Caleb Speed

• Investigated potential, successful, and unsuccessful intrusion attempts and compromises through correlation analysis of relevant event details
• Managed four high-profile customers, serving as the first point of contact for SOC requests and security incidents
• Ran monthly meetings to present metrics and review operational SOC activity
• Contributed to SOC process documentation regarding continuous monitoring and investigation steps
• Recommended and implemented new detection rules while also refining existing ones to enhance threat vector coverage and reduce false positives
• Mentored and trained junior SOC analysts on SOC processes, technologies, and best practices

Tools used for investigations

• SOAR – Using Palo Alto’s Cortex XSOAR to manage alerts
• SIEM – Using Crowdstrike’s Falcon LogScale to conduct investigations and create dashboards/queries to aid in investigations and customer requests
• UEBA – Using Exabeam’s UEBA for anomaly detection and as a basis to begin investigations

• Administering CyberArk which includes creating, decommissioning, and uplifting privileged accounts, creating static and automated reports, onboarding and decommissioning safes, integrating platforms within CyberArk to manage various endpoints, troubleshooting end user queries and CyberArk related incident handling
• Knowledgeable in CyberArk components such as CPM, PVWA, PSM, and PrivateArk
• Conducted vulnerability patching for Windows Servers and renewed SSL certs for Production, Test and Development servers via Venafi
• Worked on large scale IAM projects to meet audit requirements, scanning NAB’s infrastructure at an OS and DB level to onboard domain and local accounts into managed IAM/PAM platforms such as CyberArk, SailPoint IdentityIQ, Hashicorp, and communicating with various stakeholders to achieve targeted results and deadlines
• Successfully scanned over 1400 Application servers and 300 Database servers per quarter pulling in more than 20,000 domain/local accounts into IIQ
• Mentored and trained junior team members on PAM processes, technologies, and best practices
• Managing and onboarding accounts to CyberArk using SailPoint IdentityIQ, as well as managing roles
• Experienced Confluence user, proficient in creating a variety of documents including project plans, meeting minutes, and technical documentation
• Familiar with ITIL Change Management processes
• Utilising Crowdstrike Falcon’s Host Management to help extract account information on application Windows and Linux servers

• Categorized and recorded reported queries and provided solutions based on set SLAs
• Identified priority calls and highlighted potential problems, ensuring that targets are met in line with tight KPIs
• Escalated unresolved issues to appropriate support functions and provided inter-departmental collaboration
• Logged, tracked, and managed Incidents and Service Requests using the ServiceNow call tracking system
• Performed password administration and access support for Active Directory/Azure AD and several internal/proprietary systems and applications
• Experience using SCCM to manage a multitude of devices across an enterprise landscape
• Installed, configured, tested, maintained, monitored, and troubleshooted end user, store and network hardware, peripheral devices, printing/scanning devices, software, and other products
• Proficiency in using Microsoft Office Suite, including Word, Excel, PowerPoint, and Outlook
• Experience supporting Windows and macOS operating systems