Robin McBroom
Lawrenceville,US
Summary
Senior Information Security Engineer with over ten years of experience in detection strategy and insider threat mitigation. Expertise in designing scalable security frameworks and enforcing enterprise controls in cloud and on-prem environments. Achievements include significant reductions in security breaches through strategic vulnerability assessments and proactive risk management. Skilled in developing security policies that enhance organizational resilience against cyber threats.
Overview
11
11
years of professional experience
Work History
Senior Security Engineer - Insider Threat
Coinbase
04.2022 - Current
- Lead insider threat detection across SaaS, endpoint, and browser environments to reduce misuse risk.
- Led critical security initiatives focused on personal use enforcement, data protection, and infrastructure hardening, improving log quality and sustainability to support more efficient, high-fidelity detections, and increase true positive outcomes.
- Delivered 40+ high-impact detections across admin abuse, OAuth misuse, USB activity, and behavioral anomalies, while supporting the tuning and expansion of the existing scoring framework.
- Designed, launched, and documented the Insider Threat Jira Service Desk with SLA-based routing, analyst queues, and intake workflows; authored Insider Threat runbooks covering the full detection lifecycle, and triage processes.
- Designed and implemented multi-layered security architectures to enhance overall system integrity.
- Developed and enforced security policies to align with regulatory requirements and organizational standards.
- Partner with Legal, InfraSec, IT, and Engineering to align controls and close visibility gaps.
Senior Systems Engineer - Data Protection Enablement
The Home Depot
Atlanta, US
03.2021 - 03.2022
- Drive enterprise-wide data protection strategy, aligning enforcement with business risk
- Refine DLP policies with stakeholders to reduce false positives and standardize frameworks
- Build and deploy scalable data protection infrastructure, including API integrations
- Define and report KPIs for data protection coverage and regulatory alignment
- Deliver executive summaries highlighting data visibility gaps and alignment challenges
Information Security Analyst - Countermeasures
Equifax
Alpharetta, US
12.2019 - 03.2021
- Conducted advanced analysis of network packets, host telemetry, and system logs (Windows, Linux/UNIX), including net flow, executable behavior, IDS/IPS alerts, and metadata to identify anomalies and potential threats.
- Utilized tools such as tcpdump and Wireshark for deep packet inspection and network-based investigations.
- Monitored open source and internal threat intelligence to detect emerging risks, trends, and shifts in attacker behavior; contributed findings to management and broader risk assessments.
- Reviewed technical documentation, network diagrams, and system architectures to define security requirements, and recommend appropriate controls.
- Performed tuning of existing security sensors, and collaborated on the deployment and maintenance of security tools and appliances.
- Led or contributed to incident response operations, including after-hours escalation, reporting, and incident simulation exercises.
- Authored and refined technical documentation and security procedures to support knowledge sharing and operational consistency.
- Developed a deep understanding of enterprise network architecture and organizational security tools, applying that knowledge to enhance detection and defense capabilities.
Senior Information Security Engineer - Detection & Response
Equifax
Alpharetta, US
02.2017 - 01.2019
- Architected and maintained Symantec DLP infrastructure supporting over 30,000 users across global regions, including patching, policy design, and rule tuning.
- Established and led a cross-functional DLP risk management team to identify sensitive data exposure and implement enterprise-wide risk reduction strategies.
- Developed and deployed custom rule sets for Proxy, HIPS, NIPS, and DLP systems to enhance protection across endpoints and perimeter defenses.
- Implemented and maintained enterprise security technologies, including endpoint protection, perimeter security, and SIEM integration.
- Leveraged IT expertise to identify and respond to cyber threats across common attack vectors, improving incident response efficiency.
- Engineered technical countermeasures based on Indicators of Interest (IOIs), enabling proactive blocking and alerting of threat activity.
- Authored detailed documentation of system behavior, feature gaps, and analytical tool performance to guide future enhancements.
- Created custom alerting logic, including YARA and IPS rules, to detect anomalous behavior, and support triage workflows.
- Designed and implemented Web Application Firewall (WAF) policies to protect critical web applications from external threats.
Information Security Engineer 3 - Vulnerability Assessment
Mckesson
Alpharetta, US
01.2017 - 03.2017
- Developed and implemented security protocols to safeguard sensitive data.
- Conducted vulnerability assessments to identify potential security risks.
- Directed risk assessment operations, and executed system tests to uncover vulnerabilities.
- Collaborated with teams to enhance security posture, and ensure compliance.
- Coordinated evaluations of third-party software for adherence to internal security policies.
- Reviewed security audits to highlight existing security issues and concerns.
- Performed system maintenance through thorough security verifications of systems and processes.
Information Security Analyst
EarthLink
Atlanta, US
02.2015 - 01.2017
- Conduct vulnerability assessments with Rapid7 and Tenable, prioritize remediation for exposures
- Perform security scans on external systems and applications, reduce organizational risk
- Maintain network security controls for routers, switches, and firewalls, ensure infrastructure integrity
- Implement access control policies to safeguard sensitive data
- Deliver impact analysis of vulnerabilities to leadership, support decision-making
Education
M.S. - Information System Security Management
Strayer University
Greenville, SC01.2014
Bachelor of Science - Computer Technology
North Carolina A&T State University
Greensboro, NC01.2007
Skills
- Infrastructure Security
- Cloud Security
- Multi-Cloud Architecture
- Secret Management
- Cross-Functional Collaboration
- Incident Response
- Problem Solving
- Security Testing
- SIEM
- DLP
- O365
- Google BeyondCorp
- Automation Tools
- Vulnerability Management
- Risk Assessment
- Threat Modeling
- Security Architecture
- Incident Management
- Security Awareness Training
- Endpoint Protection
- Security Compliance
- Log Analysis
- Security Auditing
- Access Control
- Change Management
- User Training
- Incident Analysis
- Security Policies
- Forensic Analysis
- Behavioral Analysis
- Data Protection
- Risk Mitigation
- Technical Leadership
- Regulatory Alignment
- Security Frameworks
- Executive Reporting
- Security Research
- Security Automation
- Security Metrics
- Security Consulting
- Threat Detection
- Process Optimization
- Data Classification
- Risk Communication
- Cyber Risk Management
- Technical Documentation
- Data Analytics
- Security Strategy
- Risk Management
- Security Operations
- Policy Development
- System Hardening
- Threat Analysis
- CASB
- SIEM(Panther,Qradar, Splunk)
- WAF
- Microsoft O365
- GCP
- AWS
- Github
Timeline
Senior Security Engineer - Insider Threat
Coinbase
04.2022 - Current
Senior Systems Engineer - Data Protection Enablement
The Home Depot
03.2021 - 03.2022
Information Security Analyst - Countermeasures
Equifax
12.2019 - 03.2021
Senior Information Security Engineer - Detection & Response
Equifax
02.2017 - 01.2019
Information Security Engineer 3 - Vulnerability Assessment
Mckesson
01.2017 - 03.2017
Information Security Analyst
EarthLink
02.2015 - 01.2017
M.S. - Information System Security Management
Strayer University
Bachelor of Science - Computer Technology
North Carolina A&T State University