About Me#
Patrick McCabe#
Charleston, SC · Mobile: 732-788-5730
Cybersecurity Professional · Security Operations · Threat Detection & Incident Response#
Professional Summary#
Dynamic Cybersecurity Engineer and Analyst with a proven track record in security operations, threat detection, and technical training. Adept at designing and implementing structured training programs that enhance analyst expertise and elevate organizational defense strategies. Experienced in incident response, threat intelligence, and security tool optimization to ensure rapid identification and mitigation of cyber threats.
Leverages data-driven insights to improve detection accuracy and strengthen security reporting for key stakeholders. Hands-on leader focused on refining workflows, developing scalable training frameworks, and optimizing platforms to strengthen enterprise-wide cyber resilience.
Areas of Expertise#
| Training Development | Incident Response | Threat Analysis |
| SIEM Management | Log Correlation | Endpoint Security |
| Security Operations | Data Visualization | Risk Mitigation |
| Cyber Threat Intelligence | Security Policy | Vulnerability Management |
| Network Security | User Access Control | Process Automation |
Technical Skills#
| Category | Details |
|---|---|
| Programming | Python, Go, Java, C, C/C++, Bash, SQL, Prolog, Racket, XML |
| Operating Systems / Virtualization | Windows 10/Server, RHEL, Debian, macOS, ESXi, Proxmox |
| SIEM / XDR / EDR | Microsoft Sentinel, Splunk, Stellar Cyber, Microsoft Defender, SentinelOne |
| Network / Cloud / Identity | Zscaler, Firewalls, Azure, Okta, DUO |
| Email / Telemetry / Log Pipeline | Mimecast, NXLog, Syslog, Ingestion/Triage Workflows |
| Data & Reporting | Dashboarding, KPI/OKR Metrics, Client-facing Security Reviews |
Professional Experience#
Sensilla, Inc. — Dover, NH#
October 2025 — Present
Network & Security Analyst (October 2025 — Present) Leads advanced log and threat analysis across diverse systems including SIEM, IDS/IPS, and endpoint protection tools to detect anomalous patterns, correlate security events, and identify malicious activity, while minimizing false positives using SIGMA/Yara and leveraging scripting in Python and SQL for data normalization and automation.
- Drives end-to-end incident response workflows by assisting in triage, conducting forensic investigations, identifying root causes, and generating actionable reports aligned with HIPAA compliance, regulatory mandates, and internal protocols for healthcare clients across complex environments.
- Conducts continuous threat monitoring of evolving attack vectors, leveraging threat intelligence platforms and behavioral analytics to anticipate vulnerabilities, prioritize remediation efforts, and recommend mitigation strategies specific to medical device security and healthcare data protection.
- Collaborates with SOC teams and IT stakeholders to maintain operational readiness through playbook creation, cross-functional coordination, and documentation of technical procedures, training guides, and metrics that support real-time detection and response in high-risk environments.
- Delivers client-facing cybersecurity consultation through incident briefings, system audit support, and risk assessment reporting while translating technical findings into actionable insights to strengthen client posture and align with healthcare cybersecurity best practices.
- Supports enterprise access management initiatives by integrating authentication systems, endpoint protection, and multi-factor tools with a focus on compliance and operational efficiency, while applying automation scripts to reduce manual workload and improve security alert accuracy.
Cyber Guards — Memphis, TN#
Sept 2021 – October 2025
Cyber Security Engineer (May 2025 – October 2025)
Direct technical liaison for onboarding managed cybersecurity solutions across hybrid environments; configure SIEM/XDR integrations, validate telemetry pipelines, and align architecture with business needs (e.g., Microsoft Defender, Sentinel, Splunk).
- Resolve complex ingestion issues across endpoint, cloud, and network layers; perform root-cause analysis in SIEMs and implement remediations to maintain telemetry accuracy and alert fidelity.
- Mentor cybersecurity interns via hands-on modules, scoped tasks in threat analysis/alert triage, and structured feedback; reinforce adherence to security protocols and SOPs.
- Support and maintain enterprise security stack (EDR, SIEM, VM, threat intel): health checks, alert tuning, uptime tracking; cross-functional alignment with Engineering and SOC for IR goals.
- Develop technical documentation and SOPs to standardize operations and improve knowledge transfer; gather client requirements and deliver updates via Slack/Teams; identify automation opportunities.
Training Lead (Jan 2024 – May 2025)
Designed and executed hands-on training programs to elevate platform proficiency and strengthen decision-making in realistic IR scenarios.
- Built milestone-based training and promotion framework for Junior, Level I, and Level II Analysts with simulations, assessments, and mentorship.
- Led onboarding for new SOC personnel on procedures, protocols, log analysis, threat intel usage, and IR workflows to ensure readiness pre-deployment.
- Ran ongoing professional development via weekly overlap sessions on new detection methods, advanced tools, forensics, and emerging threats.
- Developed scalable curriculum aligned to evolving threats; integrated red-team exercises, compliance needs, and best practices for improved detection and proactive defense.
Security Operations Center Analyst II, Shift Lead (May 2023 – May 2025)
Provided escalation support on event triage, log correlation, and advanced detection; led knowledge-sharing on SIEM tuning and endpoint best practices.
- Built interactive dashboards for bi-weekly client meetings using end-to-end data workflows (collection → cleaning → exploration → features) across Box, DUO, firewalls, Azure, Mimecast, NXLog, and Okta.
- Advanced support for SentinelOne and Zscaler: diagnose endpoint/network issues, analyze traffic, and perform RCA; tune policies and detection rules in collaboration with vendors/architects.
- Partnered with Engineering to migrate to Stellar Cyber; optimized SIEM workflows, refined detection logic, and integrated ML-based analytics; improved ingestion, correlation rules, and custom use cases.
- Proactively identified vulnerabilities, refined detections, and automated monitoring; implemented behavioral analytics to improve real-time threat intel.
Security Operations Center Analyst I (Sept 2021 – May 2023)
College of Charleston — Charleston, SC#
IT Service Desk Analyst (Jan 2020 – Sept 2021)
Education#
B.S. in Computer Science (Minor: History & Data Science) — College of Charleston, 2021
Licenses, Training, & Certifications#
| Certification | Issuer / Notes |
|---|---|
| Certificate of Cloud Security Knowledge (CCSK) | Cloud Security Alliance |
| Certificate of Competence in Zero Trust (CCZT) | Cloud Security Alliance |
| CySA+ | CompTIA |
| Zscaler Certified Deployment Specialist (IA & PA) | Zscaler |
| Zscaler Certified Support Specialist (IA & PA) | Zscaler |
| Vulnerability Management | Qualys |
| Stellar Cyber Certified Associate | Stellar Cyber |
Leadership & Competitions#
- College of Charleston Cyber Security Club — President (2019–2021)
- Palmetto Cyber Defense Competition (PCDC): 2017–2021 — 2018 Shadow Team; 2019 Main; 2020 Captain; 2021 Captain (MVP, 2nd place)
- Southeastern Collegiate CCDC: 2019–2021 — 2019 Main; 2020 Captain (Top 8); 2021 Captain (Region Champions)
- National Collegiate CCDC: 2021 — Captain
- Collegiate Penetration Testing Competition: 2019 — Captain