious user behavior• Utilized SVN for version control• Built out new processes, controls and supporting documentation, related to the implementation of human and non-human accounts• Documented workflow, processes and tooling in Confluence• Conducted adhoc investigations and delivered reports to technical and non-technical stakeholders• Identified patterns of fraudulent activity and violations of AUP• POC for analysts in incident response and investigations• Mentored analysts in Splunk and hosted Splunk learning sessions• Developed a mini-CTF for the Identity Defense team• Worked alongside SOAR team to develop playbooks in Splunk SOAR (Phantom)• Automated investigative processes• Assisted with data ingestion and the implementation of new logs (IAM/MFA)• Assisted Splunk engineering team to troubleshoot performance issues• Worked with multiple datasets with a heavy focus on endpoint, authentication and network logs.
Cybersecurity Engineer - Associate
• Analyzed data from technical security controls (e.g. cloud, individual host logs, network traffic logs, firewall logs, IDS/IPS logs, enterprise AV) to identify possible threats to on-prem and cloud environments.• Content development and alert tuning• Created, validated and implemented log monitoring correlation rules in the SIEM• Detection management - improve the fidelity, context and automation of new and existing alerts.• Identified outliers and patterns by analyzing TBs of data in SIEM• Researched new threats and create logic to detect associated IoCs• Developed cloud detections and investigate cloud incidents• Performed malware analysis on malicious files to gather indicators of compromise.• Participated in interdepartmental threat hunting and purple team engagements • Collaborated with intelligence analysts to identify new and emerging threats• Worked regularly with SIEM, SOAR, EDR, AV, FW, IDS/IPS, DLP, UBA platform and other security appliances used to detect anomalous behavior • Performed incident triage• Utilized and configure UB Analytics and Honey Pot technologies to detect insider threats and lateral movements• Provided real-time cyber security incident handling from initial detection to final resolution• Managed SNORT and YARA detection rules• Developed automation playbooks in conjunction with the development of local detections
Cyber Intelligence Analyst
• Responsible for daily incident triage, analysis and reporting, client account management, and wider industry threat analysis. • Investigated cyber actors, tactics, techniques and procedures.• Performed OSINT and conducted analysis using analytical tools such as i2, Maltego, Elliptic• Analyzed and pivoted through large data sets in Kibana• Discovered trends in disparate pieces of information, to form logical conclusions, and provide mitigation solutions to clients.• Composed and reviewed incident reports directly with security and IT teams.• Provided quantitative and qualitative reports to help clients better understand their security posture.• Trained new colleagues and assisted with the on boarding process. Helped establish and write policies and procedures.• Conducted investigations on the Clear and Dark Web• Utilized TIPs to identify active campaigns and provide attribution to investigations• Primary analyst for German operations.• Assisted with Russian translations and investigations
Educator - German Teacher
• Instructor of German courses I - IV AP• Founded a local chapter of Delta Epsilon Phi (National German Honor Society) for Georgetown and East View High School.• Provided additional virtual instruction to students enrolled in the program• Mentored and assisted students• Drafted and presented quantitative reports on program development and academic achievements• Received community awards and accolades for program accomplishments and contributions
Educator - German Teacher
• Instructor of German Courses I - IV AP• Designed and implemented German IV AP course
Colleagues at Ally
Other employees you can reach at ally.com. View company contacts →
John Kempel
Colleague at AllyGreater Chicago Area, United States
View →
AT
Andrea Tinsley
Colleague at AllyCrandall, Texas, United States
View →
NV
Natalie Vereecke
Colleague at AllySt Clair Shores, Michigan, United States
View →
TP
Tempestt Pettit
Colleague at AllyConway, Arkansas, United States
View →
AH
Alexia Harrison
Colleague at AllyDallas-Fort Worth Metroplex, United States
View →
AH
Ath Hunter
Colleague at AllyDetroit Metropolitan Area, United States
View →
SB
Steven Burchianti
Colleague at AllyTrabuco Canyon, California, United States
View →
OW
O’Lee Washington
Colleague at AllyProsper, Texas, United States
View →
CD
Chatera Duggan
Colleague at AllyUnited States
View →
MM
Melissa May
Colleague at AllyRaleigh-Durham-Chapel Hill Area, United States
View →
Andrew W. education
B.A., German Language And Literature
Post Graduate Program In Data Science And Business Analytics
U.S. Foreign Language Teaching Assistant - Scholarship Recipient, Salzburg, Austria
Internship
Frequently asked questions about Andrew W.
Quick answers generated from the profile data available on this page.
What company does Andrew W. work for?
Andrew W. works for Ally.
What is Andrew W.'s role at Ally?
Andrew W. is listed as Principal Cybersecurity Engineer, Threat Prevention Engineering at Ally.
Where is Andrew W. based?
Andrew W. is based in United States while working with Ally.
What companies has Andrew W. worked for?
Andrew W. has worked for Ally, Bank Of America, Gm Financial, Digital Shadows, and Georgetown Isd.
Who are Andrew W.'s colleagues at Ally?
Andrew W.'s colleagues at Ally include John Kempel, Andrea Tinsley, Natalie Vereecke, Tempestt Pettit, and Alexia Harrison.
How can I contact Andrew W.?
You can use AeroLeads to view verified contact signals for Andrew W. at Ally, including work email, phone, and LinkedIn data when available.
What schools did Andrew W. attend?
Andrew W. holds B.A., German Language And Literature from University Of North Texas.
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trial