10/2022 - Sekarang
Greater London, England, United Kingdom
As a Cyber Security Engineer at the Financial Conduct Authority (FCA), I play a pivotal role in fortifying our cyber defense infrastructure.
I lead the design and implementation of integrations with diverse log sources on the FCA's SIEM platform, leveraging tools such as Salesforce, Zscaler, and Delinea. Additionally, I utilize Power BI to generate insightful reports, enabling stakeholders to understand our cyber security services effectively.
In conjunction with these efforts, I am responsible for deploying and optimizing SOAR (Security Orchestration, Automation, and Response) solutions like Sentinel, streamlining incident response processes and augmenting our threat detection capabilities.
Moreover, I oversee the installation and management of vulnerability management agents and scanners on the FCA's networks and virtual machines. I ensure the accuracy and usefulness of the information provided by these tools, refining data to enhance its utility within our environment.
A key aspect of my role involves developing and refining detection rules and threat hunting strategies using KQL queries within our SIEM environment. I collaborate closely with the SOC and incident response teams to craft and fine-tune these rules, bolstering our ability to detect and mitigate malicious activities promptly.
Additionally, I actively engage in proactive threat hunting initiatives, leveraging KQL queries to identify and neutralize potential threats before they escalate.In addition to my technical contributions, I develop intuitive workbooks and dashboards, empowering SOC analysts to navigate and interpret log data seamlessly. By delivering a user-friendly interface and visually representing data insights, I facilitate informed decision-making and proactive threat detection within the FCA's operational landscape.