With nearly two years of expertise in information security, the individual serves as a DevSecOps Analyst, certified in ISO27001. Responsibilities encompass data protection initiatives, threat and environment monitoring, implementation of security controls, and system supplier integration. The role includes analyzing and investigating security incidents to identify and respond to security events effectively. Dedicated to continuous learning, the professional aims to contribute to forward-thinking companies that value security and technological innovation through disruptive, high-quality solutions.
Activities include web application firewall management, involving blocking suspicious user agents, implementing GeoIP blocking and rate limiting, refining rules, migrating CSR policies, deploying malware checkers, and conducting Tsunami-security-scanner implementations. Identity and access management tasks focus on sanitizing permissions and access profiles, segregating system access, and facilitating access granting. For event threat detection and security health analytics, the analyst manages vulnerabilities and risks, creates health check alerts, and conducts related analyses. Governance, risk, and compliance efforts include communicating security tips on topics like password security and phishing awareness. Endpoint detection and response work encompasses policy reformulation for malware and phishing analysis. Additional contributions involve reducing log input, creating dashboards for metrics and logs, and studying and implementing the SIEM Chronicle tool.
