Skip to main content
John MedinaJM
Open to opportunities

John Medina

@johnmedina

I’m a GIAC-certified security analyst focused on vulnerability risk and remediation.

United States
Message

What I'm looking for

I’m seeking a Security Analyst role where I can analyze and prioritize security vulnerabilities by severity, collaborate with engineering teams to escalate and track remediation, and help strengthen the security of systems and software.

I’m a cybersecurity professional with GIAC Certified Incident Handler (GCIH), GIAC Security Essentials (GSEC), and GIAC Foundational Cybersecurity Technologies (GFACT) certifications. I bring hands-on security operations experience spanning incident triage and response, threat detection engineering, Windows event log analysis, and Active Directory attack reconstruction.

I build and tune enterprise detection capabilities through labs using Elastic Stack, Wazuh, Microsoft Sentinel, Sysmon, Winlogbeat, and cloud-native detection workflows. I analyze vulnerabilities by severity and risk (aligned to MITRE ATT&CK and CVSS), escalate and track remediation, and strengthen defenses with evidence-driven incident documentation, forensic artifacts, and security hardening recommendations.

Experience

Work history, roles, and key accomplishments

UN

Owner / Operator

Unitruss

Jan 2018 - Jan 2025 (7 years)

Founded and independently operated a business across U.S. and international markets, managing client communication, scheduling, and day-to-day operations. Maintained disciplined operational documentation and record-keeping that translated to vulnerability tracking, escalation, and remediation follow-up.

OI

AUV/USV Operator

Ocean Infinity

Jan 2016 - Jan 2018 (2 years)

Conducted analysis of autonomous underwater and unmanned surface vehicle telemetry, sonar imagery, and mission data to identify anomalies and support informed decision-making during offshore deployments. Produced detailed post-mission documentation and maintained complete records to enable timeline reconstruction and investigation continuity.

HC

Unmanned Surface Vessel Operator II

Harris Corporation

Jan 2014 - Jan 2016 (2 years)

Supported maritime security operations by analyzing sonar imagery and vehicle telemetry to identify potential underwater threats and classify contacts. Monitored technical data streams, escalated anomalies, authored and maintained standard operating procedures, and documented guidance to improve consistency and knowledge transfer.

United States Navy logoUN

AN/SLQ-48 ROV Operator

Jan 2010 - Jan 2014 (4 years)

Operated and supported cybersecurity-related projects including Active Directory attack/defense lab work and SIEM/detection engineering exercises. Built detection rules mapped to MITRE ATT&CK using Elastic/Kibana and Microsoft Sentinel on Azure, performing forensic-style Windows event log analysis and incident validation.

Education

Degrees, certifications, and relevant coursework

SANS Technology Institute logoSI

SANS Technology Institute

Undergraduate Certificate in Applied Cybersecurity, Applied Cybersecurity

Undergraduate Certificate in Applied Cybersecurity (in progress), focused on practical cybersecurity skills.

Liberty University logoLU

Liberty University

Master of Science in Kinesiology & Exercise Science, Kinesiology & Exercise Science

Master of Science in Kinesiology & Exercise Science.

California Baptist University logoCU

California Baptist University

Bachelor of Science in Kinesiology & Exercise Science, Kinesiology & Exercise Science

Bachelor of Science in Kinesiology & Exercise Science.

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan