Alayna Andrews

From November 2022 to December 2024, I had a break in my career in connection with a hiking accident/injury, which resulted in a long term recovery period. I am now looking forward to my 2025 debut.

• Participated in development, implementation, oversight, and maintenance of the operational technology security programs and risk management strategies.
• Contributions towards Information Technology Security Awareness & training programs aimed towards leaving a lasting impact on security culture enterprise wide.
• Actively identified vulnerabilities and monitoring mitigation, leading incident response, performing security reviews, and educating users on information security matters.
• Assisted in evaluating performance of Security Governance portfolio, including participating in security audits, vulnerability assessments, and process reviews. Includes planning, reporting, making and documenting recommendations to mitigate risks and enhance network, system, and data security.
• Monitoring and responding to alerts, outages, and certain security-related helpdesk incidents, as needed.
• Strong working knowledge of malware, advance persistent threats, intrusion prevention and detection systems, encryption, firewalls, access and authentication methods and technologies, and next generation security methods.

• Worked to identify and scope opportunities for improvements in efficiency, quality, maturity, and capabilities.
• Attended quarterly meetings and client satisfaction calls as a representative for the Analyst team.
• Created open forum among the Analyst team to ensure that team members collaborate & seek help on technical issues that prevent work from being completed.
• Ensured client on-boarding analyst tasks are performed to standard and on-schedule.
• Mentored Jr. staff and acted as escalation point for Analyst team members.
• Ensured client, and internal engineering escalation tickets are serviced in a timely fashion.
• Monitor security alerts, events, and trends on behalf of clients while maintaining access rules for discrepancies and potential gaps.
• Took lead on threat hunting activities and investigations to provide actionable alerts to clients.

• Support the Information Security Group by assessing, analyzing, and responding to security events across the enterprise while mentoring junior analyst staff to become fluent in these tasks.
• Maintains business systems by establishing and enforcing access controls alongside disaster preparedness.
• I take on the approach "Lead by Example" in providing technical expertise and resources to junior analyst, and walk through security escalations "hands-on, not hand-off" with them.
• Investigate security events, and ensure assets are protected while managing a heavy workload in a complex, demanding, and rapidly changing environment.
• Process security requests and interface with other business units to ensure confidentiality, integrity, and availability of information, referred to as the CIA triad model.
• By creating concise and comprehensive reports related to security violations, I contribute recommendations for addressing identified control weaknesses and conduct system audits to verify compliance with adopted controls, processes, policies, and standards.

• Due to unique conditions, I became the one and only person in the SOC and was independently working 12-14 hour days for months without direct report. I was solely accountable monitoring, and tuning SIEM and network/host based IDS/ IPS. I then worked to hire, on-board and mature new staff while protecting the organization.
• Created Playbooks, and Documentation of current SOC procedures and operations as well as content for industry novices to guide them through basic security concepts, and map out professional development to encourage analyst growth and success, including planning purple team exercises. I was first point of contact to guide investigations and incident response (IRP).
• I developed processes such as an on call process, malware detection, "Enhanced Phishing Program" (twice over), and developed metrics to endorse our value to stakeholders to influence security culture of the enterprise.
• Contributed to proactive COVID response plan including shift in coverage, and focus on COVID related threat intelligence.
• My top achievement was my partnership with our CSO on establishing new Cyber Fraud Risk Management team, to enhance out fraud prevention practices.
  

• SME in a team of 6 researching/ analyzing security events occurring on the network to define security incidents. I provided quality checks and SOC metrics with industry knowledge security of protocols & best practices to manage projects and produce metric reports on security initiatives.
• During a company merger I paused my normal duties and volunteered as temp SOC management during the transition, during this time I had the opportunity to create job-aids & Playbooks on standard operation procedures used in the SOC.
• Founded the operational process "DDoS Cable Labs", process for "CPNI Incident & Investigation Response Plan", and enhanced enhanced other processes such as interview materials. I participated in conducting interviews for candidates that would be a good fit for business development.
• Conducted CPNI breach investigations by analyzing threat actor data, and reported to FBI & FCC in compliance with regulations and guidelines.
  

• Promoted to Back Office Investigations 3 months of hire, where I was the top performer and resource for peers and took lead on escalations/ special projects while working abuse tickets, investigations, and provide support for null routing, blacklist and IP reputation issues. I also investigated, documented and resolved abuse, security & fraud matters while assessing how security initiatives impacted customer relations.
• Developed monthly presentation on emerging security threats and vulnerabilities which included open discussion on security concepts, and metrics based on CPNI breach investigations I worked (Which included FCC Regulatory Escalations for policy related complaints).
• Volunteered to test new concepts and beta test during development of internal program, "Project Tesla". Volunteered to transition process from an external team over to a newly developing dedicated fraud team in 4/2017 as a pioneer in process cultivation and enhancement.

• Supported Comcast Business Services while providing world class service by answering customer inquiries and providing accurate information while troubleshooting network problems. Developed intimate knowledge of business class products, policies and troubleshooting and was promoted to Tier 1.5 where I was a resource for other techs and offered support for escalations and null routing issues.

• My start was in a fraud analyst position doing "Fraud Prevention as a Service" (FPaaS), in commercial fraud prevention with the mission to surveil, pinpoint and scrutinize suspicious call patterns by researching and preforming log analysis on real time alarms for potential PBX breaches.
• Due to the nature of our work, I began off hours independent deep studies of whitepapers/resources to guide me through predictive analysis of current fraud trends and became committed to sharing resources, subsequently training newhires and was awarded a senior analyst position. Focus then shifted to the research & compliance team, a group of 5 dynamic people who vastly who vastly widened my understanding of social engineering and psychology behind it. We'd report, investigate and analyze cases, evaluated call detail records (CDR) in potential CPNI breaches using Pin-Drop Voice Intelligence.
• My role shifted to fraud supervisor for wireless equipment fraud and identity theft, partially monitoring and managing call center SLA, metrics, and preformed quality checks (QA) to provide individual coaching, development and goal setting for analysts. Occasional float management in other fraud divisions.