• Lead the development and optimization of threat detection operations, including increasing MITRE ATT&CK framework coverage for SIEM detection engines and overseeing deployment and maintenance of several security platforms such as Netskope DLP, Netskope SWG, ThreatConnect, Splunk UBA, and active stakeholder on SMTP, SSPM, and Secure Analytics initiatives.

• Lead the Detection Engineering team to map SIEM detections to MITRE V16 mapping and enabling over 350+ new detections the coverage to over 90% within 90 days

• Lead the Cyber Threat Intelligence team to automatically review ten's of thousands of Intel feeds for IOC's.

• Created a Global Data Loss Prevention Program which included Endpoint, CASB, and Web protections. This effort required the development of multiple custom detections to cover Zendesk specific use cases, while taking into consideration global privacy and complance requirements such as GDPR, ISo 27001v2022, ISMAP, SOC2t2, among others.

Managed project life cycle including vendor selection, proof of concepts (POCs), deployment, configuration, and ongoing maintenance of DLP (Netskope), Secure Web Gateway (Netskope), Threat Intelligence Platform (ThreatConnect), SSPM, User Behavior Analytics (UBA), and Secure Analytics platforms.

Produced comprehensive documentation and communicated insights to internal and external stakeholders, enhancing situational awareness and proactive defense strategies

• Replaced and enhanced current vulnerability management processes while remediating 91% of all vulnerabilities, and all vulnerabilities with a CVSSv3 score greater than 0 within a 12 month period for high risk assets.

• Improve the overall delivery method of eDiscovery investigations to facilitate for faster and easier experiences for Legal and Compliance teams.

• Participate on SOC 2 type 2 audits and technical meetings

• SME Data classification and labeling project (ETA completion Q3 2022)

• SME Data loss prevention project (ETA completion q1 2023)

• SME Email phishing deterrence initiative (ETA completion Q3 2022)

• Participate in Operations and incident handling responsibilities

• Train and supervise Jr. Analyst day to day operations and responsibilities.

• Continue Sr. Engineers responsibilities with Email security, Defender, Forensics, eDiscovery, and phishing awareness.

• Evaluate current Cyber Security tool effectiveness on a work force that was on the middle of transitioning to a fully remote environment, this initiative led to the replacement of vulnerability management tool , enhancement of the anti virus tool, enhancement to email security.

• Formalized the eDiscovery process to meet local, state, and federal requirements to meet a proper chain of custody and analyst can meet "expert witness" requirements

• Performed vendor and cost analysis comparison for SIEM, Vulnerability management, ATP, and Email threat protection tools.

• Lead Forensics and eDiscovery analyst

• SME for Vuln. mgmt, AV, Phishing awareness campaigns,

• Participate on Cyber Ops and incident response investigations

• Worked on the documentation and standardization or Ops tasks.

As a Sr. Analyst my responsibilities include those of a Lvl 2 analyst plus the following:

• Lead forensic Analyst for Mercantil Commercebank NA: This includes the creation of forensics Operating procedures, creation of run books, provide training, and perform investigations from an e-discovery, network forensics, and storage forensics perspective

• Lead engineer and SME on the QRadar SIEM and Symantec DLP appliances. This includes the creation of Monitoring Operating procedures, creation of run books, provide training, troubleshoot policies, perform investigations, and improve the overall security of the bank finding more granular and detailed tasks for the tools

• Perform Security Assessments for new and current Vendors

• Perform new tools risk validation, testing, POC’s, comparison of market alternatives, and negotiate pricing and services with service providers.

• Mentor and overview several tasks of Jr. Team members