Jhohan Anthony Hernández Sánchez

• Lead and achieve the implementation and integration of security and cloud infrastructure platforms (AWS) with the SOC provider.
• Integration of security platforms and new sources (SIEM/SOC).
• Lead the configuration and implementation of new cybersecurity platforms.
• Propose and create use cases for AWS cloud infrastructure and web applications.
• Management of cybersecurity platforms (SIEM ELASTIC, ESET Antivirus Console, CORTEX XDR)
• Review and propose remediations for security findings in AWS cloud infrastructure (SecurityHub).
• Analyze and propose remediation for vulnerabilities in operating systems (EKS version, EC2 OS versions).
• Management of vulnerability analysis tools in code (Sonarqube, Fluidattacks).
• Vulnerability management and support for dev-squads until remediation within the deadline based on severity (low, medium, high).
• Execution of information security protocols to counter threats.
• Monitor systems and components to detect cybersecurity vulnerabilities, unusual activities affecting information.
• Monitor the performance of security controls.
• Review Jenkins pipelines and potential security findings.
• Responded promptly to cyber incidents by analyzing attack signatures, isolating affected systems, and restoring normal operations.
• Investigated information security breaches to identify vulnerabilities and evaluate damage.
• Reviewed audit logs daily for unusual activity or patterns that could indicate an attempted breach or attack.
• Reviewed security bulletins and vulnerability patch releases.
• Monitored user activities on the network for suspicious behavior or malicious activity.
• Analyzed network traffic logs, firewall logs, intrusion detection system alerts, and antivirus reports to identify potential threats.
• Provided technical support for troubleshooting issues related to security systems and networks.
• Updated virus protection systems based on computer virus reports such as malware outbreaks, phishing campaigns, ransomware attacks.
• Promoted security awareness among employees and clients to alleviate risks and breaches.

• Compliance with internal Company security policies.
• Support to Dev-Squads in defining the scope of security testing and Ethical Hacking. Active participation in chapter activities (Dailys of dev-squads).
• Security story management (Jira) for each application/Dev-squad. Management and analysis of vulnerability reports of the components involved (application servers, code repository) in the Dev-Squad reported by tools (Qualys, Fortify, Sonarqube) and accompany the squad in the remediation of the vulnerability.
• Review the security histories of the dev-squad and validate that the vulnerabilities have been remediated within the deadline according to severity (low, medium, high).
• Review, validation and security compliance on application code changes in the different environments (DEV-QA-PRD).
• review of jenkins pipelines and possible security findings.
• Management and analysis of findings from code analysis platforms (fortify, sonarqube).
• Reviewed security bulletins and vulnerability patch releases.
• Worked with cross-functional teams to achieve goals.

• SIEM management (QRADAR):
  Integration of log sources.
  Propose and implement use cases.
  Management of security events/incidents.
  Review of the results of security and fraud monitoring and control controls.
  Maintenance of security event log sources. Documentation of controls and processes in the area of security monitoring and control.
  Tracking, information gathering.
• Monitored alerts generated by intrusion detection systems to identify potential attacks against corporate networks.
• Reviewed network traffic logs to identify signs of unauthorized access and underlying network vulnerabilities.
• Protected secure data files and regulated access.
• Analyzed web traffic logs to detect anomalies or malicious activities.
• Monitored security access logs and analyzed system events for suspicious activity.
• Investigated reported information security incidents by analyzing log files, conducting interviews with involved personnel.

IT security platform management: Firewalls (Checkpoint, Palo Alto, Fortinet, Cisco ASA), Web Filters (McAfee Web Enterprise: SecureSoft Gateway, BlueCoat, ForcePoint), Antispam (Cisco IronPort, Cisco CES), McAfee (IPS/IDS, SIEM, DLP and ePo), SSL VPN Juniper Pulse Secure, CyberArk, CORTEX XDR.
-Incident management, response and resolution.
-Attention of requests involving the platforms (creation of rules, permissions, blocking, traffic analysis).