About Me

As a cybersecurity professional, I lead Security Operations Center (SOC) initiatives, ensuring continuous monitoring, swift threat detection, and effective incident response. My focus is on developing and implementing threat intelligence programs to proactively identify and mitigate cyber threats.

I manage and optimize various security tools to enhance detection and response capabilities, ensuring they are fine-tuned and configured to reduce noise and improve accuracy. My role also involves maintaining virtual deception technologies and overseeing key security operations, including email gateways and phishing prevention efforts.

In addition to managing the security awareness program, I conduct regular phishing simulations, review reported phishing emails, and provide training to strengthen organizational defenses. I collaborate closely with incident response teams to investigate and remediate security incidents, leading post-incident analysis and reporting.

I’m dedicated to developing and maintaining effective SOPs for SOC operations, mentoring junior analysts, and staying current with evolving cyber threats and technologies. I also work with IT teams on the implementation and operationalization of new security tools, ensuring smooth deployment and creating SOPs for their use.

My work includes preparing and presenting security reports to leadership and contributing to the development of security policies and standards.

Contact Details

Joel Wickham
Cincinnati, OH
(513) 532-8016
JWickham7@gmail.com

Download Resume

Certificates

GIAC

GIAC Certified Intrusion Analyst (GCIA) Issued 11/2018 - Expires 11/2022

The GIAC Intrusion Analyst certification validates a practitioner's knowledge of network and host monitoring, traffic analysis, and intrusion detection. GCIA certification holders have the skills needed to configure and monitor intrusion detection systems, and to read, interpret, and analyze network traffic and related log files.

Education

University of Cincinnati

Bachelor's degree in Information Technology 2015

Received a bachelor's degree from University of Cincinnati.

Work

Ascensus

Principal Cyber Threat Analyst September 2024 - Present

• Lead and manage a 24x7 SOC, ensuring continuous threat monitoring, detection, and response.
• Optimize and fine-tune security tools (Web Proxy, CASB, SIEM, ICES, DMARC, virtual deception technology) to reduce false positives and enhance detection accuracy.
• Implement and monitor insider threat tools, focusing on high-risk users.
• Own and manage the security awareness program, running monthly phishing tests and providing follow-up training.
• Technical lead for incident response during cyber investigations.
• Develop and maintain SOPs for SOC operations to ensure effective security monitoring.
• Provide evidence for audits to demonstrate compliance with regulatory standards.
• Mentor junior analysts and foster continuous learning within the team.
• Stay current with evolving cyber threats, providing strategic guidance on security controls.
• Work with IT teams to deploy and operationalize new security tools, ensuring seamless integration.

Ascensus

Senior Cyber Threat Analyst August 2022 - September 2024

• Primary escalation contact for a 24x7 SOC
• Maintain and utilize a threat intelligence platform.
• Conduct security awareness assessments and training for associates.
• Investigate security and operation incidents in and provide timely responses.
• Stay up-to-date with the latest cybersecurity threats and trends.
• Coordinate with external security vendors and assess security risks for new technologies and projects.

Ascensus

Senior Security Operations Analyst April 2019 - August 2022

• Promoted to Senior in July 2021
• Respond to security incidents, ranging from small to large, by analyzing and addressing them in a timely manner.
• Analyze phishing emails using various tools and techniques, and run monthly internal phishing campaigns to raise awareness and enhance remediation training.
• Create and maintain security documentation for processes and procedures, ensuring that they meet regulatory requirements and industry best practices.
• Help plan and execute security projects related to Malware Sandbox Analysis, DMARC, Email Gateway, EDR, and TIP, working closely with cross-functional teams to achieve project goals.

Western & Southern Financial Group

Cyber Security Analyst January 2018 - April 2019

• Monitor for cybersecurity events and anomalies using a variety of tools such as BlueCoat, OpenDNS/Umbrella, SEP, CarbonBlack, Exabeam, and QRadar.
• Analyze files, URLs, domains, and emails to determine their legitimacy, using internal tools as well as online resources such as VirusTotal, URLVoid, IPVoid, and Robtex.
• Create and tune rules and reports in QRadar to improve the detection and response capabilities of the system.
• Help plan and execute security projects related to NYDFS, CarbonBlack, Impreva SecureSphere/CounterBreach, Varonis, QRoc, ServiceNow SecOps, and ReliaQuest, collaborating with cross-functional teams to ensure successful project outcomes.
• Provide recommendations for security enhancements to management and senior IT staff, based on the results of security assessments, risk analyses, and other sources of information.
• Research the latest IT security trends and technologies and share findings with colleagues to promote continuous learning and improvement.

GE Digital

Incident Commander August 2015 - October 2017

• Command and control outages to quickly restore service, providing support and leadership for all high-priority incidents.
• Maintain control, ownership, and operational authority of an outage triage during high-pressure situations, leveraging technical skills to work with L2, L3, and L4 resources to develop an incident mitigation and restoration plan, and guiding technical resources to service restoration.
• Actively direct and prioritize all aspects of the high-priority incident bridge line and chat with urgency, ensuring effective resource management and service restoration.
• Ensure timely engagement of essential technical support teams, and provide updates to high-level management, stakeholders, and customers.

Prospera Solutions Group

System Administrator February 2015 - August 2015

• Managed 50+ servers and 700+ desktop/laptops for multiple companies, providing IT consulting services that included everything from the server installs to password resets.
• Used tools such as ConnectWise, Continuum, and LogMeIn on a daily basis to monitor, manage, and troubleshoot IT infrastructure and services.
• Interacted with HP, Dell, Microsoft, and ISP representatives on a daily basis, to ensure timely and effective resolution of IT-related issues.

University of Cincinnati

IT Co-op December 2009 - December 2014

• Ensured the security and operational readiness of multiple computer labs across campus, which contained a total of 400+ computers.
• Troubleshot a variety of hardware and software issues, as well as student and faculty account problems, using tools such as Norton Ghost, Track-It, and others.
• Imaged all lab computers using Norton Ghost between every semester, ensuring that they were up to date and secure.

Skills

  • Problem Solving
  • Critical Thinking
  • Major Incident Management
  • Windows
  • Linux
  • Process Optimization

Get In Touch