Jordan Bourcier
Senior SOC Analyst
Salt Lake City,UT
Summary
I am an experienced SOC (Security Operations Center) Analyst and Cyber security Engineer. On a daily basis I conduct triage of security events that are generated by our in-house SIEM solution that draws data from all well known security products including Sentinel One, Microsoft Defender, Crowdstrike, Carbon Black and many others. I also perform deep technical analysis of security events to uncover root cause and develop new detection techniques.
I was recently Acknowledged in an Arctic Wolf threat labs report for my role in uncovering an attack on a recently released CVE. https://arcticwolf.com/resources/blog/arctic-wolf-observes-threat-campaign-targeting-palo-alto-networks-firewall-devices/.
I also took third place in an IR (Incident Response) challenge at a cyber security conference in UT utilizing Sentinel One and native windows tools.
Cyber security is my passion and I consider myself to be a life long student. I continually look for ways to increase my knowledge and skill set either through online learning platforms such as Hack the Box and Try Hack Me or through my extensive home lab.
Overview
3
3
years of professional experience
3
3
years of post-secondary education
Work History
Senior Triage Security Analyst
Arctic Wolf
08.2024 - Current
- Monitored and analyzed network traffic, security logs, and alerts using in house SIEM tools to identify potential security incidents, ensuring rapid detection and response.
- Identified, analyzed, and responded to advanced persistent threats (APT), malware, and zero-day exploits, leveraging advanced threat detection and analysis tools.
- Assessed and prioritized security alerts based on risk, ensuring high-priority incidents received immediate attention and low-priority alerts were handled in due course.
- Performed root cause analysis for security incidents, providing actionable insights for strengthening security posture and preventing future incidents.
- Conducted deep-dive forensic analysis on suspicious network activity, logs, and endpoints to identify indicators of compromise (IOCs), uncover attack vectors, and provide actionable threat intelligence.
- Used Active Response measures to quickly stop threats at any stage of the cyber kill chain.
Concierge Security Engineer 3
Arctic Wolf
Pleasant Grove, Utah
09.2023 - Current
- Leads a team of highly motivated security Engineers.
- Works with clients to develop company-wide information assurance, security standards and procedures.
- Recommended for the "Top Engineer of the Year" award by direct supervisor.
- Offer's preventative training to harden personnel against intrusion vectors such as phishing, ransomware and more.
- Performs risk analyses to identify appropriate security countermeasures.
- Recommends improvements for client security systems and procedures.
- Trains and mentors junior Engineers.
- Collaborates with technical leads to develop new tools, processes and procedures.
- Conducts threat hunts within client environments.
Concierge Security Engineer 2
Arctic Wolf
08.2022 - 09.2023
- Cybersecurity consultant for numerous large-scale clients and their stakeholders.
- Gain deep insights into client environments to find practical solutions that will improve security posture and architecture internally, externally, and in the cloud.
- Perform vulnerability analysis to determine prioritized risk, and fiscally responsible mitigation techniques.
- Use SIEM to triage client observations and assist with incidents, as necessary.
- Work directly with upper/executive management, and other stake holders to establish clear expectations, plans of action, and drive security-based conversations.
- Leverage technical expertise and soft skills to present complex, technically challenging material to non-technical staff in digestible formats.
Python Developer
Freelance
08.2021 - Current
- Uses Python to automate workflows to increase efficiency and reduce human error.
- Builds custom tools from scratch that utilized local as well as cloud-based resources.
- Uses Python to build custom log parsers to extract relevant data and gain actionable insights.
- Follows best practices with code development, maintenance and testing to improve solution design.
Support Engineer - Azure App Services
Microsoft
06.2022 - 08.2022
- Provided premium level support for customer application deployments on Azure App Services.
- Utilized trouble shooting techniques to solve complex deployment issues in the Azure cloud environment.
- Documented technical issues and solutions to enable tracking history and maintain accurate logs.
- Built custom cloud-based labs to recreate customer issues and provide proven solutions.
- Implemented technical solutions to solve customer issues and increase satisfaction.
AWS Glacier Technician
AWS, Amazon Web Services
10.2021 - 06.2022
- Maintained inventory of AWS Snow and Glacier product lines to include over one-hundred and fifty edge computing/storage devices as well as fifteen magnetic tape drive libraries used for secure long term data storage.
- Coordinated with multiple teams across different states to oversee remediation of power supply harnesses on over two-hundred and fifty devices.
- Used software engineering skills to build custom tools for internal teams.
- Engaged with relevant stakeholders to drive projects/problems to resolution.
- Won “Most trouble ticket resolved in a single week” for 2021.
- Organized work to meet demanding production goals.
Education
Bachelor of Science - Cybersecurity And Information Assurance
Western Governors University
Salt Lake City, UT 09.2023 - Current
Associate of Science - Network Administration And Cyber Security
MyComputerCareer.com
Raleigh, NC 02.2021 - 03.2023
Skills
Practical Network Penetration Tester (PNPT)
Practical Junior Penetration Tester (PJPT)
Comptia CASP
CompTIA CySA
Cisco CyberOps Associate
Certified Ethical Hacker
Cisco CCNA
Certnexus Cybersec First Responder
CompTIA Security
CompTIA Server
CompTIA Network
Linux Essentials
MTA Windows Server Administration
MTA Security Fundamentals
Projects
- Wifi Beacon Stealer - This is a tool that will listen for wifi beacons and then spin up an evil twin Wifi network, respond to the beacon request, and then capture the the WPA password hash, All without victim interaction.
- Website scraper - A tool that looks for links going to cloud storage such as amazon S3 buckets or Azure blob storage. Speeds up the process of finding clients externally facing assets.
- Subdomain finder - This is an internal tool that pulls down all the top level domains for a client and then loops through them to gather all subdomains utilizing the security trails API.
- Port checker - Pulls all the outbound server ports for a clients environment over the last week and matches them to known bad ports ie 4444 ect...
- Ip checker - Pulls all outbound traffic server IP's and checks their reputation for known or suspected malicious IP's.
- Wordpress plugin enumerator - Gets vulnerable plugins from Wordfence and then checks to see if they are in use in a clients wordpress site.
- C2 framework built on python and C - (work in progress).
Timeline
Senior Triage Security Analyst
Arctic Wolf
08.2024 - Current
Concierge Security Engineer 3
Arctic Wolf
09.2023 - Current
Bachelor of Science - Cybersecurity And Information Assurance
Western Governors University
09.2023 - Current
Concierge Security Engineer 2
Arctic Wolf
08.2022 - 09.2023
Support Engineer - Azure App Services
Microsoft
06.2022 - 08.2022
AWS Glacier Technician
AWS, Amazon Web Services
10.2021 - 06.2022
Python Developer
Freelance
08.2021 - Current
Associate of Science - Network Administration And Cyber Security
MyComputerCareer.com
02.2021 - 03.2023
Similar Profiles
Drew HegsethDrew Hegseth
Commercial Account Representative at Arctic WolfCommercial Account Representative at Arctic Wolf
Cameron PoseyCameron Posey
ACCOUNT REPRESENTATIVE - COMMERCIAL at Arctic WolfACCOUNT REPRESENTATIVE - COMMERCIAL at Arctic Wolf
Kansas AdamsKansas Adams
Sales Development Representative at Arctic WolfSales Development Representative at Arctic Wolf