Ron Phillips
Linden,VA
Summary
Cybersecurity professional specializing in threat detection, incident response, and network monitoring. Expertise in SIEM tools and packet analysis, implementing proactive security measures to strengthen organizational resilience.
Overview
27
27
years of professional experience
2
2
Certifications
Work History
Senior Technology Security - Threat Operations
LevelBlue
Linden, Virginia
08.2024 - Current
- Monitored signature-based events in Splunk to identify network threats.
- Resolved customer requests and answered inquiries to enhance overall satisfaction.
- Collaborated closely with team members to achieve project objectives and meet deadlines.
- Managed ServiceNow tickets for incidents identified through Splunk alerts and user notifications.
- Created AlienVault pulses for new IOCs derived from investigations and OSINT sources.
- Isolated infected hosts to prevent further compromise.
- Analyzed data in Fidelis Splunk logs and examined PCAP/Wireshark files.
- Investigated endpoint events through SentinelOne for potential security breaches.
- Assessed network and endpoint events within Microsoft Defender to enhance threat detection.
Cyber Security Analyst
AT&T Cybersecurity
Purcellville, Virginia
09.2019 - 08.2024
- Developed AlienVault pulses for new IOCs from investigations and OSINT sources, enhancing threat detection capabilities.
- Monitored signature-based events in Splunk to identify threats to client networks.
- Analyzed data from Fidelis Splunk logs and PCAP/Wireshark for incident response.
- Isolated infected hosts using Cisco ISE to prevent further compromise.
- Investigated endpoint events in SentinelOne to detect and mitigate security issues.
- Examined network and endpoint events in Microsoft Defender to enhance threat detection.
- Managed ServiceNow tickets for incidents from Splunk and user notifications to ensure timely resolution.
- Conducted historical research for IOCs within customer environments, enabling proactive security measures.
Tier 2 Security Analyst
XORSecurity
Herndon, Virginia
01.2019 - 09.2019
Sec Spec IV-Network & Info. Security
Verizon
Ashburn, Virginia
04.2017 - 12.2018
Senior Cyber Security Analyst
CSRA
Herndon, Virginia
05.2014 - 04.2017
Affiliate Network Security Engineer
Verizon
Ashburn, Virginia
02.2010 - 05.2014
Advanced Network Technician
Verizon
McLean, Virginia
08.1999 - 02.2010
Education
Master of Science - Cybersecurity
University of MD. University College
Adelphi Maryland12-2016
Bachelor of Arts - Government And International Politics
George Mason University
Fairfax, VA05-2006
Skills
- Threat detection and incident response
- Security analysis and vulnerability assessment
- Cybersecurity frameworks and SIEM monitoring
- Network monitoring and log analysis
- Packet analysis and Splunk expertise
- Fidelis and ArcSight proficiency
- SentinelOne and MS Defender skills
- EDR and SaaS solutions
- ServiceNow and Cisco ISE knowledge
Security Clearance
Top Secret based on SSBI (Active)
Certification
SANS GSEC
Timeline
Senior Technology Security - Threat Operations
LevelBlue
08.2024 - Current
Cyber Security Analyst
AT&T Cybersecurity
09.2019 - 08.2024
Tier 2 Security Analyst
XORSecurity
01.2019 - 09.2019
Sec Spec IV-Network & Info. Security
Verizon
04.2017 - 12.2018
Senior Cyber Security Analyst
CSRA
05.2014 - 04.2017
Affiliate Network Security Engineer
Verizon
02.2010 - 05.2014
Advanced Network Technician
Verizon
08.1999 - 02.2010
Master of Science - Cybersecurity
University of MD. University College
Bachelor of Arts - Government And International Politics
George Mason University