Matthew Nunis

• Consistently deliver comprehensive monthly reports to clients, providing detailed analysis of their antivirus performance and security posture.
• The report includes a thorough overview of antivirus activities, threat detection, and mitigation strategies, ensuring clients are well-informed about the effectiveness of their security measures.
• Produce bi-weekly reports on antivirus, conducting thorough health checks on outdated and offline agents.
• This can assist promptly addressing issues related to outdated software and offline agents for optimal security performance.
• Drafted a guide detailing the process for drafting monthly reports, providing clear and concise instructions to streamline and simplify the reporting procedure.
• Collaborate closely with clients and provide consultation on best security practices.
• By leveraging on my experience, I guide clients to implement security strategies which suit their specific needs.
• Oversee and manage a team of cybersecurity analysts, providing guidance, mentorship, and support.
• Conduct performance reviews and assessments to ensure the team is meeting objectives and individual team members are progressing.
• Lead the investigation of security incidents, analyzing the nature and extent of the threat.
• Oversee the resolution of security incidents, ensuring that systems are restored to normal operations and vulnerabilities are addressed.
• Supervise the continuous monitoring of security alerts and ensuring timely detection and response to potential threats.
• Conduct meetings with my team on knowledge sharing and discussion on ways we can improve our SOC Operations.
• Develop and enforce security policies and procedures.

Key achievements:

• Successfully deployed and configured Trend Micro Apex One for the organization, enhancing cybersecurity defenses.
• Efficiently managed team communication and understanding, fostering a collaborative team.
• Implemented and managed robust policies and rules, ensuring effective control and governance over security measures.
• Proactively mitigated potential security risks from high-risk endpoints, demonstrating a keen focus on threat prevention.
• Achieved prominent levels of management satisfaction by consistently meeting and exceeding Service Level Agreement (SLA) standards set by the company.
• Efforts recognized by SOC Manager for exceptional team management and communication skills, prioritizing high-level alerts and client needs.
• Acknowledged by client for advice given and quick action taken on high priority incidents.
• Acknowledged by a client for providing valuable advice and taking prompt action on high-priority incidents, contributing to incident resolution efficiency.
• Recognized by both clients and management for flexibility and in-depth knowledge, displaying adaptability and expertise in addressing diverse security challenges.
• Successfully established a file reputation system for escalated incidents, streamlining the process of data retrieval and compilation for our monthly reports.
• Which in turn has enhanced efficiency in tracking and analyzing incidents, contributing to more informed and data-driven reporting practices.

• Ensuring that all clients hardware, software, and networks are protected from any form of cyber criminals or cyber-attacks.
• Utilizing Trend Micro Apex One and Cloud One to ensure clients endpoint, server and network are protected from any known and unknown threats.
• Troubleshoot issues that are related to Trend Micro Apex One and provide solution.
• Install and configure Trend Micro Apex One on all client’s endpoints in the organization.
• Perform daily threat hunting by going through raw logs of top targeted endpoints by finding a pattern and seeing if it could pose a risk.
• Keeping up to date with latest cyber trends by researching latest threats and Integrating threat intelligence into SOC operations to enhance detection capabilities and response strategies.
• Escalate events triggered by Trend Micro by including Action/Recommendation section to ensure client follows best practice.
• Assess the security impact of security alerts and traffic anomalies to identify malicious activities and provide/take mitigating actions.

• Ensuring that all clients hardware, software, and networks are protected from any form of cyber criminals or cyber-attacks.
• Prevent data and/or intellectual property loss and service interruptions by understanding and using SIEM technologies and processes that will effectively protect the network.
• Evaluate threats that could potentially breach the network.
• Providing detailed reporting of what is currently going on in the network and evaluating its strengths.
• Utilizing SIEM (Security Information and Event Management) to monitor for any potential network threats.
• Monitoring client’s log traffic from SIEM to ensure that latest logs are being received.
• Utilizing PRTG to monitor client’s payment gateway and website availability.
• Using F-Secure and Cortex XDR to investigate any suspicious events detected on client’s endpoint.
• Managing customers endpoint protection by consulting with second level to ensure their endpoints are always updated and license is renewed on time.
• Assess the security impact of security alerts and traffic anomalies to identify malicious activities and provide/take mitigating actions.
• Process tactical mitigations based on results of investigation and determine the threat validity.
• Generating daily reports by using Crystal reports and RSA reporting.
• Generate SOC related reports when requested.
• Providing threat intel to client’s by researching latest cyber-crimes and threats.

Key achievements:

• Consistently achieved and surpassed company-set Key Performance Indicators (KPIs), demonstrating an elevated level of competence and dedication.
• Ensured unwavering compliance with the Service Level Agreement (SLA) set by the company, resulting in consistent performance that met or exceeded management expectations.
• Received acknowledgment from the shift lead for effective team management and support, specifically in prioritizing high-level alerts. This recognition highlights my commitment to maintaining a responsive and well-prioritized workflow within the team.

• To understand and learn about the fundamentals of SOC and SIEM.
• Understanding SLA set by company and KPI.
• Training on how to utilize SIEM and investigate threats detected.
• Learning how to determine the category of attack, the impact and setting SLA according to category of attack.
• Understanding how to read and extract data from raw logs
• Training on how to raise ticket to customer to inform them on threats detected.