I'm a security engineer and full stack developer. My main interests are security, workflow optimization, and automation.
I currently work at Vijilan Security LLC, a cybersecurity monitoring company that partners with managed service providers to offer SOC services to their clients. Initially hired as a SOC Analyst and IR Specialist, I've since been moved to the position of Security Engineer. While in this role, I've worked in a three-person team to design and implement a large, multi-tenant SIEM deployment at Vijilan using the data analytics tool Humio, NXLog, and Python. This work has included writing applications to retrieve client telemetry from various cloud, network infrastructure, and endpoint sources using API calls as well as NXLog, parsing logs, commonly using regular express (regex), for relevant information such as network, antivirus, application control, and IPS activity, and normalizing this information and its values for the benefit of our SIEM detection library and SOC analysts' investigations.
As a senior SOC Analyst and IR specialist there, my roles were to investigate potential security incidents our SIEM alerts us to, work with MSPs to identify and resolve security issues, update and manage the SIEM rule set, and tune the SIEM to meet the specific needs of our partners and their clients.
When I started teaching myself about security, I initially paid most of my attention to identifying, exploiting, and patching vulnerabilities. Soon, the importance of a strong background in development became obvious, so I created a virtual laboratory for building applications and other tools, seeing how they could be broken with oversights, and then fixed. I've practiced and learned to defend against attacks such as cross-site scripting, remote file inclusion, SQL injections, cross-site request forgeries, WEP and WPA cracking, brute force attacks, full path disclosure, and other common attacks. I also hold CompTIA's Security+ certification, and its verification can be found on my Skills page.
Whiles I was employed at Fiverr from 2015 until 2017, part of my job was to report technical issues to Fiverr's development team. I found and reported many issues while in this role, including front end bugs, unexpected output from the backend, and a few security vulnerabilities. I was able to work with Fiverr's development team to ensure these issues were patched.
As I mentioned, I'm also interested in workflow optimization and automation through technology. EZFiverr is a desktop application for the Customer Support team at Fiverr that saved the team over 50 hours of work per week, and the missing image detector is a tool that helped Flexshopper's customer support team go from finding and reporting a handful of missing product images per week to hundreds in less than a minute. You can find downloadable demonstrations of both of these tools by going here.