Zachary Mendoza

• Monitored user activities on servers, networks and other IT resources for suspicious activity or policy violations.
• Analyzed system logs to identify malicious behavior or attempts at unauthorized access.
• Made recommendations to improve security procedures and systems.
• Serve as escalation point with MSSP vendor for further investigation (L2 Analysis) of alerts.
• Tune/create MSSP playbooks.
• Participate in red team exercises as blue team identifying/mitigation of log gaps and alert tuning.
• Verify 3rd party pen-testing activities.
• Initial point of contact for SOC site incident pages (Pager Duty)
• Exposure to automation tooling (tines)
• Provide Security reviews on IAM requests

• Serve as the initial point of contact outside the security team addressing security based inquiries.
• Identified security threats, vulnerabilities and potential malicious activities through log analysis.
• Initial response team to security events from alert sources as necessary (EDR, SIEM, WAF, phishing, etc.)
• Assist in tuning,maturing,creation of playbooks,SOP's, and job aid
• Verifying/tuning seem based alerts dropping down False Positive of alerts
• Participate in a 24x7 rotation scheduling and on-call with geographic disparity
  Participate in 10x4 shifts
• Splunk ES dashboard/table creation to improve investigation processes.
• Proficiency with JIRA,Confluence for documentation and ticketing
• Analyze reported suspicious emails to identify phishing email.
• Creation/tuning of email based alerts. (google admin)
• Utilize osint framework in investigations
• Detailed documentation of shift log to be passed down to rotating shift for awareness of current standing.
• Report weekly alert reviews for trends,lessons learned, one-offs,action items.
• Meticulously document shift activities on Confluence, ensuring seamless knowledge transfer and team-wide awareness for smooth operational continuity.
• Analyze company social media accounts as to identify any security related community posts

-Meticulously monitor, research, assess and analyze on all notable security events within the Credit Karma environment while following the company's SOPs and policies.

-Engage with partners in engineering, IT, and operations to respond to and remediate events

Participate in a 24x7 rotation scheduling and on-call with geographic disparity

Splunk ES dashboard/table creation to improve investigation processes.
Alert tuning,creation.