Cyber Security Specialist (SOC, SIEM, Splunk, Content Development, Threat Detection / Hunting)

Infosec professional with over 15y of experience with projects delivered to large scale clients with mission-critical environments (mainly Financial). Last 6y dedicated to security engineering and Use Cases Cases design and development (SIEM, Splunk)

• Big Data
• Certified Information Systems Security Professional (CISSP)
• Cyber Security
• Incident Management

Certifications:

CISSP - Certified Information Systems Security Professional
GCIA - GIAC Certified Intrusion Analyst
GCIH - GIAC Certified Incident Handler
SSCP - Systems Security Certified Practitioner
AESA - ArcSight ESM Security Analyst
AEA - ArcSight ESM Administrator
GCFW - GIAC Certified Firewall Analyst
GSEC - GIAC Security Essentials Certification
ITIL Foundation Certificate in IT Service Management
Splunk Certified Knowledge Manager v6
Splunk Certified Admin v6
Splunk Certified Architect v6

More details here

I'm an Information Security professional with over 20 years of experience, including projects delivered to large scale clients with mission-critical environments (mainly Financial and Telecom). Last 5-6 years dedicated to security engineering and Use Cases design and development (SIEM, ArcSight, Splunk).

I also have a Bachelor degree (BS) in Computer Science and post-degree in Computer Forensics with an extensive background in software development and proven strong hands-on experience.

I work as a freelancer (independent consultant) designing and building Splunk (SIEM/Big Data) based use cases and processes for security teams (SOC, MSSPs, CERTs, Incident Response teams).

What can I deliver as a Threat Detection/Security Analytics SME?

- Quickly demonstrate value of Splunk/ES, by delivering custom, actionable content: alerts, reports/dashboards;
- Help your team design and establish Agile (Scrum) workflows and processes around custom content development (Jira/Git managed) which serve as the main driver to uncover new detection strategies and use cases;
- Coaching and support Security Hunters on how to leverage Splunk data to write rules (MITRE ATT&CK™ based), and translate hypothesis into SPL code (workshops);
- Build custom interactive interfaces and dashboards not yet available on Enterprise Security App (ex.: key SOC metrics) and address other ES shortcomings;
- Work as a senior SOC advisor given the amount of experience and leadership in the area accumulated over the years working for many SecOps teams.


Currently interested in long-term projects as a contractor or Cyber Security Engineering leadership positions. Keywords: threat hunting, security engineering/management, threat detection.