Rafael Ledezma

• Lockheed Martin/Space Force Next-Gen OPIR program
• Subject Matter Expert for Splunk
• Architecting, deploying, configuring, and supporting detection technologies (HBSS, ACAS)
• Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
• Setup and maintained Splunk architecture and various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, License model.
• Experienced in conducting audits, identifying vulnerabilities, and recommending and implementing appropriate remediation strategies.
• Strong knowledge of DOD cybersecurity policies, procedures, and best practices, ensuring adherence to strict security requirements.
• Designed and implemented Splunk Architecture following best practices provided by Splunk that met the DoD guidelines.
• Automated Splunk Stig's, implementation, forwarders and much more using ansible.
• Automated redhat and rsa deployment.

Thales Trusted Cyber Technologies

• Created policies and procedures for emerging security technologies and proposals.
• Validated and verified system security requirements definitions and analyzed system security designs.
• Researched and tested design feasibility and operation of equipment, components and systems.
• Performed mitigation plan and performed remediation activities based on the findings to resolve network and system vulnerabilities to meet DOD compliance requirements.
• Help design, test, and implement new encryption devices.

• Working and controlling security that interfaces with DNS, TCP/IP, SSL, and load balancing devices.
• Responsible for managing abuse for clients (some Fortune 500) and pulling logs from their servers, and analyze the data to provide advisory support on determining the next steps.
• Work all reported case types such as Spam Email, Port Scanning, Malware, DoS, Copyright Infringement etc
• Utilized Linux commands, building scripts, viewing and reading logs,
determining if an Amazon Web Service (AWS) server is compromised, and other tools to perform 300-400 investigations weekly
• Assume responsibility for developing detailed knowledge about AWS
specific products and features
• Responsible for reviewing network logs.

Cognosante LLC

• Worked with the SOC to perform threat analysis in a 24/7 environment.
• Worked with tools such as, Blurb Suite, and Nessus to write reports and provide analysis of the network.

Empowering Minds Resource Center

• Managed and conducted a inventory project for over 300 devices and 100 employees, maintaining accurate record of company clients.
• Implemented work from home polices, and procedures.
• Implemented and secured a VPN server for WFH.

Team Travel Source

• Implemented a help desk ticket system
• Maintain an Up-to-date knowledge of cyber threats