Andre Morgan
Columbus,OH
Summary
U.S. Navy veteran and security-focused analyst with enterprise experience supporting high-severity incidents in regulated financial environments. Hands-on exposure to SIEM investigation, vulnerability management, threat hunting, and incident response across cloud and enterprise systems. Proven ability to triage security alerts, escalate risk, and support real-time response alongside SOC and IR teams.
Overview
9
9
years of professional experience
1
1
Certification
Work History
Cyber Security Support Analyst Intern (Vulnerability Management & SecOps)
Log(N) Pacific
01.2025 - Current
- Executed vulnerability management lifecycle activities across four remediation scan cycles, eliminating all critical findings and achieving a 79% overall vulnerability reduction across remediation scan cycles through scanning, prioritization, remediation tracking, and validation using Tenable
- Performed DISA STIG–aligned secure configuration reviews and compliance validation to reduce security risk
- Automated remediation and system hardening tasks using PowerShell to address critical vulnerabilities
- Participated in Change Advisory Board (CAB) reviews to evaluate remediation risk, patching strategy, and production impact
- Conducted threat hunting across EDR and SIEM telemetry to identify brute force activity, ransomware behavior, anomalous authentication, and potential data exfiltration
- Built and tuned detections and dashboards in Microsoft Sentinel and Microsoft Defender for Endpoint to improve investigation speed and visibility
- Queried and correlated security telemetry using KQL to support incident investigation and response decisions
- Supported incident response through alert triage, containment coordination, escalation, and structured documentation
Security Operations / Incident Management Analyst
Bread Financial
09.2024 - Current
- Supported triage and escalation of 200+ high-priority security and availability incidents using Splunk SIEM, BigPanda, and enterprise monitoring platforms
- Investigated suspicious credit and loan account activity using Splunk by correlating IP address, device, browser, and identity attributes to detect potential fraud or abuse and support fraud investigations
- Collaborated with SOC and Financial Crimes teams during triage to provide investigative findings, supporting rapid escalation and informed response decisions
- Executed incident runbooks and escalation playbooks to notify SOC, CIRT, and leadership when security events met incident criteria
- Supported incident severity assessment and maintained detailed timelines, technical findings, and remediation tracking for stakeholders
IT Support Specialist (Enterprise)
Morgan Stanley
09.2023 - 08.2024
- Provided daily technical and security support for approximately 10–20 enterprise users while serving as an escalation point for authentication, endpoint, and virtual environment incidents in a regulated environment
- Investigated authentication, endpoint, and access-related security tickets and escalated suspicious activity to SOC for further analysis
- Reviewed system logs and alert data during troubleshooting to identify potential security or access anomalies
- Supported MFA and privileged access workflows including RSA tokens, Microsoft Authenticator, MDM controls, and CyberArk processes
- Escalated security-sensitive access and authentication issues to SOC and identity teams while adhering to strict MFA, identity verification, and enterprise security procedures to ensure secure and compliant enterprise operations
Operations Specialist
United States Navy
01.2017 - 01.2021
- Served in high-pressure Combat Information Center (CIC) watchstanding and supervisory roles, coordinating real-time situational awareness and tactical decision support during mission-critical operations
- Supported coordination of 350+ successful aircraft and maritime operations in dynamic, time-sensitive environments, ensuring accurate communication, procedural compliance, and mission execution
- Maintained continuous monitoring of radar, communications, and tactical data systems to detect anomalies and support rapid threat response and escalation
Education
B.S. - Cybersecurity & Information Assurance
Western Governors University
Salt Lake City, UT04.2027
Skills
- Security Operations: SIEM triage, log analysis, threat hunting, vulnerability management, incident response support
- Tools: Splunk, Microsoft Sentinel, Microsoft Defender for Endpoint, BigPanda, ServiceNow, Tenable, Burp Suite, Wireshark, Autopsy
- Platforms: Azure, Windows, Linux, Active Directory, VDI
- Scripting: PowerShell (foundational), KQL
- Support ticketing systems
- Remote support
- Cross-functional coordination
- Documentation and reporting
Certification
- Security+
- CEH
- Security Blue Team Level 1 (BTL1)
- CySA+ (In Progress)
Timeline
Cyber Security Support Analyst Intern (Vulnerability Management & SecOps)
Log(N) Pacific
01.2025 - Current
Security Operations / Incident Management Analyst
Bread Financial
09.2024 - Current
IT Support Specialist (Enterprise)
Morgan Stanley
09.2023 - 08.2024
Operations Specialist
United States Navy
01.2017 - 01.2021
B.S. - Cybersecurity & Information Assurance
Western Governors University