Download PDF

Profile

Threat intelligence automation and research: over 2 millions IOCs (Indicator of Compromise) submitted https://otx.alienvault.com/user/Ansorren/pulses

2nd biggest single contributor out of 60,000 users of the Open Threat Exchange platform

SIEM Tactical Analytics, Asset management and detection, Availability monitoring
Linux,  Networking, Bash scripting, Python programming, Ansible, AWS, VMware

Work experience

Nov 2017Current

Linux - SIEM Engineer

AlienVault - Cork, Ireland

Assisting customers (SOC Analysts, MSSPs, Security Researchers, IT personnel of large organizations) in the deployment, configuration and troubleshooting of AlienVault SIEM solutions - USM Appliance and the new, cloud-based, USM Anywhere solution. 

Assist customer with their queries regarding all the open source projects and protocols used by those solutions. Not inclusive list: Suricata, Syslog, OpenVas, OSSEC, Nmap, PRADS, Nagios, Netflow, Ansible, Redis, RabbitMQ, MySql, Apache, Postfix, Debian administration.

Creation of custom reporting, threat intelligence directives and policies, Incident response.

Responsible for an internal canary system to proactively alert some of the biggest clients about issues within their deployment.

Nov 2016Oct 2017

MoodleRooms LAMP Stack Administrator EMEA 

Blackboard @ Sutherland Global Services - Sofia, Bulgaria

Moved internally within Sutherland from the Cisco project

LAMP stack administrator for the biggest Moodle partner in the world (over 30 million end users worldwide)
Write custom SQL queries for the customer upon request, troubleshoot issues of the open source Moodle platform, assist customers with the integration of the Moodle site within their organization and assist them in troubleshooting a variety of different technologies (HTTP, SSL, Load Balancing, DNS, SMTP, MySQL, SFTP, LDAP)

Apr 2016Nov 2016

Cisco Network Consultant 

Cisco @ Sutherland Global Services - Sofia, Bulgaria

Routing, switching, security, wireless, VoIP troubleshooting and support for the entire line of Cisco Small Business products, reproduce customer issue in a safe, sandbox environment in order to safely troubleshoot and provide a solution minimizing the downtime of their production environment whenever possible.
Technologies / Protocols supported: RADIUS/TACACS+, DHCP, STP, NAT, SNMP and Syslog configuration, IPSec gateway to gateway and client to gateway VPNs (IKE v1, IKE v2), SSL VPNs, ACLs and firewalling, SIP, 802.11 a/b/g/n/ac, Captive Portals configuration, WAF and Application Layer Gateway

Jun 2013Mar 2016

Apple Account Security Team - Mac+ Department

Apple @ Teleperformance Hellas - Athens, Greece

Member of Account Security Team, first line of response and support for victims of Apple-related phishing attacks.

Provide complete and appropriate technical solutions for Macs via phone and email.

Troubleshoot and support networking issues of the Airport line of product.

Education

Certifications

AlienVault Certified Security Engineer

AlienVault

License 5706159