David Brooks Cox

SOC Analyst · Detection Engineering · Cloud Security

Cybersecurity professional with an MS in Cybersecurity Strategy & Information Assurance from George Washington University (3.9 GPA) and 20+ years of experience in high-acuity, zero-downtime clinical environments where precision and accountability are non-negotiable.

Focused on SOC operations, threat hunting, and detection engineering — with a growing specialization in cloud-native security, identity-based attack paths, and structured vulnerability management.

ISC2 CC certified · INE ICCA · CompTIA Security+ in progress · St. Petersburg, FL

SOC Analysis & Triage

Alert triage, incident response workflows, log analysis, and security monitoring using SIEM platforms and endpoint telemetry. Built for high-signal, low-noise environments.

Threat Hunting & Detection

Hypothesis-driven hunting using KQL and Microsoft Defender for Endpoint. MITRE ATT&CK mapping, behavioral analysis, and insider threat detection across endpoint and network telemetry.

Vulnerability Management

End-to-end vulnerability lifecycle using Tenable Nessus and Azure. Risk prioritization, remediation planning, validation scanning, and structured reporting for measurable risk reduction.

Projects

Practical investigations and tooling focused on detection quality, evidence validation, and structured remediation.

Threat Hunt: Unauthorized Tor Browser Usage

Hypothesis-driven hunt using Microsoft Defender for Endpoint (MDE) telemetry + KQL to detect TOR installation/execution, correlate process/network/file artifacts, and produce SOC-ready findings with recommendations.

View
SOCThreat HuntingMDEKQLDetection Engineering

Vulnerability Management Program

End-to-end vulnerability lifecycle using Tenable Nessus and Azure. Covers asset discovery, risk prioritization, remediation planning, validation scanning, and structured reporting for measurable risk reduction.

View
NessusAzureVulnerability ManagementRisk Reduction

SOC Analyst Portfolio

Structured SOC analyst portfolio developed through the LOG(N) Pacific internship program. Includes incident response playbooks, detection workflows, and documentation built for real-world SOC readiness.

View
SOCIncident ResponsePlaybooksLOG(N) Pacific