Dynamic Security Engineer with extensive experience designing scalable SOAR workflows, tuning endpoint detection tools, and deploying enterprise-wide security automation strategies. Proven success in reducing alert fatigue and enhancing detection accuracy through engineering efforts across modern EDR and XDR platforms. Adept at leading incident response efforts, aligning detection logic with MITRE ATT&CK, and advancing organizational security posture through proactive automation, enrichment strategies, and system hardening.
• Recognized as a High-Performance Individual in 2023 for exceeding expectations in incident response and threat detection.
• Awarded the Wings of Excellence in 2024 for outstanding contributions to security automation and operations.
• Built and deployed Splunk SOAR playbooks to automate IOC enrichment and threat blocking, reducing manual triage time by 60% and improving SLA adherence.
Developed a Python-based backend script to collect IOCs from over 30 open-source and private threat intelligence feeds, integrating it with Splunk and SOAR for proactive blocking.
• Deployed and configured Digital Guardian for USB control and DLP enforcement, and Cisco Umbrella for DNS-layer protection across enterprise endpoints, strengthening endpoint security posture.
Automated daily asset discovery scans and vulnerability reporting using Rapid7 InsightVM, enhancing leadership visibility into newly onboarded and high-risk assets.
• Tuned SentinelOne and Microsoft Defender policies to reduce false positives and improve detection accuracy across enterprise endpoints.
• Conducted quarterly threat hunts to identify and remediate misconfigured or vulnerable assets across the organization.
CompTIA Security+
CompTIA Network+
Microsoft SC-900
Rapid7 InsightVM/AppSec
TryHackMe - Junior Penetration Tester
Splunk SOAR Automation