Jackson Joseph

Experience

• 

  Nocme Technologies

  Feb 2015 - Jun 2015

  Network Support Engineer

  >Roles and responsibilities-Device Availability, service Monitoring & Network device Management-Monitoring/Configuring Solarwinds NPM, SAM and PRTG Network Monitoring Tool monitoring tools-SolarWinds NPM-SolarWinds SAM-Cisco ASA-Configuring wireless router and providing internet to all users-Creating and resolving tickets in Managed Engine Service Desk Plus>Hands on experience devicesSolarWinds SAMSolarWinds NPMPRTG monitoring toolCICSO 5505 ASA NETGEAR Wireless DeviceDLINK-LDAP Wireless DeviceMSP Ticketing Tool Show less

• 

  Al Balagh IT Solutions

  Jun 2015 - Aug 2017

  SOC Engineer
• 

  Ooredoo Qatar

  Jul 2015 - Aug 2017

  SOC Engineer

  >SIEM Solution- (HP ArcSight ESM,Logger,ConApp)Monitoring and analyzing the Enterprise data traffic via device logs Creating incidents based on ArcSight alertsConfiguring Reports,Dashboard,Query Viewers,Email notification etc.Configuring/fine tuning Correlation RulesPerforming daily health checkConfiguring/taking Backup of ArcSight solutionsInstalling/configuring ArcSight Connectors>Vulnerability Assessment-(Tripwire IP360,Tripwire SIH,Nesus)Performing vulnerability assessment for the severs and network devicesPerforming the prerequisites,credential validation for authenticated scansReport Creation and modification.Performing the primary analysis of the VA reportsRaising ticket with support team for other issues and queries>SSL VPN-(Juniper Pulse secure VPN)Creating new VPN access for corporate usersCreating Resource profiles,Role Mapping,Realm creation etc.Troubleshooting VPN issuesPerforming Backup>URL content filtering -(Netsweeper Cloud Manager,Huawei SIG)Implementing country level URL blocking/unblocking upon requestsImplementing blocking for phishing contents>SPAM filtering-(Sandvine Network Demographics)Implementing SMTP blocking/unblockingIdentifying spammers, pulling and investigating spam detection reports>Antivirus solution-(McAfee ePO)Performing On Demand Scan on domain machinesMonitoring dashboards,finding threat Events and notifying=>Hands on experiences devicesArcSight ESMArcSight LoggerArcSight ConAppTripwire IP360Tripwire SIHNesusJuniper Pulse secure VPNHUAWEI SIGSandvine Network DemographicsNetsweeper Cloud ManageriManager U2000Imprivata OneSignAccellion SFTPMcAfee ePONexthinkRSA Security AnalyticsHPSM Ticketing ToolSiebel Ticketing Tool Show less

• 

  Capgemini

  Sept 2017 - Jan 2018

  Associate Consultant
• 

  Wipro Limited

  Jan 2018 - Oct 2019

  Project Engineer
• 

  EY

  Nov 2019 - now

  Provide strategic leadership and oversight for SOC operations and Security Incident Management, ensuring effective threat detection, incident response, and investigation across client engagements.Serve as the primary point of contact for clients, combining subject matter expertise and project management to align cybersecurity services with business needs and expectations.Lead and enhance threat detection, hunting, monitoring, and investigation activities while maturing the Security Incident Response process to meet evolving client requirements.Build and maintain strong customer relationships by aligning service levels with business objectives and delivering comprehensive security responses.Develop, measure, and report on cybersecurity performance metrics, providing actionable insights and recommendations to senior management for informed decision-making on security strategies and investments.Foster a high-performing cybersecurity team through strategic leadership, mentoring, and professional development opportunities, ensuring readiness for current and emerging challenges.Broad expertise across multiple cybersecurity domains, including threat intelligence, security operations, endpoint protection, firewalls, and cloud security.Drive process enhancements to improve operational efficiency and customer satisfaction, leveraging service metrics to inform decisions and strengthen organizational capabilities.Provide escalation support for security incidents, ticket triage, and customer challenges, while collaborating across business units to deliver seamless security responses.Work closely with recruitment teams to maintain a strong talent pipeline, ensuring team capacity and readiness in the dynamic cybersecurity landscape. Show less Part of the L3 Threat Detection and Response team, supporting over 20 global customers with operational expertise in SIEM solutions (Splunk, LogRhythm, Sentinel) and cloud security monitoring platforms (Azure/AWS).Serve as SME for SIEM and EDR solutions, optimizing their use in daily operations and advising customers on best practices for enhanced detection and response capabilities.Member of the Threat Hunting team, leading ideation, research, planning, and execution of TTP-based hunts across client infrastructures.Skilled in strategic analysis, real-time security auditing, incident investigation, and threat remediation, with experience in IoT/OT monitoring (Claroty, Nozomi) and network monitoring tools (Fidelis XPS, Extrahop).Conduct advanced investigations on escalated incidents, support incident response, and drive threat containment as needed.Mentor junior analysts, upskill team members, and lead training programs to enhance technical and soft skills. Proactively manage customer requests and collaborate with internal and external stakeholders to ensure effective outcomes. Show less

  • Manager - Threat Detection & Response

    Oct 2023 - now

  • Senior Security Consultant - Threat Detection & Response

    Nov 2019 - Oct 2023