Incident Response Threat Intelligence

LUCIANO ACHIDI

*********@*****.***

(***) *** - *747

Chicago, Illinois

TOOLS & TECHNOLOGIES

Endpoint Investigations

Malware Analysis

Threat Intelligence

Splunk/ IBM QRadar/ Microsoft

AZURE Sentinel

Crowdstrike/Carbonblack/

O365Defender/Cisco AMP

Wireshark/McAfee Web

Gateway/Palo alto/Juniper

Any.run/ThreadGrid/Joe

Sandbox/Triage

Nmap/Nessus

Firepower/FireEye NX, HX

Azure Active Directory

AWS Guard duty / Cloudwatch /

Cloudtrail

AZURE Cloudapps

ServiceNow

OPEN SOURCES ( OSINT )

IPvoid.com

VirusTotal.com

MXToolbox.com

Chainsaw

Hayabusa

Timeline Explorer

AbuseIP DB

Scamalytics

Redline

EDUCATION/ CERTIFICATIONS

Associates, Business

Administration,

o Midwestern Career

College

PROFESSIONAL SUMMARY:

Passionate SOC, Cyber Threat Intelligence and Incident Response Analyst with extensive experience in investigating, containing, and preventing network, host, and email-based attacks. Great experience in malware analysis, incident response, data loss prevention and improving SOC processes by utilizing top industry security solutions.

Professional Experience

Pitch Technologies – Senior ITDR/Incident Response Analyst Chicago, IL 01/2020 – Present

Managing and supporting the log collection, security scanning, intrusion detection, content filtering, and other security-related systems

Providing support for the log management and security information and event management (SIEM) solutions

Quickly identifying and responding to cybersecurity incidents, such as data breaches, malware infections, or unauthorized access.

Developing and implementing incident response plans to contain and mitigate threats.

Coordinating with cross-functional teams, including IT, legal, and management, to ensure a coordinated

response.

Analyzing malware and other malicious software to understand their capabilities, origins, and impact.

Studying indicators of compromise (IOCs) to identify potential threats and vulnerabilities.

Staying updated on the latest cyber threats and attack techniques.

User Acceptance Testing (UAT) documentation to

validate system specification.

Utilizing specialized tools and software for digital forensics and incident response, such as EnCase,

FTK, Wireshark, and SIEM (Security Information and Event Management) solutions.

CompTIA Security +

CompTIA Network +

Crowd strike CCFA

AZURE SC200

AZURE AZ900

AREAS OF INTEREST

Threat Hunting

Threat Intelligence

Malware Analysis

Forensics

Risk Management

My Hobbies

Football

Music

Cooking

Prioritizing, evaluating, and implementing the

appropriate risk-reducing controls/countermeasures recommended from the risk management process.

Developing scripts and automation to streamline

investigative processes.

Scheduling and conducting meeting with clients to discuss feedback, pending activities and any change in process.

Engagement with all stakeholders to discuss best practices and ensure that all cybersecurity controls are designed according to the industry standards and

requirements.

Pitch Technologies -Senior ITDR / SOC Analyst – United Airline, Renown Health, First American bank (Client) Chicago, IL 08/2017 – 01/2020

Performing monitoring and analysis, analyzing network traffic (i.e. PCAP) and log analysis, prioritizing and differentiating between potential intrusion attempts, determining false alarms, insider threats, APT detection, malware analysis

Reviewing and triaging information security alerts, provide analysis, determine, and track remediation, and escalate as appropriate.

Implementation of IAM MFA and role-based access control and IAM policies overall

Ensuring authorized access by investigating improper access, revoking access, reporting violations, and monitoring information requests

Providing installation, maintenance, upgrades, and troubleshooting of security applications and appliances across all functional departments

Performing other duties as assigned including work in other areas to cover absences or relief to equalize peak work periods or otherwise balance the workload.

Providing 24/7/365 monitoring and analysis of Security event alerts across the enterprise network.

Reviewing all incoming alerts, properly investigate and ticket all identified potential security threats within the agency incident response-ticketing platform.

Generating tickets for validating incidents.

Assisting in identifying Root Causes of incidents and follow- up with SMEs for incident closure.

Assisting the team lead in generating weekly report.

Documenting of alerts and all artifacts.

Strong knowledge of current security threats, techniques, and landscape, and a dedicated and self-driven desire to research and learn more about the information security landscape.

Reviewing and triage experience with endpoint detection and response tools.

Monitoring dashboards and intrusion detection and prevention systems (IDS/IPS)

Performing and supervising end to end Deployment of multiple security tools ( Crowdstrike, Defender, Zscaler, Sentinel One, CarbonBlack) in client environment and

Performing initial analysis and investigation into alerts as they are seen (to include anti-virus and phishing alerts.

Performing initial malware analysis utilizing automated means.

Supporting cyber defense functions to protect our clients from cyber security incidents that have potential to cause negative impact.

Triaging Incidents, ticket updates and reporting of cyber events.

Using SOC monitoring devices (SIEM, IDS, DLP) to review and analyze pre-defined events indicative of incidents.

Experience and knowledge related to the configuration and maintenance of security monitoring and reporting platforms. Pitch Technologies – Desktop Support Specialist – Verizon, United Airline ( Client )

Chicago, IL 03/2014 – 08/2017

Resolved complex technical issues that arose on client computer using troubleshooting

Effectively made recommendations to IT users on selection of hardware and software

Successfully administered user accounts, Exchange mailboxes, and security and distribution

Installed and maintained Windows and desktop software, service packs, patches, and anti- virus updates

Managed assets inventory and deployed desktop images to end users

Worked directly with HR dealing with New Hire Onboarding Process and trained

Decreased laptop rollout deployment times by 50% by creating, documenting, and implementing updated load set for Windows 7 and Office 2010

Participated in revolving on-call schedule to provide 24/7 service to users

Troubleshoot various technical issues dealing with printers, network, and phone systems

Worked with third party vendors to resolve issues with hardware or software covered by annual maintenance agreements

Managed laptop and MacBook inventory and assisted in procuring new hardware, software and related supplies

Provided support in setting up audio and visual technology for conferences and meetings

.

Contact this candidate