Security Expert

Maintained and implemented updates for secure network. Working closely EMEA and APJ/APAC and committed to resolving critical issues in a timely manner and ensuring that clients get the full value of their product. Assisted in the Development of security plan including software and hardware. Managed cross-border cybersecurity incidents and investigations, providing timely responses and minimizing potential risks. Validating product while on production side and diagnosing, reproducing, and resolving customers issues. Provided point of contact for customer seeking product information. Adept at meeting the unique challenges of each environment by tailoring customized installation plans and support approaches to meet customers' policies and requirements. Asist and instruct customer for technical subjects. Testing, troubleshooting, and validating the product on development and production mode. Product demonstrations and POVs/POCs. Create knowledge wikis for each release. Giving training to newbies and coordinate training for staff in technical and security related.

Review security events that are populated in a Security Information and Event Management (SIEM) and XSOAR system to develop accurate remediation actions. Review, respond, and build alerts. Build automation to increase capacity and ability of the team. Creating rules via Cloudflare to avoid Bot DDOS attack. Frequently document and communicate product security risks, collaborating with internal and external partners. As a technical specialist for analysing and identifying security vulnerabilities in web applications, operating systems, and networks independently follow procedures to contain, analyse, and eradicate malicious activity. Vulnerability scanning via Qualys. Update and create playbooks on SOAR. Conduct proactive threat research.

Answered calls and emails from customers and accurately log the incidents ensuring all relevant data is captured on Service Now, ITSM, Ivanti. 1st and 2nd line support for IT related issues. Managed security auditing tools (Active Directory). Trained to new starter, created knowledge articles. Priority the incident and follow the SLA. Service monitored include SIEM. Meraki networking – namely managing/supporting the in-office wireless infrastructure. Sentinel data source integrations and configure threat intelligence feeds. Monitor, detect, remediate, investigate threats and strengthen the cyber security. Malware analysis using Process explorer, Autoruns and Process Monitor. Used Maas360 MDM for mobile and iPad/tablet. Jumpcloud for Windows and MAC devices mostly for Active Directory.

Visit Retail stores to fix Till Units (IBM, Toshiba), Controllers and Server, Windows 10 SCCM integration, Chip and pin device deployment.

First contact for IT issues. Active directory deployment. Collaborate with team members from multiple time zones, working on change requests and ad-hoc requirements.