Apr 2023 – Jun 2024 · 1 yr 2 mos · Spain · Remote

• Develop and implement robust incident response procedures, enabling rapid detection, analysis, and containment of security incidents.
• Conduct in-depth digital forensics investigations to identify the root cause of security breaches and unauthorized activities.
• Leverage threat intelligence sources to proactively detect and mitigate emerging cyber threats, enhancing our clients' security posture.
• Monitor Data Loss Prevention (DLP) systems, promptly identifying data exfiltration attempts and taking immediate action to prevent data leaks.
• Conduct phishing triage, analyzing suspicious emails, and identifying potential phishing campaigns to prevent successful attacks.
• Design and execute simulated phishing campaigns to raise awareness and educate employees on the risks associated with social engineering attacks.
• Perform Endpoint Detection and Response (EDR) investigations, analyzing endpoint data to detect and respond to potential security incidents effectively.

Jul 2021 – Apr 2023 · 1 yr 9 mos · Barcelona, Catalonia, Spain · Remote

• Monitoring and analysis of cyber security events: Specializing in EDR (Endpoint Detection and Response) and NDR (Network Detection and Response) triage, leading to effective investigations and threat mitigation.
• SIEM monitoring: Triaging alerts, and conducting thorough investigations to swiftly respond to potential security threats and incidents
• SIEM platform administration: troubleshooting issues, seamlessly integrating new assets, and ensuring optimal performance for enhanced cybersecurity
• Threat hunting: performed threat hunting activities to proactively identify and mitigate malicious activities, bolstering the organisation's cybersecurity posture
• Vulnerability management: Comprehensive scans, risk assessments, and the formulation of action plans to address identified vulnerabilities and enhance overall security
• Client debriefing: Communicating insights, risks, and action plans to clients with clarity and precision.

Jan 2021 – May 2021 · 4 mos · Madrid, Community of Madrid, Spain · Remote

• Monitoring and managing DLP alerts: Proactively handling Data Loss Prevention (DLP) alerts to safeguard critical information and sensitive data.
• Monitoring and analysis of cyber security events: Conducting in-depth analysis of cybersecurity events to detect and respond swiftly to potential threats.
• SIEM: Leveraging Security Information and Event Management systems for real-time threat detection and incident response.
• Vulnerability management: Identifying and mitigating vulnerabilities to fortify digital fortresses and enhance overall security posture
• Defining and implementing security controls: Crafting and deploying robust security controls to protect against evolving cyber threats.

Jul 2020 – Dec 2020 · 5 mos · Spain

• Auditing Windows and Linux
• Deployment and configuration of SIEM, firewall, IDS and VPN
• Design of security plans
• Pen testing
• Malware analysis
• Forensic analysis
• Analysis of devices, systems and networks
• Incident Management

Sep 2019 – Jul 2020 · 10 mos · Oxfordshire, England, United Kingdom

Apr 2017 – Sep 2019 · 2 yrs 5 mos · Reading, England, United Kingdom

Jun 2015 – Apr 2017 · 1 yr 10 mos · United Kingdom

Nov 2013 – Jun 2015 · 1 yr 7 mos

Mar 2011 – Nov 2013 · 2 yrs 8 mos