L2 Digital Security – Rapid Response Team (RRT)
Project: Macy's KTLO (Keep The Lights On)
- Monitor and analyze security events, alerts, and attack patterns across Macy's and Bloomingdale's e-commerce applications and critical business infrastructure.
- Utilize Akamai security solutions to detect, investigate, and mitigate web application attacks, bot traffic, DDoS threats, and malicious activities.
- Perform continuous security monitoring through Akamai Console and security dashboards to identify potential threats and security incidents.
- Investigated persistent attack attempts, analysing attack patterns to identify root causes and recommending remediation actions.
- Monitor Akamai WAF alerts and security events to identify suspicious traffic.
- Monitored customer-facing applications 24x7 using Akamai Security Console, detecting and responding to web application attacks.
- Monitored and investigated Application & API Attack (AVA) events, abnormal traffic patterns, and malicious activities impacting Macy's and Bloomingdale's online platforms.
- Analyzed security dashboards on SentinelOne to identify suspicious authentication attempts, anomalous login behavior, and potential account compromise.
- Respond to security incidents in real time by performing threat analysis, impact assessment, and incident resolution.
- Support the protection of high-volume customer-facing online retail platforms by ensuring continuous security monitoring and rapid threat response.
- Analyze security logs, traffic behavior, and threat indicators to detect unauthorized activities and potential compromises.
- Collaborated with security, infrastructure, and application teams to implement mitigation measures, enhancing overall security posture.
- Prepare incident reports, document findings, and provide recommendations to prevent future security incidents.
Tools & Technologies: Akamai WAF, Akamai Security Centre, SentinelOne, Splunk, Security Monitoring, Incident Response, Threat Analysis, Web Application Security, DDoS Mitigation, Threat Hunting, Log Analysis, Cybersecurity Operations.