Lead Cybersecurity Engineer at Palo Alto Networks (2024-01 – Present)
- Lead cross-functional engineering teams, coordinating specialized domains across SIEM, XDR, and SOAR automation per project.
- Author Solution Design Documentation (SDD) to translate enterprise compliance and security needs into high-performance SecOps architectures.
- Partner with PMs to align engineering tasks with SOW objectives, managing resources to ensure on-time data onboarding.
- Act as the technical authority for Cortex XSIAM, optimizing multi-cloud telemetry ingestion and advanced threat detection rules.
SOC Engineer at Omilia (2023-01 – 2024-12)
- Engineered and maintained the ELK Stack platform, driving log architecture design and data source onboarding.
- Administered AWS security controls, implementing detection alerts across CloudTrail, CloudWatch, and IAM.
- Served as Lead Auditor driving readiness and execution for SOC2, PCI-DSS, and GDPR certifications.
Cyber Security & Compliance Engineer at BICE Bank (2018-01 – 2022-12)
- Led the design and administration of IBM QRadar (SIEM) and served as Azure Security Architect for cloud governance.
- Deployed automated response playbooks via FortiSOAR utilizing Python and PowerShell scripting.
- Administered Fortinet (FortiGate) firewalls, Radware WAF, Proxies, and vSphere/VMware environments.
- Conducted malware analysis (FortiAnalyzer), vulnerability assessments (Nessus), and technical audits for PCI-DSS and SOC2.
Cybersecurity Analyst at Provincia ART (2018-01 – 2018-12)
- Executed the end-to-end deployment of Splunk, designing customized indexes, dashboards, and KPI reports.
- Administered Active Directory (AD) access controls, enterprise Endpoint Protection, and corporate PKI certificates.
Cybersecurity Consultant | SIEM & Endpoint Specialist at RAN Security (2016-01 – 2017-12)
- Sized and implemented McAfee SIEM (ESM, ERC, ACE) and McAfee ePO (ENS, HIPS, DLP) suites for Government and Energy sectors.
- Aligned infrastructure logging and controls to meet strict SOX and PCI-DSS compliance frameworks.
SOC Analyst at Red Link (2015-01 – 2016-12)
- Monitored Splunk SIEM for a high-volume transaction infrastructure, tracking database and antivirus logs.
- Conducted triage and prevention for Phishing and Ransomware campaigns while validating PCI-DSS baselines on servers.