CV

DAVID H

Cyber Security and Business Continuity Professional

ProfileHeck I forgot.. Nice one mate! Sorry.. Was too busy enjoying coffee..

Graduate of the SANS Institute government-funded Upskill in Cyber Programme 2022, currently exploring opportunities within the cyber sector with an ambition to progress further within security operations and detection engineering.

Experienced SOC/NOC Analyst with a strong focus on threat detection, event triage, and alert investigation. Experienced in triaging events and investigating alerts using Microsoft Sentinel, Microsoft Defender for Endpoint (MDE), and Splunk. Selected from 2,000 candidates for the prestigious SANS Upskill in Cyber Programme, funded by the UK Government to help bridge the sector skills gap.

Completed intensive training in SOC operations, network threat hunting, purple team tactics, and cloud attacks through John Strand’s BHIS Antisyphon Training.

Holding GIAC SEC275 (GFACT) and SEC401 (GSEC) certifications, demonstrating a strong cybersecurity foundation. Invited to the SANS Advisory Board based on exceptional performance in the GSEC exam.

Skilled in Business Continuity (BC) and Disaster Recovery (DR), with a focus on hardware deployment and bare-metal OS recovery for infrastructure restoration. Proficient in security monitoring, threat hunting, log analysis, and vulnerability management.

Seeking a challenging role within Cyber Security to apply expertise in event detection, log analysis, network monitoring, Microsoft Defender for Endpoint, Splunk, KQL, SPL, and wider security tooling. Committed to ongoing professional development and staying current with emerging cyber security trends.

Skills

10 years of technical monitoring and infrastructure experience in Data Centre environments (NOC), and more recently within SOC.
8 years of Business Continuity and Disaster Recovery planning, including managing hardware deployments for multiple clients.
Experience triaging events in Splunk and using SPL query language.
Solid experience with Forcepoint products for Data Loss Prevention and Protection.
Experience triaging events in Microsoft Sentinel / Microsoft Defender for Endpoint, with KQL query language usage and basic Azure exposure.
Good knowledge of endpoint triage across both Linux and Windows systems.
Solid skills across Linux and Windows desktop and server environments, including Disaster Recovery support, bare-metal OS restores, and infrastructure recovery, reinforced by extensive home lab experience.
Basic Python knowledge, alongside PowerShell and Bash scripting experience.
Good knowledge of PCAP analysis for identifying command and control activity and data exfiltration.
Working knowledge of Active Directory and Group Policy, including recent study of Red Team attack paths involving user/SPN abuse, privilege escalation, lateral movement, TGTs, tokens, and Silver/Golden Tickets.
Well versed in multiple engineering disciplines, including IT, networking, electronics, electrical, and mechanical engineering, providing broad diagnostic and troubleshooting capability across technical domains.
Extensive client liaison experience, including live Disaster Recovery scenarios, supporting organisations ranging from micro-entities to large multinationals.
Soft skills include report writing, presentation of weekly statistics, and communication with stakeholders across multiple levels of the business, including C-suite leadership.
Strong training skills, developed through previous roles as a NOC Shift Leader and Lead Repair Supervisor Technician.