Daniel López

I am part of the Security Operations Center of Cloud Software Group (formerly Citrix). Our mission is to protect the company from external and internal cyberthreats improving our security posture on a 24/7 service.

Key Responsibilities:

• Analyzing, containing and remediating all types of cyberthreats (malware infections, mail campaigns, Fraud/Abuse cases, Insider Threat/Data Loss Prevention…)
• Threat hunting and researching new malware/phishing campaigns providing specific mitigation and recommendation steps based on the investigation
• Support SIEM and Detection Engineers to fine tune alerts reducing volumetry, improving performance and detection rate

Technologies used in this role:

AWS / Azure (Cloud) • Microsoft Defender for Endpoint / Falcon CrowdStrike (EDR) • Splunk (SIEM) • Cortex XSOAR (SOAR)

Internal employee working at Banco Santander’s Global SOC team providing 24/7 service and on-call rotation to all bank’s entities worldwide.

Key Responsibilities:

• Perform monitoring, in-depth investigation and mitigation of security incidents
• Monitor website’s traffic and critical bank SWIFT assets. Follow-up standard operation procedures, playbooks and on-demand analysis of security alerts such as malware, phishing, DDoS or brute force attacks
• Fraud prevention: manage phishings targeting employees, suspicious emails received by VIP directors, compromised credit cards, mule accounts, stolen corporate devices, data leaks, fake profiles in social media, repositories or apps in unofficial markets

Technologies used in this role:

AWS (Cloud) • Falcon CrowdStrike (EDR) • Splunk (SIEM) • IBM QRadar (SOAR) • Cisco Ironport (Proxy) • McAfee (IPS)

Security Analyst at Deloitte’s CyberSOC serving as Managed Security Service Provider (MSSP) for several national and international customers.

Key Responsibilities:

• Conduct initial analysis of alerts from SIEM tools to identify potential security threats
• Follow playbooks and procedures applying immediate containment and remediation measures to threats as needed
• Escalate potential incidents to other teams with context and detailed data for further investigation

Technologies used in this role:

Splunk (SIEM) • QRadar (SIEM) • ArcSight (SIEM) • FireEye (IPS) • McAfee (ePO)

During my Master’s Degree in Telecommunications Engineering at University of Seville, I gained a deep understanding of the principles and practices of modern telecommunications networks and systems. Throughout my studies, I was exposed to a wide range of topics including network architectures, signal processing, wireless communications and network security.

I completed my Bachelor’s Degree in Telecommunications Engineering at University of Seville, where I gained a comprehensive understanding of the fundamental principles and practices of telecommunications engineering as well as developed my computer science and programming skills.