Zezst Querubin Baleva

I’m a dynamic, highly analytical cybersecurity leader with over 13 years of progressive enterprise experience in Security Operations, Incident Response, and Detection Engineering. I naturally lead cross-functional security teams—delegating workloads, running quality assurance audits, and executing proactive threat-hunting campaigns. I also design robust CSIRT services from the ground up.

In my current role as a Professional Services Consultant IV (Lead Responder) at Verizon Communications, I deliver managed security and incident response services to global enterprise clients across multiple industries. I help greenfield and integrate CSIRT capabilities, architect Microsoft Sentinel detection logic, and build automated playbooks to accelerate triage and containment. As an Incident Commander, I conduct rigorous ticket audits to ensure accuracy, SLA conformance, and high-quality peer coaching.

Earlier, I led SOC operations governance and SIEM rule development in a telecom environment, coordinating daily monitoring activities and workload routing. I also programmatically built and operationalized security controls like Symantec Data Loss Prevention, while mentoring junior analysts and establishing standard operating playbooks. Before that, I supported identity security through Active Directory access audits, monitored real-time endpoint and email pathways using tools like Splunk and Symantec DLP rules, and maintained evidence for audit and compliance needs.

I balance technical depth with executive-ready communication—translating complex incidents into business-aligned updates for CISOs, Directors, and Regional Officers. My professional foundation is reinforced by Security+ and role-focused identity and vulnerability certifications, plus specialized training across incident handling and SIEM use cases.