Open to opportunities

Brian DOUGHERTY

@briandougherty

Message

Cybersecurity analyst and SOC leader specializing in SIEM, threat hunting, and incident response automation.

United States

Message

What I'm looking for

I seek a hands-on SOC leadership or senior analyst role where I can lead teams, optimize SIEM detections, automate incident response, and strengthen enterprise security posture in a compliance-driven environment.

I am a cybersecurity analyst and Security Operations Center leader with 12+ years of enterprise security operations experience, expert in SIEM deployments and management (Splunk, Elastic, Microsoft Sentinel, ArcSight) and hands-on threat hunting, incident response automation, and log analysis. I have led 24x7 SOC teams of 10–14 analysts across multi-site operations, developed dashboards and detection rules, and automated processes using KQL, SPL, Python and other scripting to reduce false positives and improve response times.

My background includes monitoring large-scale DoD and enterprise networks (50,000+ endpoints), deploying and managing security tools (Zeek, FirePower, NikSUN, MDE), and applying frameworks like MITRE ATT&CK, NIST CSF and DoD RMF to strengthen security posture. I mentor teams, drive compliance-focused reporting, and leverage OSINT and packet analysis to enhance network and endpoint defenses.

Experience

Work history, roles, and key accomplishments

Current

Cyber Security Analyst

Current

TytoAthene LLC

Apr 2021 - Present (4 years 8 months)

Led a 24x7 SOC monitoring 50,000+ endpoints, configured Kibana and Splunk dashboards, authored Elastic Security rules, and automated log ingestion to reduce false positives and improve incident triage.

Splunk Kibana Python Threat Hunting Incident Response SIEM Tuning

Cyber Security Analyst

A T&T Government Services

Jun 2013 - Apr 2021 (7 years 10 months)

Site lead for 10–14 analysts managing multi-vendor SOC operations for 50,000+ endpoints, developed Splunk/Kibana dashboards and Elastic rules to reduce false positives and accelerate incident response.

Splunk ArcSight Firepower Vulnerability Assessment SOC

Cyber Security Analyst

L-3 Stratis

Mar 2013 - Jun 2013 (3 months)

Rapidly onboarded to SOC operations monitoring 50,000+ endpoints, improved VoIP monitoring methodology to reduce analyst workload, and leveraged Zeek, Elastic, and ArcSight for threat detection.

Zeek ArcSight NikSUN Wireshark Log Analysis Threat Detection

Tier II Defense Engineer

CSC

Jan 2009 - Mar 2013 (4 years 2 months)

Led a team of telecommunications engineers implementing SIP/VoIP and managing carrier switch databases, improving deployment times and enabling enterprise SIP over TLS.

VoIP Siemens EWSD Nortel DMS100 Routing Team Leadership Change Management Telecommunications

Education

Degrees, certifications, and relevant coursework

Southern Illinois University Edwardsville

Master of Information Systems Management, Information Systems Management

Grade: 3.0

Pursuing a Master of Information Systems Management with a concentration in Program Management, expected completion May 2027.

DeVry University

Master of Information Systems Management, Information Systems Management

Grade: 3.8

Completed a Master of Information Systems Management with coursework focused on information systems and management, awarded April 2010.

DeVry University

Bachelor of Science, Electronics Engineering Technology

Grade: 3.7

Awarded a Bachelor of Science in Electronics Engineering Technology in February 1997, focusing on electronic systems and applied engineering principles.