Joshua Sheathelm
South Lyon,MI
Summary
Ambitious SOC Analyst II committed to formulating innovative solutions to challenges while optimizing and automating processes. Polished in developing and implementing security plans and procedures and developing strategies to respond and recover from security breaches. Logical and analytical leader familiar with security tools and technologies such as firewalls and proxy servers.
Overview
5
5
years of professional experience
Work History
SOC 2
12.2022 - Current
- Enhanced security posture across four LogRhythm-based SIEMs in HA, XM, and Cloud environments
- Architected and optimized SIEM alerts for recently onboarded systems, cutting down false positives by 65% through rigorous data analysis and proactive adjustments, enabling the team to focus on critical incidents
- Developed and implemented a comprehensive maintenance plan for Linux-based Data Indexers, resulting in a 60% reduction in system errors and a 90% improvement in overall system stability
- Conducted troubleshooting and resolved infrastructural outages, ensuring 24/7 monitoring availability
- Orchestrated the creation and deployment of Global Log Processing Rules, streamlining data processing workflows and achieving a 50% improvement in system performance and reduced processing time
- Engineered an advanced data automation system utilizing Powershell and SQL to generate 50+ client reports daily, reducing manual report generation time by 80% and improving data accuracy by 25%
- Directed and managed complex upgrades for LogRhythm hosts and applications, optimizing performance and security effectiveness, leading to a 20% increase in system efficiency and reducing response time to security incidents by 15%
- Led troubleshooting efforts by collaborating with cross-functional teams to address 30+ user-reported issues, ensuring a seamless transition during Axon's launch.
SOC Specialist
Novacoast
06.2022 - 12.2022
- Guided client collaborations to enhance SIEM alarms, resulting in a 50% reduction in alert fatigue, a 30% decrease in response time to security incidents, and a 20% boost in threat detection accuracy
- Generated monthly security posture reports for SIEMs
- Directed 24/7 on-call support for SIEM issues, ensuring seamless operations; reduced incident response time by 40% and maintained 99.9% system availability to safeguard critical data assets
- Architected and streamlined user access policies in a SIEM environment
- Optimized SIEM security infrastructure through the strategic deployment of LogRhythm, Windows services, Linux, and SQL, resulting in a 25% improvement in threat visibility and a 20% reduction in false positive alerts
- Architected and upgraded Data Indexers, Platform Managers, and Data Processors, achieving a 20% increase in data processing speed and a 15% reduction in data processing errors
- Implemented real-time anomaly detection systems that identified and blocked suspicious activities, enhancing overall cybersecurity posture and reducing response time to threats by 50%.
SOC I Team Captain
Novacoast
08.2021 - 06.2022
- Directed a team of 10 analysts to provide real-time monitoring for international clients, resulting in a 15% decrease in response time to critical incidents and ensuring uninterrupted coverage 24/7
- Oversaw client distribution to analysts, mitigated coverage gaps, and addressed SIEM outages swiftly; strengthened operational continuity and fortified security protocols to uphold service standards
- Proposed software improvements and conducted beta testing
- Implemented a shadowing program where new team members observed and learned from experienced colleagues, resulting in a 20% increase in first-call resolution rates and a 30% improvement in overall team performance
- Conducted in-depth data investigations to identify and rectify security incidents and compliance issues, resulting in a 30% reduction in non-compliance incidents and a 25% increase in overall workplace adherence to regulations.
Sr. IT Technician
Eastern Michigan University
07.2019 - 08.2021
- Information Technology Help Desk Technician
- Directed technical support operations for end-users, executing root cause analysis and developing strategic troubleshooting plans; enhanced resolution efficiency by 35% and minimized system downtime, resulting in improved productivity and user satisfaction
- Engineered a comprehensive DUO user administration strategy, integrating multi-factor authentication methods and user role restructuring; enhanced system security and reduced unauthorized access incidents by 60%
- Orchestrated interviews for 50+ new hires, vetting for technical proficiency and cultural fit; developed and delivered a comprehensive training program that boosted employee productivity by 40%
- Engineered software activation process, resulting in a 25% decrease in unauthorized software usage and ensuring compliance with licensing agreements across all departments
- Directed migration of 200+ courses to virtual platform amidst COVID-19, preserving student attendance and academic continuity, achieving 97% attendance rate and minimal disruptions to university workflow.
Education
Information Assurance and Cyber Defense -
College of Engineering and Technology, Eastern Michigan University
05.2023
Skills
- Network Security
- Incident Response
- Vulnerability Assessment
- Digital Forensics
- Security Architecture
- SIEM management
- Firewall Management
- Application security
- Cybersecurity Management
- Intrusion Detection
Independent Projects
- Established, configured, and managed an ELK stack SIEM and Splunk SIEM Instance.
- Engineered and executed a comprehensive virtual workplace solution, leveraging Active Directory, Splunk SIEM, PFsense Firewalls, DNS, DHCP, Domain Controllers, and streamlining operations for 10 Windows workstations.
- Multiple Packet Tracer and GNS3 Networking configurations and troubleshooting instances.
Proficient Applications
- Scripting: PowerShell
- SIEMs, Administrative: LogRhythm, Axon, Splunk
- SIEMs, Monitoring: LogRhythm, Axon, Splunk, Azure Sentinel, Google Chronicle
- Operating Systems: Windows 10, 11, Kali Linux, Ubuntu Linux, CentOS Linux, MacOS
- Miscellaneous: SQL Server Management Studio, O365 Suite
Timeline
SOC 2
12.2022 - Current
SOC Specialist
Novacoast
06.2022 - 12.2022
SOC I Team Captain
Novacoast
08.2021 - 06.2022
Sr. IT Technician
Eastern Michigan University
07.2019 - 08.2021
Information Assurance and Cyber Defense -
College of Engineering and Technology, Eastern Michigan University