Profiles search
Kota Someya
Senior Cybersecurity Consultant at EY
Berkeley, CA, United States
Details
Experience:
2022 : Present
EY
Senior Cybersecurity Consultant
• Developed workflow automation events in CrowdStrike to quarantine suspect files,
block malicious hashes, and close outstanding alerts to reduce remediation and response time by 80%
• Led latest security patch for CrowdStrike sensors on corporate assets across Windows, Mac, and Linux operating systems. Collaborated cross-functionally with the Network, Product, and Sales teams
• Reduced noise and doubled the rate of true positives by fine-tuning (setting parameters : risk, time range, and security tags) in DarkTrace
• In response to Zero-Day vulnerability Log4j (CVE-2021-44228), recommended security updates to remediate vulnerability after conducting threat hunt iteratively
2021 : 2022
Petco
Information Security Engineer
• Collaborated with auditors to remain NERC-CIP compliant and provided network security solutions for Enterprise Risk Management tool Archer
• Documented and effectively enhanced security policies and security procedures, to be adopted by other business units within the organization
• Recommended best practices for information security and privacy to stay compliant and ensure business continuity
• Designed and engineered new alert signatures in SQL to report potential incidents
• Queried Python for user last password set in AD to verify password change and built a process to provide metrics to management, doubling efficiency in analyzing cloud-based security events
• Conducted investigations with SIEM and IPS tools to triage true-positive security events, thereby reducing thousands of false-positives within a cloud security database
• Mitigated 210+ malicious IPs, domains, and hash values per month from internal environments by pivoting across various EDR, IDS, and Windows host-based logs and threat hunting and researching true-positive security incidents to protect SCADA infrastructure
2020 : 2021
Sempra
Cyber Security Analyst
• Leveraged understanding of best practices security principles (NIST 800-53, ISO27001, GDPR, and CCPA) and strategic information security policies (SANS, OWASP, STIG) to help develop and improve awareness for preventative best security practices, ensuring safety and counseling for 100+ IT employees
• Counseled and coordinated with IT team on security and privacy procedures to obtain privileged access, streamlining their workflow and optimizing IAM, increasing their information security posture
• Responded, analyzed, and continuously improved monitoring process for hostile nation-states using SQL to uncover bad actors and prevent unauthorized access to ensure safety of organization to ensure business continuity
• Contained insider and foreign threats with 12+ security tools (Phantom, Splunk, FireEye, ForeScout, etc.)
2018 : 2018
Southern California Edison (SCE)
Cyber Security Analyst Intern
2016 : 2017
Ren Wireless LLC
Agent Support Specialist
EY
Senior Cybersecurity Consultant
• Developed workflow automation events in CrowdStrike to quarantine suspect files,
block malicious hashes, and close outstanding alerts to reduce remediation and response time by 80%
• Led latest security patch for CrowdStrike sensors on corporate assets across Windows, Mac, and Linux operating systems. Collaborated cross-functionally with the Network, Product, and Sales teams
• Reduced noise and doubled the rate of true positives by fine-tuning (setting parameters : risk, time range, and security tags) in DarkTrace
• In response to Zero-Day vulnerability Log4j (CVE-2021-44228), recommended security updates to remediate vulnerability after conducting threat hunt iteratively
2021 : 2022
Petco
Information Security Engineer
• Collaborated with auditors to remain NERC-CIP compliant and provided network security solutions for Enterprise Risk Management tool Archer
• Documented and effectively enhanced security policies and security procedures, to be adopted by other business units within the organization
• Recommended best practices for information security and privacy to stay compliant and ensure business continuity
• Designed and engineered new alert signatures in SQL to report potential incidents
• Queried Python for user last password set in AD to verify password change and built a process to provide metrics to management, doubling efficiency in analyzing cloud-based security events
• Conducted investigations with SIEM and IPS tools to triage true-positive security events, thereby reducing thousands of false-positives within a cloud security database
• Mitigated 210+ malicious IPs, domains, and hash values per month from internal environments by pivoting across various EDR, IDS, and Windows host-based logs and threat hunting and researching true-positive security incidents to protect SCADA infrastructure
2020 : 2021
Sempra
Cyber Security Analyst
• Leveraged understanding of best practices security principles (NIST 800-53, ISO27001, GDPR, and CCPA) and strategic information security policies (SANS, OWASP, STIG) to help develop and improve awareness for preventative best security practices, ensuring safety and counseling for 100+ IT employees
• Counseled and coordinated with IT team on security and privacy procedures to obtain privileged access, streamlining their workflow and optimizing IAM, increasing their information security posture
• Responded, analyzed, and continuously improved monitoring process for hostile nation-states using SQL to uncover bad actors and prevent unauthorized access to ensure safety of organization to ensure business continuity
• Contained insider and foreign threats with 12+ security tools (Phantom, Splunk, FireEye, ForeScout, etc.)
2018 : 2018
Southern California Edison (SCE)
Cyber Security Analyst Intern
2016 : 2017
Ren Wireless LLC
Agent Support Specialist
Company:
EY
Spoken Language:
English, Japanese
About
I have a background in business and cybersecurity. My protective instincts, analytical acumen, and ability to work well under pressure have led me to be passionate about mitigating security threats. Whether it’s playing water polo or simulating a startup, I know when to alternate between a flexible team player and an assertive leader. In my free time, I enjoy picking up new programming frameworks, exploring new places, and gaining different perspectives. Check out my recent projects at github.com/ksomeya1 and kotasomeya.com.
Profile Photo
