MAC SMITH
Atlanta,GA
Summary
Experienced cybersecurity professional with expertise in incident response, SOC analyst, risk assessment, and security operations. A collaborative team player known for driving automation, improving detection capabilities, and coordinating cross-functional efforts to enhance security posture and enable continuous risk reduction. Strong analytical skills and attention to detail support adaptability and results-driven performance in dynamic environments. Passionate about driving organizational success through innovation, collaboration, and high-impact solutions.
Overview
13
13
years of professional experience
Work History
Cyber Security Incident Response
Microsoft
03.2021 - Current
- Incident Coordination: Led critical security incident response as the primary coordinator, orchestrating cross-functional collaboration between technical and business teams to swiftly contain threats, minimize operational disruption, and protect organizational assets—resulting in enhanced incident resolution efficiency and reduced risk exposure.
- Automation: Leveraged Copilot AI to develop and automate scripts for mass disabling of compromised accounts, streamlining containment efforts during security investigations and significantly reducing risk exposure.
- Collaboration: Collaborate closely with SOC, Threat Hunting, Threat Intelligence, Insider Threat, and Vulnerability Management teams to enable incident coordination and real-time information sharing during incidents—enhancing detection accuracy, accelerating response times, and strengthening overall security posture.
- Results-Driven: Assessed and prioritized 100+ cyber defense incidents annually, reducing mitigation time by 30%. Recommended and implemented strategies that cut system vulnerabilities by 20%. Prepared and presented detailed incident reports to cross-functional teams and leadership, driving continuous security improvements.
- Analytical: Partner with service teams to prioritize detection needs and lead development of advanced capabilities. Provides technical guidance on intrusion response, analyzes patterns to optimize resources, and drives automation that boosts efficiency and speeds threat mitigation.
- Data Analysis: Analyze key metrics, KPIs, and diverse data sources to identify trends and drive actionable strategies in collaboration with cross-functional teams. Leverage multiple data sources for insightful decision support, stay updated on emerging analytical tools, and lead initiatives to enhance team capabilities and promote a data-driven culture.
- Improvements: Recommends automation to improve effectiveness and efficiencies of security operations. Contributes to security policy and standards. Collaborates with internal and external parties to ensure Service Level Agreements (SLAs) are reached when addressing threats. Drives improvements in customer and partner experience by sharing best practices and interacting with customers.
SOC Analyst
Microsoft
02.2016 - 03.2021
- Security Monitoring: Conduct threat analysis and alert triage leveraging Microsoft Sentinel, Microsoft Defender for Endpoint (EDR), Azure Threat Protection, and other cloud security platforms, improving detection accuracy and reducing incident response times.
- Analyze Security Incidents: Investigate and remediate escalated security incidents, including phishing, account compromise, data breaches, and other cyber threats, utilizing advanced Microsoft security toolsets to protect critical business and customer data.
- Alert Triage: Conducts thorough investigations and response actions for security incidents affecting customers, including Denial of Service attacks and data breaches.
- Threat Analysis: Analyzes threat actors' tactics, techniques, and procedures (TTPs) to identify and mitigate malicious activities effectively.
- Investigation: Analyze adversary behaviors based on MITRE ATT&CK methodology to uncover threat actor tactics and techniques, enabling proactive mitigation and informed defense strategies.
- Threat Intelligence: Researches new attacks and identifies trends to reduce noise in detections. Drives prioritization and resources required to address potential or actual intrusions identified as a result of monitoring activities. Drives automation of detection and response.
IT Support/Analyst
U.S. ARMY
02.2014 - 02.2016
Information Assurance Manager
U.S. ARMY
01.2013 - 02.2014
Education
Bachelor of Science - Computer Information Systems
Thomas Edison State University
Trenton, NJCentral Texas College
Skills
Incident Response
Incident Coordination
Identity Access Management (IAM)
Azure Cloud Security
Endpoint Detection and Response (EDR)
Cross-functional Collaboration
Cyber Defense
Adaptability
Strategic Planning
Security Monitoring
Analytical Skills
SOC Operations
Vulnerability Management
Log Analysis
PowerShell
Threat Analysis
Incident Response Frameworks (NIST, SANS, MITRE ATT&CK)
Post-Incident Reviews
Timeline
Cyber Security Incident Response
Microsoft
03.2021 - Current
SOC Analyst
Microsoft
02.2016 - 03.2021
IT Support/Analyst
U.S. ARMY
02.2014 - 02.2016
Information Assurance Manager
U.S. ARMY
01.2013 - 02.2014
Bachelor of Science - Computer Information Systems
Thomas Edison State University
Central Texas College
Similar Profiles
DIVJOT SINGHDIVJOT SINGH
Software Engineer II at MicrosoftSoftware Engineer II at Microsoft
Premlata KumariPremlata Kumari
Technical Program Manager at MicrosoftTechnical Program Manager at Microsoft
REAGAN M. HARKINREAGAN M. HARKIN
Customer Experience Program Mgr., Dragon Copilot at MicrosoftCustomer Experience Program Mgr., Dragon Copilot at Microsoft
Angela LeonAngela Leon
Client Director- SC Government at MicrosoftClient Director- SC Government at Microsoft
Matthew RyanMatthew Ryan
Regional Sales Manager- East at Assa Abloy Americas Residential / Spectrum BrandsRegional Sales Manager- East at Assa Abloy Americas Residential / Spectrum Brands