I support the design, implementation, and ongoing operation of Security Operations Center (SOC) and Managed Detection & Response (MDR) capabilities. This includes 24/7 monitoring, alert triage, investigation, and remediation. I help organizations deploy and manage tools such as SIEM, XDR/EDR, and DLP, ensuring detection rules, dashboards, and workflows are tuned to reduce false positives and improve response times.
I also provide vulnerability and patch management, identifying security weaknesses, prioritizing risks based on business impact, and supporting remediation to reduce the attack surface. When active threats or incidents occur, I lead response and recovery efforts, including containment, root cause analysis, reporting, and lessons learned.
I work with small and mid-sized businesses, high growth organizations, and enterprises, offering flexible engagement models such as project-based work, retainers, or fractional security leadership. Services can be delivered remotely or in a hybrid model, supporting clients across Canada, the United States, and internationally.
This Service Includes:
Managed Endpoint Security (EDR / XDR): Deployment, administration, and ongoing management of endpoint security solutions, including automated response and incident isolation.
Vulnerability & Patch Management: Vulnerability scanning, risk prioritization, and end-to-end patching.
Threat Hunting & Incident Response: Proactive threat detection, investigations, post-incident analysis, and containment.
SIEM / SOAR Setup & Management: Implementation and management of SIEM/SOAR platforms, log aggregation, and response automation.
Security Operations Center (SOC) Management: SOC design and oversight, SIEM tuning, alert analysis, and playbook development.
Managed Detection & Response (MDR) / SOC as a Service: 24/7 monitoring, incident detection and response, and continuous threat hunting.