Introductions
Hi, my name is Nguyen ('Win'). I'm currently working as a Cybersecurity Analyst for more than a year.
Work Experience (sorted from past to current):
Redhelm (2 Years 9 months)
SOC Analyst 1 (Sep 2023 - Nov 2025) 2 years, 3 month
Analyzed and triaged security alerts, promptly alerting the client to potential threats within the environment and initiating a incident response, resulting in contract renewal with the MSSP.
- Initiated 4 Incident Response
- Triaged about 300+ Splunk Alerts
- Triaged about 200+ Crowdstrike EDR Alerts
- Triaged about 9200+ Carbon Black Alerts
- Triaged about 9360+ Graylogs Alerts
Help train new security analyst hires.
Reach out to the client about tuning opportunity to reduce false positive.
SOC Analyst 2 (Nov 2025 - Present) 7 month
- Handled escalated alerts from level 1 analyst and Initiate incident response once I have identify a breach which result in a containment
- Perform tuning for Graylog (SIEM), EDR: Carbon Black, Crowdstrike, SentinelOne.
- Created playbooks for the level 1 Analyst
- Handled basic engineering work – installing/uninstalling forwarders, sensor.
- Perform a threat hunt using the public IOC for supply chain attacks.
Certifications:
CompTIA Network (Jan 2022 - Jan 2025)
CompTIA Security+ (Jan 2022 - Jan 2025)
Education
University of South Florida
Bachelor of Science - BS, Cybersecurity (May 2020 - May 2022)
Hillsborough College
Associates of Arts (AA) - Information Technology (August 2018 - May 2020)
Why did you start this blog?
The reason why I started this blog is to share what I learn and held myself accountable to be constant learning.
