Jan 2022 – Jan 2023 · 1 yr

• ● Spearheaded the Governance, Risk, and Compliance (GRC) strategy and multi-year roadmaps to elevate the compliance framework
• ● Employed leadership in cyber risk management, vendor security assessment, and security training, to safeguard organizational assets
• ● Defined a robust risk management framework aligned with industry standards such as NIST 800-53, and CIS to transform privacy rules
• ● Oversaw security assessments to identify, assess, treat, and monitor cybersecurity risks from integrating industry best practices
• ● Enhanced the compliance program for regulatory requirements including SOC2, GDPR, and internal policies and standards
• ● Provided innovative data analytics and governance program solutions, successfully reducing compliance-related incidents by 47%
• ● Leveraged SQL to disseminate metrics for potential enterprise risks, leading to a 30% increase in risk visibility across departments
• ● Addressed governance issues within O365 security using Proofpoint and Cofense Phish to combat phishing attacks and email threats
• ● Supervised the completion of the Firewall Patterns project, simplifying operations associated with critical enterprise firewall rules
• ● Led initiatives to rectify process gaps in enterprise risk management and asset management processes across organizational workflows
• ● Integrated governance data into the Security Information and Event Management (SIEM) system for risk monitoring and alerting
• ● Integrated threat intelligence feeds into governance workflows, enhancing the identification of emerging risks
• ● Transformed incident response playbooks in collaboration with cybersecurity teams to empower standardized response procedures
• ● Initiated machine learning algorithms to predict risks based on historical data patterns, enabling proactive risk mitigation measures
• ● Oversee risk management program, including software security evaluation, vendor security assessments, and incident reporting

Jan 2021 – Jan 2022 · 1 yr

• ● Managed end-to-end Incident Lifecycle Management within Network Operations Center, achieving 100% of KPI metrics
• ● Spearheaded the implementation of the ServiceNow Security Incident Response Module to boost incident handling efficiency
• ● Automated User Reported Incident Response (IR) form, decreasing average response times by 38% to safeguard organizational assets
• ● Drove ticket management analysis, prioritizing tickets based on business impact and urgency criteria to optimize efficiency
• ● Tracked top issues for continuous improvement, resolving customer complaints within SLAs to maintain operational performance
• ● Harmonized with diverse teams to construct incident reports within ServiceNow, magnifying documentation accuracy to 97%
• ● Tested new Security Orchestration Automation Response capabilities to highlight the reliability of incident response procedures
• ● Led major incidents by determining the scope criticality based on affected systems, users, and businesses, to employ response actions
• ● Empowered Microsoft Threat Explorer, Microsoft Defender, Microsoft Sentinel, and Microsoft Purview to fortify O365 security
• ● Disseminated data for reports detailing success, utilization, disaster recovery policies, and emergency/incident management drills
• ● Correlated incident data to identify specific trends, recommending defense in depth principles for enhanced cybersecurity posture
• ● Applied cybersecurity concepts to defend against intrusions into IT networks by evaluating log data for threat intelligence
• ● Managed the development of key performance indicators for incident response to determine areas for improvement
• ● Optimized incident escalation protocols to govern timely notification for relevant stakeholders to minimize escalation response times
• ● Implemented an incident response training program for staff members to solidify readiness in incident handling procedures

Jan 2019 – Jan 2021 · 2 yrs

• ● Directed day-to-day operations of a 10-member SOC team, delivering round-the-clock incident response and threat resolution
• ● Executed strategic initiatives to enhance and expand SOC capabilities in alignment with business goals, driving operational excellence
• ● Established, tracked, and analyzed SOC performance metrics using BI tools, synthesizing insights and reports for senior stakeholders
• ● Oversaw organizational changes to adapt to evolving threat landscapes, emerging technologies, and industry best practices
• ● Constructed and preserved SOC documentation, policies, procedures, and response plans to safeguard compliance and readiness
• ● Curated new playbooks and rulesets to trigger actionable alerts, minimizing the risk of overlooking genuine threats during triage phase
• ● Worked with client Incident Response teams to conduct Root Cause Analysis to facilitate a formulate proactive mitigation strategies
• ● Incorporated detection rules across Security Information and Event Management (SIEM) and Endpoint Detection Response (EDR) platforms, including IBM Security QRadar SIEM, Crowdstrike, Splunk Phantom, Splunk User Entity Behavior Analytics, and Tanium
• ● Augmented Mean Time to Detect and Mean Time to Respond KPIs by 30%, fostering client satisfaction to drive contract renewals
• ● Administered thorough reviews of use cases and correlation rules through standardizing alert signal tuning to alleviate alert fatigue
• ● Mentored SOC analysts on triaging techniques by enhancing efficiency in managing the ServiceNow queue to meet client SLAs
• ● Established a robust QA process for SOC level-one analysts, enhancing triage efficiency to deliver exceptional security monitoring
• ● Bolstered maturity level of the Advanced Fusion Center Security Operations Center to level 3 for key clients for cybersecurity services
• ● Execute multi-level responses to address incidents, including distribution of directives, vulnerability advisories, and threat advisories

