Nathan Booco

Experience

• 

  Seattle Public Utilities

  Jun 2014 - Dec 2015

  Undergraduate Web Developer Intern

  Tools: Javascript | Adobe Photoshop | Oracle Content Management System- Published web content to internal & public-facing sites, conducted internal usability tests, & designed a gamified web application for public conservation education

• 

  University of Washington

  Jan 2016 - Mar 2016

  Teaching Assistant

  Reader-grader and student point-of-contact for INFO 433 - Content Strategy in Information Architecture

• 

  ReliaQuest

  Mar 2017 - Oct 2019

  Tools: Splunk Enterprise & Enterprise Security | ServiceNow | QRadar | LogRhythm- Lead an international team of up to 10 SIEM content developers across 3 offices, overseeing a 100% increase in staff while managing utilization, technical training paths, & customer assignments & evaluating performance using custom KPIs and reporting- Implemented correlation rules & scheduled reports in Splunk, QRadar, & LogRhythm for 5+ clients while incorporating tuning requests from SOC analysts & coordinating with service delivery & customer security teams Show less Tools: Splunk Enterprise & Enterprise Security | QRadar | CrowdStrike Falcon | CarbonBlack Response | LogRhythm | McAfee ESM | AlienVault | Symantec DLP- Performed incident response for more than 50 customers in a 24/7 SOC environment leveraging SIEM & EDR technologies & open-source intelligence tools - Engaged in responsibilities as an assistant shift lead including filling in for direct supervisor and developing opportunities for peers to leverage their knowledge & backgrounds for team teach-backs. Show less

  • SIEM Content Development Manager

    Jan 2019 - Oct 2019

  • SOC Analyst

    Mar 2017 - Dec 2018
• 

  ExtraHop

  Nov 2019 - Jul 2023

  Senior Data Analyst - Security / Senior Security Advisor

  Tools: ExtraHop Reveal(x) Enterprise & 360 | MITRE Att&ck | Javascript- Delivered consultative advisory services including threat detection analysis, tuning, investigation process modelling, custom detection development, & briefings on emergent threats with retroactive threat hunting in 10+ engagements; supported cross-functional renewal efforts for multiple Fortune 500 clients, drove system customization feature adoption in 6 environments, & reduced false positive detection volume by up to 80%- Produced regular performance & security hygiene reports for 20+ organizations, identifying vulnerable protocols & sources of high-volume communication errors to improve security posture & network efficiency- Supported 300% growth in team size & development of advisory services through mentoring, documentation, process improvement, & integration of customer feedback while writing technical threat descriptions for customer and intraorganizational use Show less

• 

  CrowdStrike

  Apr 2024 - now

  Technical Engagement Lead