Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

Gessuri Garcia

Toronto,ON

Summary

Experienced cybersecurity analyst with eight years of expertise supporting different roles and cybersecurity tools, including SIEM, EDR, Network Security and SSO. Demonstrated skills in incident response, risk management, cybersecurity controls, IAM, DLP and the implementation of recognized cybersecurity frameworks such as NIST. Excel in promoting a culture of security awareness and have managed security awareness programs while also leading security controls testing and implementation to maintain the company's compliance. The ability to communicate effectively with individuals at all organizational levels and dedication to customer service ensures a positive contribution to team success.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Cybersecurity Research Analyst

Esentire
05.2023 - 08.2023
  • Analyzed cybersecurity incidents to extract indicators of compromise (IOCs), tactics, techniques, and tools (TTPs) that threat actors use.
  • Performed threat actors' behavior analysis based on the MITRE ATT&CK Framework.
  • Data analytics from internal databases and external sources to create comprehensive datasets for training machine learning models.
  • Script development to parse information to be ingested in clustering tool.
  • Analyzed large volumes of data to identify patterns, trends and correlations.
  • Prepared detailed reports summarizing research findings.

Cybersecurity Senior Analyst

DiDi
06.2021 - 07.2022
  • Cybersecurity point of contact for LATAM region, leading and overseeing regional cybersecurity initiatives.
  • Served as cybersecurity speaker for new hires and contributed to quarterly awareness program and development of training material based on roles.
  • Developed and enhanced cybersecurity procedures and policies to strengthen organization's security posture and maintain company’s compliance, including Access Control policy and Cybersecurity policy.
  • Identification and implementation of improvements to incident response company's program.
  • Proficiently documented cybersecurity incidents and gathered critical evidence for thorough analysis and reporting.
  • Experienced in reporting project progress, where for incidents, I provided essential metrics, and for risks, I highlighted potential improvements to ensure clear communication and informed decision-making.
  • Actively worked on identifying, resolving and reporting risks as part of risk management program.
  • Use of Microsoft suite to perform daily activities, email monitoring, document and report creation, among others.
  • Identified and resolved problems through root cause analysis and research.

Security Incident Response Coordinator

Softtek
07.2017 - 05.2021
  • Coordinated incident response team ensuring effective cybersecurity operations while leveraging SIEM, email gateway, EDR, network traffic monitoring and SOAR technologies.
  • Proficient incident responder with experience in detecting, containing, eradicating, documenting, and gathering evidence, utilizing multiple tools for systems hardening based on root cause analysis and forensic investigation.
  • Analysis of IOCs to identify new attack vectors.
  • Monitor security alerts, including DDoS, phishing, non-approved access, stolen devices, malicious processes from servers and workstations, and suspicious network logs.
  • Understanding of Network Security principles and protocols through effective utilization of technologies such as SIEM, EDR, and network traffic monitoring.
  • As project manager, I managed variety of projects, including implementation of Multi-Factor Authentication (MFA), tools deployment, security controls implementation, and rollout of comprehensive cybersecurity awareness program.
  • Development and implementation of incident workflow in ServiceNow to track cybersecurity incidents based on NIST framework.
  • Vulnerability management based on critical newly identified threats.
  • Creation and improvement of written policies and playbooks, aligning them with NIST Cybersecurity Framework, to fortify cybersecurity posture.
  • Monitor and follow up on approximately 50 incidents per week, ensuring proper investigations and timely escalation through appropriate channels. Prioritization of critical incidents.
  • Support for security systems and implemented hardening measures.
  • Coordinated Tabletop exercises, ensuring comprehensive preparedness and streamlined responses to cybersecurity incidents.
  • Coached employees through day-to-day work and complex problems.
  • Entered data, generated reports, and produced tracking documents.

IAM specialist

Softtek
09.2015 - 07.2017
  • Managed Okta system administration while providing dedicated end-user assistance and support.
  • Implemented application federation for seamless Single Sign-On (SSO) using multiple protocols.
  • IAM tasks in Okta and Active Directory, including offboarding/onboarding, group management and assistance with accounts involved in cybersecurity incidents.
  • Contributed to enhancing company security through Okta Security module.
  • Conducted daily Okta administration tasks for smooth operations and optimized user experiences prioritizing critical cases.
  • Use of Microsoft suite to perform daily activities, email monitoring,document and report creation, among others.
  • Listened and responded to customer requests and forwarded necessary information to superiors.

Education

Master of Science - Cybersecurity And Threat Intelligence

University of Guelph
Guelph, ON
10.2023

Bachelor of Science - Computer Science

Universidad Autonoma De Aguascalientes
Mexico
08.2012

Skills

  • SIEM Solutions - InsightIDR, QRadar, Crowdstrike
  • Email gateway - Proofpoint, Microsoft Defender
  • Network Security - Zscaler, Wireshark
  • Endpoint Security - SentinelOne
  • Data Loss Prevention (DLP)
  • Frameworks - MITRE ATT&CK, NIST, ISO 2700
  • IAM - Okta, Active Directory
  • Scripting - Python, Bash
  • Project Management - ServiceNow, Jira
  • Teamwork and collaboration
  • Communication skills, verbal and written
  • Customer service

Certification

  • Okta Certified Administrator - January 2020
  • AWS Certified Cloud Practitioner - October 2020
  • InsightIDR Certified Specialist - January 2021
  • (ISC)2 Certified in Cybersecurity (CC) - November 2023
  • (ISC)2 Certified Information Systems Security Professional (CISSP) - est March, 2024

Languages

English
Native or Bilingual
Spanish
Native or Bilingual

Timeline

Cybersecurity Research Analyst

Esentire
05.2023 - 08.2023

Cybersecurity Senior Analyst

DiDi
06.2021 - 07.2022

Security Incident Response Coordinator

Softtek
07.2017 - 05.2021

IAM specialist

Softtek
09.2015 - 07.2017

Master of Science - Cybersecurity And Threat Intelligence

University of Guelph

Bachelor of Science - Computer Science

Universidad Autonoma De Aguascalientes

Similar Profiles

  • Dallan Byrne

    Dallan ByrneDallan Byrne

    SOC Analyst II at ESentireSOC Analyst II at ESentire

    View Profile
  • Chris Boucek

    Chris BoucekChris Boucek

    Sr. Product Manager at ESentireSr. Product Manager at ESentire

    View Profile
  • Hari Chandana

    Hari ChandanaHari Chandana

    Security Analyst at ESentireSecurity Analyst at ESentire

    View Profile
Gessuri Garcia