David Brooks Cox
SOC Analyst · Detection Engineering · Cloud Security
Cybersecurity professional with an MS in Cybersecurity Strategy & Information Assurance from George Washington University (3.9 GPA) and 20+ years of experience in high-acuity, zero-downtime clinical environments where precision and accountability are non-negotiable.
Focused on SOC operations, threat hunting, and detection engineering — with a growing specialization in cloud-native security, identity-based attack paths, and structured vulnerability management.
ISC2 CC certified · INE ICCA · CompTIA Security+ in progress · St. Petersburg, FL
SOC Analysis & Triage
Alert triage, incident response workflows, log analysis, and security monitoring using SIEM platforms and endpoint telemetry. Built for high-signal, low-noise environments.
Threat Hunting & Detection
Hypothesis-driven hunting using KQL and Microsoft Defender for Endpoint. MITRE ATT&CK mapping, behavioral analysis, and insider threat detection across endpoint and network telemetry.
Vulnerability Management
End-to-end vulnerability lifecycle using Tenable Nessus and Azure. Risk prioritization, remediation planning, validation scanning, and structured reporting for measurable risk reduction.
Projects
Practical investigations and tooling focused on detection quality, evidence validation, and structured remediation.
Threat Hunt: Unauthorized Tor Browser Usage
Hypothesis-driven hunt using Microsoft Defender for Endpoint (MDE) telemetry + KQL to detect TOR installation/execution, correlate process/network/file artifacts, and produce SOC-ready findings with recommendations.
Vulnerability Management Program
End-to-end vulnerability lifecycle using Tenable Nessus and Azure. Covers asset discovery, risk prioritization, remediation planning, validation scanning, and structured reporting for measurable risk reduction.
SOC Analyst Portfolio
Structured SOC analyst portfolio developed through the LOG(N) Pacific internship program. Includes incident response playbooks, detection workflows, and documentation built for real-world SOC readiness.