Corey Butts
Gorham,ME
Summary
Experienced cybersecurity professional and SJIS-certified analyst with over 8 years in incident response and threat hunting within fast-paced SOC environments. Skilled in analyzing endpoint and firewall telemetry to detect malicious TTPs like ransomware and credential harvesting. Committed to utilizing behavioral analytics for adversary insights and delivering actionable intelligence to stakeholders.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Cyber Security Analyst
Tyler Technologies
Falmouth, USA
10.2017 - Current
- Led end-to-end incident response for a targeted ransomware campaign, detecting an anomalous international login, tracing the root cause to a credential-harvesting phishing vector, and analyzing malicious script execution to facilitate immediate client containment.
- Conducted in-depth host and network-based intrusion analysis across Windows endpoints, firewalls, and VPN telemetry to identify, investigate, and triage suspicious activity in a 24/7 remote SOC environment.
- Served on a 6-member threat intelligence board to evaluate, prioritize, and tune alert logic; reviewed customer reports of false positives/negatives to enhance detection efficacy across proprietary EDR and logging platforms.
- Leveraged open-source intelligence (OSINT) tools and behavioral analytics alongside deep-dive system and firewall log analysis to determine the legitimacy of alerts and identify emerging threat actor TTPs.
- Managed critical weekend operations autonomously, ensuring flawless malware detection rate throughout 8.5-year tenure.
Technical Support CSC II (IHD Connectivity)
IDEXX Laboratories
Westbrook, USA
10.2015 - 10.2017
- Provided advanced networking and connectivity support for enterprise clients, diagnosing and resolving complex infrastructure and routing issues to ensure minimal downtime.
- Oversaw critical data extractions and backup restorations to maintain data integrity and availability for customer environments.
- Created and updated technical documentation and standard operating procedures (SOPs) to streamline troubleshooting workflows, enhancing team efficiency and response times.
Education
Information Technology -
Northeast Technical Institute
Scarborough, MESkills
- Threat Hunting
- Incident Response
- End-to-End Incident Response
- Behavioral Analytics
- Host Intrusion Analysis
- Network Intrusion Analysis
- Ransomware Containment
- Phishing Investigation
- Malware Mitigation
- Identification of Threat Actor TTPs
- Log Analysis
- Telemetry
- System Logs
- Firewall Logs
- VPN Telemetry
- Suspicious Activity Querying
- Custom Alert Triage
- Threat Intelligence
- Engineering
- Open-Source Intelligence (OSINT)
- Alert Prioritization
- False Positive/Negative Reduction
- Detection Logic Tuning
- Systems
- Networking
- Advanced Windows OS Administration
- Cisco Networking
- Security Fundamentals
- SQL Database Management
- Operations
- Methodologies
- 24/7 Remote SOC Operations
- Cross-Functional Collaboration
- Agile
- Scrum
- Jira
Certification
- GIAC Certified Incident Handler (GCIH), Candidate, 12/31/26
- CompTIA CySA+, Security+, Network+
- Sophos ET15, SC00, SC01, SC04, SC05, SC06, SC08, SC09
- SJIS Certified
Timeline
Cyber Security Analyst
Tyler Technologies
10.2017 - Current
Technical Support CSC II (IHD Connectivity)
IDEXX Laboratories
10.2015 - 10.2017
Information Technology -
Northeast Technical Institute