Post Job Free
Sign in

Machine Learning Incident Response

Location:
New York City, NY
Posted:
April 10, 2025

Contact this candidate

Resume:

EDWARD CHALLITA

Book a time to talk

https://eddychallita.youcanbook.me

443-***-****

Edward Challita LinkedIn

EXPERIENCE SUMMARY

Mr. Challita is a results-driven Security Professional in IT Security, including Analysis with (security operations center) Management, SEM (security event management), and Incident Response experience.

SECURITY TOOLS & CORE COMPETENCIES

FireEye (FX, EX, NX), Varonis, SNOW, Ai and machine learning, Microsoft Azure and Sentinel, AWS, Dragos, ArcSight, Splunk ES/ITSI, Sourcefire, Checkpoint, Proofpoint, Bit9, Infoblox, Carbon Black, Zscaler, Anomali, Bluecoat CyberReason, DarkTrace, Tanium, IBM Resilient/CO3, Cisco Iron Port Cisco Firepower, Netskope and Crowdstrike among other tools.

Competent in various Cyber frameworks among them: NIST 800 series, ISO 2700 and the MITRE attack framework.

EXPERIENCE:

Nomios Manager Analyste SOC N3 - December 2024 – Present

• Manage and support the L2 analysts in his team

• Implement new SIEM rules and improve existing rules

• Creation of incident response playbook

• (SOAR) for Palot Alto Exabeam Cortex XDR/Xsor and Tehtris.

• Design and implement detection scenarios

• Build and optimize correlation rules and configure tools (SIEM, EDR, NDR, EPP...)

• Manage escalations

• Be the guarantor of customer satisfaction for your team

• Carry out HNO and WE on-call duties

• Monitoring and training in new technologies

• Threat monitoring

• Participation in reporting and documentation

Personal development – July 2024

• Took Google Cloud Generative AI Training which included the below:

• Distinction between machine learning and AI, Supervised and unsupervised learning, focusing on discriminative models

Deep learning with neural networks versus machine learning, including labeled and unlabeled data.

Transformer models, including encoder/decoder components and handling of hallucination outputs with noisy data.

Sogeti ITAR Senior Cyber Engineer - May 2023 – May 2024

Review alerts and necessary event logs including Carbon Black, Windows Event, Sysmon CLI, Palo Alto FW, Zscaler, Proofpoint, DNS, Live Response logs, and others.

Evaluate possible cyberattacks, insider threat, or internal breaches.

Determine the validity (True or False positive) and scope of a threat.

Amtrack Security design and Architecture Tech Lead- April 2022 – February 2023

Serve as the security design and architecture tech lead in the innovation and design group for multiple projects of varying complexity and size to help deliver security solutions for complex assignments and ensure projects are implemented through the Client DevSecOps process in alignment with Client Security Requirements and IT Architectural Standards.

Marriott Remote (contract)-Senior Cyber Security Lead - October 2021 to March 2022

Manages the global CIRT team, experience in assessing and analyzing APT, DDoS, Phishing, Malicious Payloads, Malware using Crowdstrike and Splunk as main SIEMs.

Strong analytical skills and efficient problem solving to relay the updates to senior leadership.

ATT Remote (contract)- Cyber Security Lead at USAF- August 2020 to September 2021

Night shift incidents response in a MSSP environment, triaging alerts from various government agencies using tools such as Fidelis and Kibana elastic search, Splunk, SNOW and FireEye.

Collect, analyze, and enrich the event information to perform the threat analysis.

Leidos Silver Spring, MD- Cyber Security Manager at NOAA- November 2019 to July 2020

Respond to cyber incidents, including responding to N-CIRT and preparing situational awareness reports for NOAA and/or DOC management.

Defining protocols and maturing ‘playbooks’ of operational response to cyber threats.

Operate autonomously to further investigate and escalate in accordance with protocols and contractual SLAs, including DOC and US-CERT in compliance with US-CERT incident reporting and guidelines.

Infosys Los Angeles, CA (contract)- Cyber Security Manager/Lead Consultant- February 2019 to November 2019

Focuses on the Security tools, SIEM monitoring and log source integrations Skills.

Works with CIRT teams, about 40 people, experience in assessing and analyzing APT, DDoS, Phishing, Malicious Payloads, Malware etc.

Deep understanding of advanced Security Analytics, Forensics, and Cybersecurity Frameworks such as Mitre Attack, ISO 2700 and NIST 800. Also participated in the critical Incident Response/ Breach Response using tools such as Splunk, Proofpoint, FireEye and AWS.

Strong analytical skills and efficient problem solving

AIG Reston, VA (contract)- Senior Global Cyber Risk Defense Analyst- August 2018 to February 2019

Manages and executes multi-level responses and addresses reported or detected incidents using tools such as Symantec DLP, Splunk, CyberReason, Anomali, Tanium, SNOW and Darktrace.

Collects, analyses, and enriches event information and perform threat or target analysis duties.

CERTIFICATIONS:

CISSP/CISM (class cert)

Security+E certified

Net+ Comptia

CEH (Certified Ethical Hacker)



Contact this candidate