SOC Analyst / Security Engineer
๐ Texas
Security Engineer with 5+ years of hands-on experience in SOC and cloud security operations. Proven track record deploying and tuning SIEM, EDR, IAM, and endpoint controls across AWS and Azure, reducing false positives by 25% and accelerating incident containment. Skilled in cloud incident response, SOAR automation, and vulnerability management.
TD Bank
Mar 2025 โ Present
Monitored and triaged SIEM alerts (Splunk, Sentinel, QRadar), reducing false positives by 25%. Investigated phishing, malware, and anomalous logins using CrowdStrike, Mimecast, and Microsoft Defender. Conducted cloud incident response in AWS and Azure, reducing containment time by 30%. Automated MDR reports and case workflows with Python/PowerShell/XSOAR. Collaborated with Tier 3 Analysts on escalations and SOC KPI tracking (MTTD/MTTR).
Accenture
Sept 2021 โ Jan 2024
Served as escalation point for Tier 1, validating alerts and determining severity. Performed threat hunting and vulnerability assessments using Nessus, Tenable, and Qualys, resolving 95% of high-severity issues within SLA. Participated in purple team exercises, improving detection accuracy by 20%. Mentored Tier 1 Analysts and refined SOC SOPs and incident response playbooks.
Garmin
Jun 2019 โ Aug 2021
Analyzed alerts from SIEM, IDS/IPS, EDR, and phishing systems, containing 95% of incidents within SLA. Performed malware sandbox analysis and phishing simulations, reducing incident recurrence by 30%. Supported SOC2, ISO, and HIPAA audits. Tuned SIEM alerts and authored new detection use cases aligned to MITRE ATT&CK.