Víctor Fernando Zapata Aguirre

SOC Management Lead

• Team Leadership & Alert Management: Lead a team of 5 engineers responsible for triaging and managing all incoming alerts from diverse security products, including EDR, IPS, Email, and MSSP solutions.
• Incident Response Process Development: Design and implement a clear and effective Incident Response process, ensuring all participants understand their roles and responsibilities.
• Mergers & Acquisitions Integration: Manage the integration of security operations for mergers and acquisitions, ensuring continuous monitoring and protection of newly acquired systems.
• Phishing Campaign Development: Collaborate in designing and executing phishing simulations to enhance user awareness and strengthen the organization's cybersecurity posture.
• Tool Improvement & Optimization: Plan and execute enhancements to all managed security tools, driving continuous improvement in SOC performance and effectiveness.
• Vulnerability Reporting: Oversee the identification and reporting of vulnerabilities to relevant teams, ensuring risks are communicated and addressed appropriately.

Red Team (Pentest) Management Lead

• Internal Pentesting Process Development: Collaborate with the Red Team to establish and formalize an internal penetration testing process aimed at assessing and fortifying the organization's security posture.
• Stakeholder Reporting & Risk Communication: Deliver detailed pentesting results to stakeholders, clearly communicating identified risks and recommending mitigation strategies.

AV/EDR:

• Apex One.
• Vision One.
• Cloud One Workload Security.
• Cloud Conformity.

Email Security:

• Fortimail.
• O365.
• Darktrace Antigena Email.
• SPF, DKIM, DMARC (Dmarcian).

Intrusion Prevention/Detection:

• Darktrace.

Firewalls:

• Fortigate.
• Fortimanager.

WAF:

• Fortiweb.

Vulnerability Management:

• Qualys.

SOC:

• Creating Playbooks.
• Incident Response Management.
• Threat Intelligence .
• Alert Investigation and triage.

• High impact incident coordinator
• Monitoring (Network devices: Firewalls, Switches, Access Points) with Solarwinds
• Monitoring SAP jobs and follow the process to restart or complete failed jobs
• Manage and monitor backups and restores using Netbackup from Symantec
• Follow ITIL methodology to follow matrix escalation process
• Managing service now as ticket system
• Managing Vmware.(Windows Server, Linux, Unix servers).

• Provide technical support to all company (150 employees), to ensure all the employees operations never stop for technical issues, support for all network environment, telephone switch, virtual machines, PC’s, printers, servers and Google platforms
• Deploy different solutions using Google tools: Training management tool, Create a system to make work orders from HR to Marketing, Develop a Google Site for contingency drill, Generate Purchase Order Workflow, Trained all operations staff on Google tools, Deploy Cisco Access Points, Manage all Jira incidents, Participate on ISO 27001 project, Create network vulnerabilities report, Manage Racks, Firewalls rules and policies, Manage SIEM tools.

• Technical support to the Google Apps platform, attention to the platform administrators, ISO 20000-management methodology for incidents and service request, platform implementation, DNS management, handling helpdesk tools and prioritizing incidents
• Management and customer service, ensure customer satisfaction, generating new content and communications from the Google Apps platform.