Alexander Sinno

Responsible for investigating and researching activities related to compromised endpoints as part of the Advanced Endpoint Threat Detection(AETD) and Advanced Malware Protection and Detection(AMPD) service lines. Research threat indicators that can be utilized to confidently detect host-based compromises such as malware infections, data exfiltration and lateral movement.
Accomplishments:
•Spearheaded project to build PowerShell remoting server to centralize scripts and created tools suites for Analysis and automated day to day tasks
•Assisted in Cyber Threat Unit in deobfuscation of malicious PowerShell scripts
•Enhanced program by automating reports and creating secure connections to remote client endpoints

Responsible for analysing security events and meeting SLA times as well as determining true positive events as opposed to false positives. On a daily basis troubleshoot proprietary SIEM equipment, firewalls and IDS/IPS systems. Utilize Wireshark and tcpdump to analyse and troubleshoot client devices. Operate incident response tools such as Carbon Black to uncover possible kill-chains.
Accomplishments:
•Received an award for effectively troubleshooting an outage for a high visibility client in a timely manner
•Awarded a Greenie for effectively and accurately analyzing a series of events for a client on an off-day

Responsible for IT technical support, maintenance, policies, procedures, standards, hardware repair and troubleshooting, BCP, and DRP
Accomplishments:
•Successfully implemented and maintained company security policies, DRP and BCP
•Analyzed, contained and eradicated malware threats on several occasions in a timely manner

Responsible for network assistance, troubleshooting, computer repair, hardware support, and customer relations.