Shon Gorin

Hands-on experience with a wide range of security tools:

• SOAR: Palo Alto XSOAR, Splunk SOAR, Torq, Microsoft Sentinel
• SIEM: Splunk Enterprise Security, IBM QRadar, Microsoft Sentinel, ArcSight
• XDR/EDR: CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, Cortex XDR, Trend Micro Apex One
• IDS/IPS: Symantec Endpoint Protection, Trend Micro Deep Security (HIDS/HIPS), Trend Micro Deep Discovery Inspector (NIDS)
• Investigated escalated security alerts across healthcare, insurance, and banking environments
• Reduced false positive security alerts by 30% through custom detection tuning and rule optimization for a key client, significantly improving SOC efficiency and response accuracy.
• Handled incident response lifecycle: detection, triage, containment, and documentation
• Documented incident timelines, responses, and follow-ups for internal and client use

• Monitor and maintain the health and performance of the network infrastructure in a 24/7 NOC environment.
• Respond to alerts and incidents, perform root cause analysis, and implement corrective actions to minimize downtime.
• Collaborate with cross-functional teams to troubleshoot and resolve network issues, ensuring seamless connectivity for end-users.
• Execute routine network health checks and preventive maintenance tasks.
• Document network configurations, changes, and incident resolutions for future reference and improvement.

• Performed troubleshooting and diagnosis on malfunctioning equipment.
• Increased customer satisfaction with prompt and knowledgeable support for various technical issues.
• Tested systems, noting issues and completing preventive maintenance.
• Performs regular system maintenance, backups, physical to virtual migrations and performance tuning.
• Works fluently with Microsoft Office and other Windows based systems.