Post Job Free
Sign in

Incident Response / Soc Analyst

Location:
San Angelo, TX
Posted:
March 19, 2025

Contact this candidate

Resume:

David M. Dietrich

San Angelo, TX USA +210-***-**** *****.*********@*****.***

Summary

Forensic Analyst DFIR Specialist Cybersecurity Expert

Results-driven cybersecurity professional with deep expertise in Digital Forensics, Incident Response (DFIR), and Security Operations (SOC).

Experienced Forensic Analyst specializing in digital forensics, incident response, and cybersecurity investigations. Skilled in conducting forensic examinations, analyzing digital evidence, and leveraging tools like EnCase, FTK, and Volatility to investigate security incidents. Adept at system analysis, network forensics, and malware analysis to uncover threats and enhance cyber defense strategies. Proven ability to collaborate with cross-functional teams and stakeholders to deliver timely, effective cybersecurity solutions in fast-paced environments.

Skills

●Incident Response Development

●EDR & Threat Detection

●Mentorship & Training

●OS Administration (Windows, Linux)

●Customer Support

●Network Traffic Monitoring

●Data Review

●Network Protocol Analysis

●Digital Forensics

●Network Analysis

●SIEM & Log Analysis

●Ticketing & Tracking

●Forensic Tools (EnCase, FTK, Autopsy)

●Reporting

Experience

SOC ANALYST T2 06/2024 - 03/2025

Valiant Solutions, LLC - Remote, TX

●Served as a Tier 2 SOC Analyst for the Department of Education (DoED), performing core SOC duties and incident response.

●Mentored junior analysts and documented incidents/events per DoED guidelines.

●Investigated suspicious events to assess activity, severity, and potential threats.

●Collaborated with internal DoED teams to align on overlapping security responsibilities.

●Utilized Splunk, Palo Alto Cortex/Prisma, Windows Defender, Purview, and Azure Portal to analyze threats and created Splunk dashboards for streamlined event analysis.

SENIOR INCIDENT RESPONSE/SOC ANALYST 08/2021 - 03/2024

N-able - Remote, TX

●Created manuals for phishing, EDR alerts, and suspicious logins.

●Managed SOC alerts using Splunk, Defender, Sentinel One, and ServiceNow.

●Mentored junior analysts in phishing detection, VM setup, and research.

●Developed the N-able IR program, aligning with NIST 800-61 & MITRE ATT&CK.

●Built playbooks, documentation hubs, and standardized Splunk queries for efficiency.

CYBER SECURITY ANALYST LEVEL II 03/2019 - 08/2021

McKesson - Phoenix, Arizona, USA, TX

●Monitored enterprise network traffic using Splunk, NetFlow, and SIEM tools to detect and respond to security incidents.

●Tracked activities with Remedy, JIRA, and ServiceNow, ensuring proper documentation and coordination of cybersecurity events.

●Provided customer support for cybersecurity issues, delivering prompt and effective assistance.

●Conducted network traffic research in Windows and Linux environments to investigate potential intrusions and mitigate threats.

●Assisted in incident response actions, including account and system compromises, ensuring effective threat containment and resolution.

SENIOR FORENSIC ANALYST LEVEL II CYBER SECURITY 10/2015 - 03/2019

Mosaic451 - Phoenix, Arizona, USA, TX

●Monitored network traffic for corporate clients using Palo Alto firewalls, Metaflows, and SIEM tools like LogRhythm, Q-Radar, and SumoLogic.

●Investigated network logs and traffic to identify potential intrusions and system compromises.

●Tracked and documented activities using ServiceNow and Alfresco to ensure efficient collaboration.

●Created investigation tickets using Best Practical RT: Request Tracker for structured incident handling.

●Provided remediation recommendations for system compromises, enhancing cybersecurity posture and customer trust.

INCIDENT RESPONSE ANALYST 03/2007 - 10/2015

33 NWS AFCERT Incident Response Team - Lackland AFB, TX, USA, CA

●Led Incident Response Investigations for the Air Force Information Network (AFIN) to secure the USAF intranet.

●Conducted remote digital analysis using EnCase, retrieving log and data files for forensics.

●Analyzed data and logs in UNIX and Windows to identify malicious activity.

●Managed incident records using Microsoft Suite and DoD web applications.

●Coordinated on malware analysis, IDS traffic review, and incident response, ensuring DoD compliance.

SLAVIC CRYPTOLOGIC LINGUIST 01/1991 - 12/1993

Intelligence Analyst/Reporter for the USAF - USA

RESEARCH ANALYST

Combat Information Transfer System (CITS) Block 30 - CA

CELL LEAD

CITS Block 30

ACCESS CONTROL SPECIALIST

working for Lingualistek

Trainings And Certifications

●SANS GIAC Certified Incident Response Handler (GCIH)

●SANS GIAC Certified Forensic Analyst (GCFA)

●CompTIA Security +

●33 NWS AFCERT Incident Response Analyst

●ArcSight Certified Security Analyst

●Defense Cyber Investigations Training Academy

●DCITA Introduction to Networks and Computer Hardware (INCH)

●DCITA Computer Incident Responders Course (CIRC)

●DCITA Windows Forensic Examination – EnCase (WFE-E

●USAF Veteran

Security Clearance

●Level: Top Secret (Granted by DoD), Date Adjudicated: 27 Mar 13



Contact this candidate