Open to opportunities

Anxo User

@anxouser

Message

Experienced cyber threat hunter specializing in endpoint detection and automated threat hunting.

Spain

Message

What I'm looking for

I’m seeking a hands-on threat hunting or endpoint security role focused on automation, EDR engineering, purple-team collaboration, and measurable improvements to detection and response within a collaborative security-driven team.

I am a Cyber Threat Hunter with hands-on experience operating CrowdStrike Falcon, Cortex XDR, SentinelOne and Microsoft Defender for Endpoint (MDE) across production environments.

I conduct daily threat hunting operations by reviewing over 500 custom queries based on TTPs from the MITRE ATT&CK framework and analyze alerts with a maximum response time of one minute. I turn intelligence from public reports and Purple Team outcomes into actionable detection queries.

I have built automation tools to support threat hunting and artifact analysis, and previously managed CrowdStrike Falcon and CyberArk EPM at global scale. I designed and implemented a comprehensive EDR using ELK, performed malware analysis, and led internal black box and web application audits using OWASP methodology.

I hold an MSc in Cybersecurity (Avg. Score: 9.1/10), certifications eJPT and eCTHP, and received the Award for the Best Cybersecurity Master’s thesis in Galicia. I focus on improving detection, response, and automation to increase team productivity and security posture.

Experience

Work history, roles, and key accomplishments

Current

Cyber Threat Hunter

Current

Tarlogic Security

Oct 2023 - Present (1 year 10 months)

Conduct daily threat hunting across multiple EDRs, reviewing over 500 custom queries based on MITRE ATT&CK and responding to alerts with a maximum one-minute response time. Built automation tools and transformed research and Purple Team outputs into actionable detection queries to increase visibility and detection coverage.

Cortex XDR SentinelOne Threat Hunting EDR Automation)Incident Response

Endpoint Security Engineer

Inditex

Jun 2023 - Oct 2023 (4 months)

Managed CrowdStrike Falcon and CyberArk EPM to strengthen global endpoint security and ensured security policy compliance while promptly resolving Remedy incidents to minimize downtime. Implemented and monitored endpoint controls to maintain enterprise security posture.

Endpoint Security EDR Remedy Security Compliance Incident Response

Cyber Security Analyst

Disashop

Sep 2022 - Jun 2023 (9 months)

Designed and implemented a comprehensive EDR using the Elastic Stack (ELK) and continuously optimized detection workflows while conducting malware analysis and remediating infected endpoints. Performed internal black-box and web application audits using OWASP methodology and leveraged Chronicle SIEM and Splunk for monitoring.

Splunk Malware Analysis OWASP Incident Response EDR

Cyber Security Researcher

CITIC

Oct 2021 - Apr 2022 (6 months)

Conducted IT security research and investigations supporting academic projects and actionable analysis for investigative activities. Produced technical findings used in research outputs and collaborated on security-focused experiments.

Malware Analysis Wireshark Volatility Research Digital Forensics Threat Intelligence

Education

Degrees, certifications, and relevant coursework

University of A Coruña & University of Vigo

Master of Science (MSc) in Cybersecurity, Cybersecurity

2021 - 2023

Grade: 9.1/10

Activities and societies: Honors in Cybersecurity Master's thesis; Award for the Best Cybersecurity Master’s thesis in Galicia; publication: "Open source, secure, and incentivized system for collaborative internet access via blockchain" (2023).

Completed MSc in Cybersecurity (MUniCS) jointly at the University of A Coruña and University of Vigo, graduating in 2023 with an average score of 9.1/10.