FlowCV Logo
Profile

Cybersecurity professional with extensive experience in Detection Engineering and Security Operations, specializing in automating enterprise-level incident response and integrating SIEM and SOAR platforms to enhance security posture

Work Experience
IBM, Lead Operations Engineer - CISO team
06/2023 – present
  • Led a development group during a migration of SOAR platforms within a two-month timeframe, resulting in significant cost savings. Included the design and development of fully automated device network isolation playbooks leveraging Python to streamline EDR and incident response processes. Collaborated closely with partner teams, including the SOC and Detection Engineering, to ensure alignment and integration of new workflows.
  • Led the development of a secure, automated web application that enabled senior SOC analysts and key stakeholders to revoke potentially malicious emails from user inboxes in real time, streamlining incident response and reducing user exposure to threats.
  • Architected and led the development of an internal emergency response web application to replace manual efforts by incorporating fully automated modification of custom block/allow lists within our organization's WAF and VPN enterprise soluions, thereby reducing response time to potential threats. The application, built with Python, served as a front-end interface to our incident response playbooks, leveraging APIs to interact directly with various renowned security solutions.
  • Designed and implemented a centralized playbook within our SOAR platform, serving as a vital intermediary between a centralized SIEM and the SOC. Empowered Threat Hunters and Detection Engineers to initiate internal monitoring hunts and investigations, and automate alert escalation during critical incidents.
  • Oversaw development and implementation of playbooks and integrations within our SOAR platform in both our commercial and FedRAMP boundaries, automating 70% of Cloud offense workflows. Enhanced SOC efficiency by prioritizing critical alerts impacting business operations.
    • IBM, Cybersecurity Engineer - CISO team
    05/2021 – 06/2023
  • Developed multiple machine learning models and real-time notification and response mechanisms leveraging the Elastic SIEM. These solutions were instrumental in identifying aberrant user behavior such as anomalous downloading of executive-owned files, detecting unusual network traffic patterns, and preempting potential lateral movement within the network.
  • Wrote and hosted a set of real time response Python scripts using OpenShift CI/CD to identify devices potentially affected by the Log4j, patch Tuesday, and other vulnerabilities.
  • Engineered ETL pipelines to systematically gather diverse metrics, device ownership data, and critical business analytics for dashboards utilized by executive management.
    • IBM, Cybersecurity Engineer Intern - CISO team
    06/2020 – 08/2020
  • Designed and implemented a centralized and scalable service for securely signing, storing, and managing SSH keys using HashiCorp Vault while practicing agile methodologies
  • Used the Django framework to develop both an API service and a front-end interface
  • Presented and demonstrated project updates in bi-weekly showcases to high level executives in the CISO organization
    • Raytheon, Executive IT Support Technician/Cyber Security Intern
    05/2018 – 02/2020
  • Automated mapping of network printers for faster deployment of computers using batch scripts
  • Maintained equipment in both executive guest offices and conference rooms in preparation for executive meetings.
    • IBM, Cybersecurity Engineer Intern - CISO team
    06/2019 – 08/2019
  • Created a real-time dashboard using the ELK stack to highlight DLP related incidents
  • Designed a centralized data analytics platform for SoC to enhance investigations of insider threats
    • Skills
    Python
    Windows
    Linux
    TCP/IP
    SQL
    ELK
    Docker
    OpenShift
    MITRE ATT&CK
    SOAR
    EDR
    ThreatConnect
    ServiceNow
    Crowdstrike
    Palo Alto
    Microsoft Defender
    Education
    George Mason University, Bachelor of Science in Cyber Security Engineering
    08/2017 – 05/2021 | Fairfax, VA

    GPA: 3.8