Jan 2018 – Jan 2019 · 1 yr

• ● Delivered tier-one security monitoring for clients, maintaining engagement with FIRE team to expedite incident response times by 18%
• ● Investigated alerts related to AWS services, leveraging analytical skills to pinpoint and eradicate potential security threats
• ● Revitalized processes and procedures for the Threat Analyst Team by streamlining workflows to bolster a 90% incident resolution rate
• ● Designed new playbooks to effectively handle emerging threats in the environment, reducing mean time to resolution (MTTR) by 25%
• ● Partnered with Software Engineers to implement Phantom in the client’s environment to automate repetitive tasks
• ● Optimized threat detection accuracy from reviewing rules to fine-tune the SIEM environments, minimizing false positives by 40%
• ● Integrated threat intelligence feeds into SOC monitoring tools, enabling proactive identification and mitigation of emerging threats
• ● Oversaw incident response simulation exercises to test the effectiveness of security processes and procedures
• ● Evaluated new security tools and technologies to enhance the SOC's capabilities, to promote alignment with organizational goals
• ● Guided forensic analysis on security incidents to determine the root cause and extent of compromise to scale future prevention efforts
• ● Initiated proactive threat hunting initiatives to identify and mitigate advanced threats that may evade traditional security measures
• ● Examined threat data from classified, proprietary, and open-source sources to provide indication and warnings of impending attacks

Jan 2017 – Jan 2018 · 1 yr · Plano, Texas

• ● Managed analysis efforts within the SOC environment, leveraging McAfee security products to classify security events and incidents
• ● Inspected security alerts and incidents through deploying robust triage, escalation, and resolution strategies against cyberattacks.
• ● Employed SIEM solutions to correlate and examine security event data, enabling the identification of threats and vulnerabilities
• ● Led security risk assessments to classify threats and vulnerabilities across business units, key assets, products, and services
• ● Designed security risk assessments to enhance disposal protocols for information assets that amplified posture maturity by 16%
• ● Elevated threat detection by 40% from deploying cloud-based Enterprise Security Manager to monitor security events
• ● Addressed WannaCry behavior on network endpoints, guiding prompt isolation and patching to mitigate 80% of potential threats
• ● Advised Security Operations Center during incident response and threat hunting activities by recommending remediation actions
• ● Drove threat hunting initiatives from scouring the network environment for indicators of compromise (IOCs) and suspicious activities

Jan 2016 – Jan 2017 · 1 yr · Dallas, Texas

• ● Oversaw daily monitoring and incident management, certifying optimal performance of critical applications, systems, and networks
• ● Reduced incident response time by 30% from reviewing system and network logs to devise technical solutions that curtailed incidents
• ● Utilized Splunk dashboards to monitor transaction flows in accordance to PCI-DSS compliance standards
• ● Led incidents from inception to resolution by administering Root Cause Analysis (RCA) for failures, expediting resolution time by 27%
• ● Implemented strategies for optimizing system performance, contributing to enhanced operational efficiency that reduced downtime
• ● Coordinated with cross-functional teams to govern swift resolution of incidents leveraging effective communication
• ● Developed and executed proactive measures to identify potential issues before escalation to minimize impact on business operations
• ● Enhanced network security by incorporating advanced threat detection and response protocols, to minimize security incident rates
• ● Monitored service availability using tools to perform weekly audits, maintaining a 99.9% uptime for critical systems

Jan 2014 – Jan 2016 · 2 yrs · Bossier City, Louisiana

• Delivered IT admin support to 80,000 users, resolved computing request hardware & software via telephone, and enabled remote tools. Finished computing requests for problem diagnostics, defined troubleshooting and documented break-fix solutions.
• Key Project Accomplishments:
•  Monitored constant feedback, created and developed new processes to support & assess current net infrastructure.
•  Recorded and escalated incidents in Remedy Ticket Manager to a designated technical support group; achieved reach monthly SLA’s set by management.
•  Logged and tracked inquiries in problem management database and maintained history records related to problem documentation, etc.
•  Identified, evaluated, prioritized customer problems, and fielded complaints to ensure inquiries resolved appropriately.

Jan 2012 – Jan 2014 · 2 yrs · Ruston, LA

• Served as level-two support services for teachers, faculty members, and students. Installed and maintained services for media, presentation systems, and smart podiums.
• Key Project Accomplishments:
•  Monitored and addressed work orders for service in Dell Kace client ticket queue systems.
•  Assisted technology department with desktop support; deployed and maintained desktop image inventory & databases for all designated computer labs.
•  Helped with access management; created & disabled user accounts, kept security standards and compliance.
•  Delivered support to campus network infrastructure, fixed network connectivity issues applied security patches and updates, maintained detailed security reports & statuses, and compiled frequent security scans and assessments.