Security Expert

Review security events that are populated in a Security Information and Event Management (SIEM) and XSOAR system to develop accurate remediation actions. Review, respond, and build alerts. Build automation to increase capacity and ability of the team. Creating rules via Cloudflare to avoid Bot DDOS attack. Frequently document and communicate product security risks, collaborating with internal and external partners. As a technical specialist for analysing and identifying security vulnerabilities in web applications, operating systems, and networks independently follow procedures to contain, analyse, and eradicate malicious activity. Vulnerability scanning via Qualys. Update and create playbooks on SOAR. Conduct proactive threat research.

Answered calls and emails from customers and accurately log the incidents ensuring all relevant data is captured on Service Now, ITSM, Ivanti. 1st and 2nd line support for IT related issues. Managed security auditing tools (Active Directory). Trained to new starter, created knowledge articles. Priority the incident and follow the SLA. Service monitored include SIEM. Meraki networking – namely managing/supporting the in-office wireless infrastructure. Sentinel data source integrations and configure threat intelligence feeds. Monitor, detect, remediate, investigate threats and strengthen the cyber security. Malware analysis using Process explorer, Autoruns and Process Monitor. Used Maas360 MDM for mobile and iPad/tablet. Jumpcloud for Windows and MAC devices mostly for Active Directory.

Visit Retail stores to fix Till Units (IBM, Toshiba), Controllers and Server, Windows 10 SCCM integration, Chip and pin device deployment.

First contact for IT issues. Active directory deployment. Collaborate with team members from multiple time zones, working on change requests and ad-hoc requirements.

Head of Information Technology Department.