Nancy Susai

• Developed and implemented comprehensive incident response plans aligned with industry best practices (NIST, ISO 27001).
• Conducted in-depth threat analysis and vulnerability assessments to identify and mitigate potential risks.
• Lead incident response team in identifying, managing, and mitigating security breaches.
• Implemented security controls and measures to protect critical systems and data.
• Stayed updated on latest cyber threats and trends through learning and research.
• Developed & implemented incident response plan improving response time by 30%
• Monitored security systems and network traffic for suspicious activities.
• Performed log analysis and incident investigation to identify security breaches.
• Developed and maintained security dashboards and reports.
• Contributed to security awareness training programs for employees.
• Trained staff on incident response procedures and best practices.
• Streamlined reporting procedures by creating user-friendly dashboards for easy access to key performance indicators
• Collaborated with cross-functional teams to identify opportunities for process improvement and increased efficiency

· Reviewed incidents and violations as part of Incident Response Team and remediated them as per policies and procedures
· Reviewed information on incidents and submitted findings to DLP Team to reduce false positives
· Utilized project and task management tools such as JIRA to keep track of stories and logged details
· Coordinated with Windows, Linux, and Database teams to address OS, servers, and DB patches for Microsoft Security Updates, CVEs, and breaches to keep DLP tools updated
· Created and customized dashboards for reporting using Archer
· Provided DLP metrics to upper management to improve weak areas
· Leveraged industry best practices when approaching problem-solving situations or designing new systems.
· Spearheaded infrastructure upgrades that enhanced reliability, security, and scalability of company systems.

• Worked as L3 for Microsoft Exchange and Email gateway solutions primarily responsible for Threat Detection and Response, Phishing Prevention, Secure Email Gateways and managing mass email communication within and outside organization.