Cristi Viesanu

Experience

• 

  Sc. Computer Service Srl, Onesti

  Feb 2001 - Feb 2005

  System Administrator
• 

  Huawei, Bucharest

  Feb 2007 - Aug 2009

  Technical services engineer
• 

  Topo Soft (Transportes Bilan), ABROAD

  Sept 2011 - Dec 2012

  Technical Administrator
• 

  Hecc Aliance, Bucharest

  Dec 2014 - Jun 2017

  IT Engineer network storage/multilingual

  Lenovo , Corel , Retrospect , HoneyWell Projects.Answering inbound contacts (phone, email, web chat) from customers- Troubleshooting, diagnosing and resolving any product related incidents- RMA handling- Logging incoming contacts, documenting the problem and escalating whenever necessary

• 

  Secureworks

  Jul 2017 - Sept 2021

  Performing daily operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from SIEM tools, network and host based IDS, firewall logs, system logs (Unix & Windows), mainframes, mid range, applications and databases.Collaboration with Line of Business technical teams for issue resolution and mitigation.Documentation of actions taken for audit, regulatory and legal purposes within approved event tracking system.Provide Antivirus & Malware protection application administration and management (for example, but not limited to TrendMicro, McAfee, Microsoft Forefront )Routinely interact with vulnerability and threat management teams and incorporate feedback into information security applications (for example Qualys )Security ManagementFull lifecycle management and monitoring of security appliances including network firewalls, intrusion prevention and detection systems, unified threat management appliances and web application firewalls.Log ManagementScalable aggregation and retention of log data to support compliance and reporting.Automated real-time correlation, analysis and reporting of security activity across your IT environment.Vulnerability ManagementIdentification and assessment of exposures and weak spots in IT systems. Show less

  • Security Systems Advisor

    Jan 2020 - Sept 2021

  • Security Systems Sr. Analyst

    Jul 2017 - Sept 2021
• 

  Deutsche Bank

  Sept 2021 - now

  Cyber Threat Analytics Expert

  Cloud Security Monitoring and Incident Response, with a primary focus on architecture and security engineering. I lead a team of 10+ people covering internal staff, architects, engineers from two of the Bank’s approved contractors. I develop plans on security controls to implement to protect Bank assets/application and operationalize these controls for Incident Response team. Security controls include: Security Command Center, Application Security Monitoring; Database Security Monitoring; API Monitoring; endpoint security.Responsible for the overall implementation of security cloud architecture in the organization tracking the implementation using JIRA EPICSParticipate in proof of concepts and other technical evaluations of technologies, designs and solutions and provide recommendations.Issue identification and resolution, documentation, integration with other tools, gap resolution, gap assessment, and continuous improvement of the capability.Provide support on Incident Response on security incidents and participation the development of security related use cases.GCP related Splunk use case management over new or existing use cases following the 4-eye principleGCP Cloud Matrix - MITRE ATT&CK framework use case mappingOptimizing Splunk searches in order to improve detections sent to SOC teams to be further investigatedEngaging other CTA pillars if additional support is needed during incident investigation Show less