Isaac Fernandes

Experience

• 

  Laboratório de Fotônica IFCE

  May 2016 - Dec 2016

  Intern

  Researcher in Photonics, working on research projects in numerical and experimental simulations of optical communications systems.

• 

  Energy Telecom

  Jul 2018 - May 2021

  Monitoring Analyst

  Gerenciamento PRTG Network Monitor, Centreon, Icinga, Troubleshoot Sonicwall, Sophos, Routing, Switching, DHCP, DNS, NAT, Service Desk Telefone e Qualitor, Documentação de Checklists rotinas de backup Bacula, Veeam, vSphere Data Protection e Backup ExecPrincipais resultados: Garantia de disponibilidade de ativos críticos de empresas importantes do Brasil.

• 

  Morphus, part of Accenture

  Jun 2021 - Apr 2022

  Cyber Defense Analyst - Threat Hunting | SOC

  - Prevented and mitigated malicious cyber actions, intentional or unintentional.- Analyzed and assessed network events and system anomalies in a SOC environment.- Analyzed, created, and tuned alerts generated by security appliances such as SIEM, IPS, FW, etc.- Created and followed security playbooks to triage and escalate security alerts.- Collaborated with Level 2+ analysts to research and investigate cybersecurity threats.- Demonstrated knowledge of security tools to detect, prevent, and mitigate intrusions.- Carried out incidents, requests, problems, and changes related to managed solutions.- Created analytical reports.- Supported in the development and maintenance of KPIs. Show less

• 

  ISH Tecnologia

  May 2022 - Mar 2023

  Cyber Defense Analyst - Threat Hunting

  - Carried out Threat Hunting using MaGMa and TaHiTI aproach in the Client Infrastructure to identify undetected threats, consequently reducing the infection dwell-time.- Utilized threat intelligence feeds to stay up-to-date on emerging threats and adapt hunting strategies accordingly.- Profiled threat profiles based on known threats that targeted their attacks on the client's industry type.- Researched threat tactics, techniques, and procedures to develop more assertive use cases.- Developed SIGMA rules.- Developed use cases for SIEM based on TTPs from APT groups, described in frameworks such as MITRE ATT&CK and Cyber Kill Chain.- Configured and customized the DeTTECT tool to suit the specific needs of the organization's security operations.- Analyzed log files from various sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify potential threats to network security.- Collaborated with other security teams, such as the Computer Security Incident Response Team (CSIRT), to investigate and respond to security incidents.- Conducted post-incident reviews to identify areas for improvement and updated hunting strategies accordingly.- Correlated logs in SIEM.- Created documentation (playbook). Show less

• 

  Capgemini

  Mar 2023 - now

  - Carried out Threat Hunting in the Client Infrastructure to identify undetected threats, consequently reducing the infection dwell-time.- Utilized threat intelligence feeds to stay up-to-date on emerging threats and adapt hunting strategies accordingly.- Profiled threat profiles based on known threats that targeted their attacks on the client's industry type.- Researched threat tactics, techniques, and procedures to develop more assertive use cases.- Developed SIGMA rules.- Developed use cases for SIEM based on TTPs from APT groups, described in frameworks such as MITRE ATT&CK and Cyber Kill Chain.- Configured and customized the DeTTECT tool to suit the specific needs of the organization's security operations.- Analyzed log files from various sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify potential threats to network security.- Collaborated with other security teams, such as the Computer Security Incident Response Team (CSIRT), to investigate and respond to security incidents.- Conducted post-incident reviews to identify areas for improvement and updated hunting strategies accordingly.- Correlated logs in SIEM.- Created documentation (playbook). Show less - Reduction of False Positives: Enhanced strategies to reduce false positives, increasing the reliability of detections.- Improvement in Detection Quality: Collaborated on enhancing algorithms, raising the quality of detections.- Threat Investigation: Proactively investigated potential threats, increasing awareness of cybersecurity threats and ensuring everyone is prepared to respond to security incidents.- Security Playbook Development: Developed comprehensive playbooks to guide the team in incident response, resulting in more effective response processes and a reduction in response time to threats. Show less

  • Detection Engineer

    Mar 2024 - now

  • Information Security Consultant | SOC

    Mar 2023 - now