An Extended Expertise Consultant (EEC) is a dedicated consultant and engineering resource for large (mostly fortune 500) customers with long term engagments.

• Strategic SOC Transformation: Delivered prescriptive architectural guidance across the end-to-end security lifecycle. Delivered hundreds of full use cases (including playbooks, integrations, and automations) to drive measurable KPI improvement.
• Advanced Automation Engineering: Built Python scripts, automations, and task-based playbooks, with occasional JavaScript development to extend platform capabilities.
• Team Enablement & Knowledge Transfer: Partnered with customer leadership and engineering teams to build self-reliance through recurring working sessions and targeted training.
• Custom Integration Development (Python/Docker): Authored custom Python integrations for RESTful APIs, including reverse-engineering legacy APIs to enable interoperability with the modern Cortex platform.
• Product Improvement & Training Development: Collaborated cross-functionally to identify, report, and drive resolution of product and security issues; contributed to enablement content, including authoring support for Cortex XSOAR certification exams (original and updated versions).

The senior-most engineer in a mid-sized SOC, serving as SME across the bank’s security stack to protect confidentiality, integrity, and availability of systems.

• Governance & Compliance Leadership: Partnered with senior management to establish policies and procedures supporting audit readiness and regulatory compliance.
• SOC Operating Model Development: Co-authored and maintained the SOC runbook, standardizing triage and response processes.
• Metrics & Executive Reporting: Defined, tracked, and reported SOC KPIs to measure operational effectiveness and drive continuous improvement.
• Enterprise Security SME Ownership: Served as primary SME for security-owned platforms including WAF, firewall, DLP, SIEM, SOAR, IDS, phishing defenses, EDR, content filtering, and related tooling.
• Offensive Testing & Vendor Oversight: Executed internal penetration testing and coordinated/oversaw third-party penetration tests and remediation tracking.
• Risk Reduction & Hardening Advisory: Consulted with engineering teams on vulnerability mitigation, system hardening, and risk assessments.

Led a ground-up infrastructure rebuild after a cyberattack, replacing aging/unmanaged systems with modern, managed, security-forward architecture.

• Security Policy Modernization: Created and refreshed security and compliance policies and procedures to establish consistent governance.
• Operational Documentation & Ticketing Standards: Developed runbooks, documentation requirements, and ticketing workflows; identified metrics to track service performance.
• Detection & Response Tooling Integration: Deployed and administered monitoring and intrusion detection solutions, improving visibility and alert fidelity.
• Perimeter Security Modernization: Replaced legacy firewalls and implemented robust ingress/egress controls with monitoring and logging.
• Network Segmentation & Access Control: Rebuilt the network with segmentation as a core principle using ACLs and firewall policy design.
• Endpoint Security Uplift (AV → EDR): Migrated from unmanaged antivirus to centrally managed EDR with monitoring and response workflows.
• Identity & Access Governance: Performed enterprise IAM audit and established access/permission management procedures for Windows, Linux, and O365.

Utilized deep knowledge of systems, networking, and security as well as software engineering skillsets on a freelance basis for various large companies across many verticals. Primarily subcontracting through HP, IBM, and other tech companies.

• Enterprise Systems Delivery: Delivered infrastructure and security-focused implementations across multiple verticals via subcontracting partners.
• Client Partnership & Execution: Scoped work, executed deployments, and transitioned operations with documentation and handoff training.