Himalayas logo
JG
Open to opportunities

Johny Galvez

@johnygalvez

Threat intelligence analyst specializing in proactive threat hunting and detection engineering.

Guatemala
Message

What I'm looking for

I seek a role focused on proactive threat hunting and detection engineering where I can turn intelligence into impactful detections, collaborate with IR teams, and drive measurable security improvements.

I am a proactive security professional with 7+ years of experience in threat intelligence analysis, adversary profiling, proactive threat hunting, and SOC operations (L1–L2). I transform intelligence into actionable detections, produce executive and tactical reports, and collaborate with IR teams to contain threats while reducing MTTD and improving detection efficiency.

I have operated in fast-paced MSSP and financial environments across Latin America and the US, conducting TTP-driven hunts, managing TIPs and telemetry platforms (Mandiant, MISP, T-Pot), and developing Sigma, YARA and KQL rules. My work has driven patch prioritization, SOC rule deployment, and measurable improvements in alert triage and malware/phishing detection.

Experience

Work history, roles, and key accomplishments

GB

Threat Intelligence Analyst

GBM

Jul 2024 - Jul 2025 (1 year)

Conducted threat intelligence research on global and regional campaigns and executed 8+ TTP-driven hunts per month, delivering 12+ executive and tactical intel reports monthly that influenced patch prioritization and SOC rule deployment.

Threat HuntingThreat IntelligenceMandiantMISPT PotDetection Engineering
CO

Cyber Operations Engineer

Conduent

Apr 2022 - Jul 2023 (1 year 3 months)

Managed 30–50 alerts per shift with 15-minute average acknowledgement and 90% SLA adherence; conducted pattern-based threat hunting across EDR and SIEM and developed 15+ detection rules per quarter, improving detection efficiency by 25%.

SIEMCarbon BlackThreat HuntingSigmaYARADetection EngineeringIncident Response
TI

SOC Engineer L2

Tigo

May 2020 - Apr 2022 (1 year 11 months)

Administered security platforms (SIEM, IDS/IPS, WAF, AV, DLP, FW) and improved alert triage accuracy by 20%; created detection rules across multiple controls and supported PCI DSS compliance and SOC playbook improvements.

SIEMIDSWAFPCI DSSPlaybook Development

Education

Degrees, certifications, and relevant coursework

Galileo University logoGU

Galileo University

Telecommunications Administration

Pursuing studies in Telecommunications Administration (ongoing), focusing on telecommunications systems and administration.

IN

Intecap

Technical Career, Network and Telecommunications Administration

2015 - 2017

Completed a Technical Career in Network and Telecommunications Administration focusing on network administration and telecommunications fundamentals.

Tech stack

Software and tools used professionally

Gmail logo

Gmail

ArcSight logo

ArcSight

Root Cause logo

Root Cause

SQL logo

SQL

Black

Availability

Open to opportunities

Location

Guatemala

Authorized to work in

Guatemala

Job categories

Threat Intelligence AnalystThreat HunterSOC AnalystIncident Response EngineerDetection EngineerSecurity ResearcherThreat Intelligence AnalystSecurity Operations AnalystSenior Threat Intelligence SpecialistSenior Cyber Threat Intelligence AnalystSenior Threat Intelligence Subject Matter ExpertSenior Threat Detection Analyst

Skills

Threat HuntingThreat IntelligenceTTP AnalysisIOC EnrichmentMandiantMISPT PotSIEM (QRadarElasticMcAfeeSQLSigmaYARAMalware AnalysisStatic AnalysisDynamic AnalysisSandboxIncident ResponseRoot Cause AnalysisArcSightBlackGmailRoot Cause

Interested in hiring Johny?

You can contact Johny and 90k+ other talented remote workers on Himalayas.

Message Johny

People also viewed

View all talent

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Johny Galvez - Threat Intelligence Analyst - GBM | Himalayas