Summary
DFIR Analyst and Threat Investigator with experience in enterprise incident response, threat hunting, and forensic analysis across large-scale environments. Skilled in investigating endpoint, network, and API-based threats, with a focus on evidence-driven analysis, detection engineering, and operational efficiency through automation.
Experience
Independent DFIR Development
Green Bay, WI · Jul 2025 – Present- Conduct simulated incident response investigations across endpoint and memory artifacts in lab environments.
- Perform memory forensics and malware analysis to identify persistence mechanisms, lateral movement, and indicators of compromise.
- Develop repeatable workflows for forensic triage, threat hunting, and investigative analysis.
Senior Cyber Operations Analyst
Salt Security · Dec 2022 – Jul 2025- Led incident response investigations across 100+ enterprise environments, performing detection, triage, containment, and remediation.
- Conducted threat hunting and investigative analysis focused on OWASP API Top 10 attack techniques, identifying malicious behavior and validating impact.
- Developed Python and MySQL automation to accelerate forensic analysis and investigative workflows, reducing analyst effort by 35%.
- Designed automated reporting solutions to deliver clear, client-ready findings and prioritized remediation guidance, reducing reporting effort by 50%.
Cybersecurity Analyst
Salt Security · Dec 2022 – Jul 2025- Performed host- and network-based investigations to triage alerts and analyze suspicious activity across enterprise environments.
- Built automated incident triage and forensic enrichment workflows using Python and MySQL, reducing manual investigative effort by 40%.
- Supported containment and remediation by correlating activity across multiple telemetry sources.
Security Operations Center Analyst
Dow, Inc. · Jan 2020 – Jan 2022- Conducted enterprise incident response and threat investigations across hybrid IT/OT environments.
- Analyzed endpoint, network, and SIEM telemetry to identify malicious activity and support response actions.
- Designed and implemented SIEM detection use cases aligned to the MITRE ATT&CK framework.
- Investigated phishing campaigns and social engineering activity, improving detection and response workflows.
Freelance Information Security Specialist
San Diego, CA · Jun 2022 – Dec 2022- Built and maintained DFIR lab environments using Python, Bash, and PowerShell to simulate real-world investigations.
- Analyzed malicious behavior and refined investigative workflows through hands-on experimentation.
- Achieved Top 2% global ranking on TryHackMe (Cyber Defense / Blue Team paths).
Projects
Personal Website Design and Hosting
- Designed and implemented a responsive website using HTML, CSS, and JavaScript.
- Deployed and maintained the website using AWS Amplify hosting platform.
- Optimized website performance and user experience through continuous improvements.
Malware Research & Threat Intelligence Lab
- Architected and maintained a dedicated malware research environment for analyzing malicious files and attacker behavior.
- Performed static, dynamic, and memory-based malware analysis to identify execution flow, persistence, and indicators of compromise.
- Documented findings to support detection logic, threat intelligence development, and investigative methodology improvements.
SIEM Tuning & Detection Engineering (SASE)
- Designed and tuned SIEM detection use cases integrating Zscaler telemetry into QRadar environments.
- Mapped detections to MITRE ATT&CK to improve investigative context and prioritization.
- Enhanced visibility into network-based threats through structured detection engineering practices.
Skills
Education & Certifications
B.S. Computer Science · Information Technology Minor
Michigan State University
- Cisco CCNA
- Cisco CCNA Cybersecurity
- AWS Cloud Practitioner
- Microsoft Azure Fundamentals