Welcome, Visitor #
Micah Funderburk

Detection Engineer

Skills

+ Familiarity with security detection frameworks such as MITRE ATT&CK, Lockheed Martin Cyber Kill Chain, and NIST.

+ Working knowledge of common enterprise technologies and their logging capabilities including firewalls, Active Directory, antivirus/EDR, IDS/IPS, and web proxies.

+ Experience writing Regular expressions (RegEx)

+ Programming/scripting in Python, PowerShell, Bash, Javascript, and Java.

+ Ability to read and understand logs from various sources.

+ Advanced knowledge of writing SPL/KQL queries and investigating alerts in Splunk, ArcSight, and Microsoft Sentinel.

+ Windows/Linux/Docker/ESXI/AWS administration.

+ Understanding of cyber security and IT disciplines including networking, operating systems, authentication protocols, general enterprise network architecture, and incident response.

+ Packet inspection and network traffic analysis (Wireshark, & Zeek/Bro).

+ Working knowledge of CI/CD Pipelines & DevOps practices.

+ Excellent writing/communication skills.

+ Ability to work and learn with limited supervision.

+ Positive and uplifting attitude!

Experience

LastPass| Remote | November 2022 - Current

Detection Engineer

+ Security Monitoring & Response

+ Building/tuning/modifying detections using various query languages.

+ Threat Research

+ Utilizing CI/CD pipeline to manage detection content as code.

+ Creating automations for various workflows.

+ SIEM Management

+ Data Ingestion (normalization/parsing/enrichment)

Novant Health | Remote | July 2021 - November 2022

Cyber security Analyst I

+ Investigated security alerts and analyzed detected events to understand attack targets and methods using our SIEM platforms. Determined the impact of an event, conducting continuous security monitoring of the network.

+ Automated investigation tasks using PowerShell scripting

+ Created SPL queries that streamlined investigations and shared them with fellow analysts.

+ Monitored for unauthorized personnel, connections, devices, and software.

+ Assessed detection processes for continuous improvement of internal security procedures.

+ Monitored external data sources to maintain currency of threat landscape to determine which security issues may have an impact on the enterprise.

+ Communicated detected cyber security events to the appropriate parties, categorized security incidents, and escalated events as a security incident where appropriate.

Box-Board Products, INC. | Greensboro, NC | August 2019 - July 2021

Systems Administrator / Data Center Manager

+ Deployed, managed, and configured virtual machines using VMware ESXI platform, as well as SAN storage, NFS shares, datastores, and virtual networks.

+ Managed firewalls, email security gateways, WSUS server, spam filters, endpoint antivirus, content filtering proxy server, and managed other security configurations.

+ Managed organizations environment using automation, group policies, active directory, PowerShell. Managed workstations/servers (Windows and Unix/Linux systems) and provided technical support.

+ Organized Cyber security training for end users and helped develop processes and policies to contribute to the organizations security standards.

K2 Solutions | Southern-Pines, NC | July 2018 - December 2018

Junior System Administrator (Intern)

+ Configured Cisco Meraki firewall to block malicious IP addresses and limit frivolous bandwidth usage by company employees. Also deployed switches and routers into production.

+ Monitored email gateway for potential malicious activity & created rules to mitigate threats.

+ Managed users & permissions w/ Active Directory and provided technical support.

+ Performed new hire on-boarding orientation (Computer setup, AUP, and cybersecurity overview).