I am a highly skilled and experienced Cyber Defense Engineer with a proven track record in leading Security Operations and conducting in-depth product assessments, including EDR, Mail Gateway, Threat Intelligence Platforms (TIP), Attack Surface Management (ASM), Dark Web Monitoring, Digital Risk Protection (DRP), and SOAR solutions.
My expertise includes designing and optimizing SOC processes, developing robust use cases, creating comprehensive playbooks, and implementing advanced detection rules and automation workflows to enhance security operations. I excel in crafting middleware for custom solution integration and automation, as well as streamlining integration processes to ensure seamless functionality across diverse security environments.
Passionate about blue team capabilities, I specialize in threat detection, incident response, and proactive threat hunting. My technical acumen extends to SIEM administration, implementing and managing SOAR solutions, integrating SOCs with automation tools, and leveraging proficient scripting skills to drive operational efficiency.
I hold a professional certificate in Threat Hunting (eCTHPv2) and am committed to expanding my knowledge and practical expertise through additional certifications in blue and purple team disciplines. Guided by the principle, "You can’t protect what you don’t understand," I strive to stay informed of the latest trends, technologies, and adversary tactics in the ever-evolving field of cybersecurity.
- TheHive: Open Source SOAR
- MISP: Malware Information Sharing Platform
- BookStack: Documentation Platform
- EDR Assessment
- ELK: Elasticsearch, Logstash, Kibana
- C2 Frameworks
- Attack Simulation
- How to Send Logs From an API to QRadar SIEM Through Syslog Middleware
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia
- [Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?](https://thehackernews.com/2024/11/the-importance-of having-a-google-workspace-backup-solution.html)
- Microsoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent Networks
- PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
- Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign