Incident Response Security Operations Center

Zosimo “Mo” Orozco

323-***-**** *******@****-****.*** Los Angeles, CA

InfoSec seasoned professional in cybersecurity engineering & managerial responsibilities in public & private sectors. Proven track record to enhance security controls and policies. Dedicated to core principles: continuous preparation, continuous improvement.

EXPERTISE & ACCOMPLISHMENTS

- NIST 800-37/800-53/PCI-DSS/FedRAMP/GRC

- ATT&CK, CWE, OWASP Methodologies

- Tenable Nessus, Qualys VMDR, Rapid7 Nexpose

- Security+, Network+, Linux+, OSCP candidate

- Python, REST/SOAP API, Bash, PowerShell

- BurpSuite, Fiddler, Postman, GDB, WinDbg

EXPERIENCE

SCIENCE APPLICATION INTERNATIONAL CORPORATION July 2023 – Present Security Operations Center Purple Team Technical Lead

• Lead team of 8 overseeing incident response, forensics, and e-discovery for cyber & privacy incidents.

• Establish ongoing evaluation of cyber incident response plan & playbooks.

• Prepare tabletop exercises for cyber & privacy incidents.

• Document lessons learned and summary analysis post incident response.

• Implement training sessions to support collaboration between junior and senior analysts. ACHIEVEMENTS:

Tune alert, detection, and response metrics with 24x7x365 security operations team.

Consolidate reports & data across various security teams for senior leadership.

Present security & risk management reports to C-level executive leadership.

Participate in incident response via CISA DHS Intelligence Training Academy (ITA).

Information sharing with Orange County Intelligence Assessment Center (OCIAC). Sr. Vulnerability Management & Threat Intelligence Senior Analyst Jul 2020-Jul 2023

• Configured and performed vulnerabilities scans across AD inter-forest trust domains.

• Analyzed & ingested indicators of compromise from threat intelligence feeds to SIEM.

• Engaged incident response table top exercises in vulnerability detection & assessment.

• Documented executive summary & vulnerability root cause analysis post incident response.

• Tested & tuned security controls: ZTNA, SASE, SD-WAN, SEG, SWG, DLP, MFA, VPN, IPS, WAF. ACHIEVEMENTS:

Onboarded internal/external network & agent-based assets with automated dashboard & reports.

Led vulnerability remediation tracking meetings with data center security steak holders.

Reported patching, mitigations, hardening and cyber hygiene metrics to senior leadership.

Assessed exposure to environment from emerging threats through vendor PSIRT.

Managed & tracked external and internal read team/penetration testing engagements. NAVIENT SOLUTIONS LLC Jun 2019 – Jun 2020

Vulnerability & Configuration Management Analyst

• Setup vulnerabilities scans for golden image pipeline in virtual environment.

• Identified false positive results & evidence to correct security control deficiencies.

• Parsed through remediation scan artifacts & evidence for security assessment reports.

• Documented compensating security controls for acceptable risk assessments with GRC teams.

• Reported on vulnerability & patching metrics from infrastructure, operations, and cross-functional teams. ACHIEVEMENTS:

Conducted system-level security risk analysis for FedRAMP requirements.

Reviewed SSP for servers, routers, firewalls & applications for PCI-DSS security compliance.

Implemented STIG standards to build processes for NIST 800-37 RMF security compliance.

Led POA&M quarterly projects to track NIST 800-53 CSAM ATO ongoing audits.

Submitted CAP reports to senior leadership for information systems FISMA requirements. JOHNSON CONTROLS INTERNATIONAL Jan 2017–Jun 2019

Senior Operations Engineer

• Configured log ingestion agent to process and forward CEFs to ELK SIEM for dashboard alerts.

• Met minimum SLA response and resolution times during business and on-call hours.

• Test new releases with burpsuite, fiddler, postman, gdb, windbg, nmap, sqlmap, openvas, dependency-check.

• Coordinated yearly application penetration testing webapp & client/server software with 3rd party vendors.

• Validated host-based vulnerability reports with openvas/dependency-check. ACHIEVEMENTS:

Advised in pre-sales specifications and best practices for server deployment & configuration.

Discovered unsanitized input in web application database submission form.

Automated scripts with python to audit and correlate logs to failed authentication requests.

Tracked bugs/fixes/patches for hardware servers and software application high/critical findings.

Collaborated with devops for call stack errors and core dumps to reproduce bugs & security flaws. Technical Support Analyst III Mar 2015–Dec 2017

• Collaborated with engineering & operations teams to remediate defect in deployed servers.

• Responsible for root cause and performance analysis in enterprise environments.

• Implemented custom development builds and solutions for enterprise environments.

• Inspected rotating os/tcp/ip trace on hosts for trends and irregular faults. ACHIEVEMENTS:

Conduct on-site visits with high visibility technical accounts and key sales clients.

Led field investigations of system deployment and configuration issues.

Discovered hardware driver memory leak in refresh upgrade project.

Tested and reported core crash exploit found at in testing/staging environment. Application Support Specialist II Jan 2013–Mar 2015

• Reviewed and published knowledge base/technical support documentation.

• Diagnosed supported and compatible hardware for warranty replacements.

• Triaged and troubleshot Windows, Linux, Mac OS X cross platforms and 3rd party integrations.

• Documented incoming email/telephone service desk tickets in SalesForce CRM/Service Now ITSM. ACHIEVEMENTS:

Managed pre-sales onboarding & post-sales support for LATAM/Caribbean accounts.

Traveled to LATAM/Caribbean for technical training, trade shows and sales support.

Provided training & support for new & entry level technicians, specialists, analysts. CLEARANCE

Public Trust 6C Clearance SLTT Probations Clearance ASSOCIATIONS

CI-ISSA Treasurer CINLUG Board Member

LANGUAGES

Professional Working Proficiency: Portuguese/French Fluent: Spanish EDUCATION

Indiana State University, Terre Haute, IN (Attended Fall 07 – Spring 10) Major: Bachelor of Arts in Political Science

Contact this candidate