Christian Espina

• Research, develop, and deliver strategic-level cyber, physical, and geopolitical threat intelligence products tailored to the healthcare sector.
• Produce regular intelligence reporting, including Daily Cyber Headlines, adhoc cybersecurity bulletins, monthly threat briefings, and contributions to annual threat landscape reports.
• Deliver tactical intelligence products, including threat, event, and incident, driven analysis to support operational decision-making.
• Monitor, evaluate, and analyze emerging security trends, evolving threats, risks, and vulnerabilities, applying appropriate intelligence toolsets to assess healthcare sector impact.
• Support member organizations during incident response activities and significant security events, providing timely and actionable intelligence.
• Synthesize and analyze member-shared intelligence, commercial sources, and open-source feeds to identify trends and support annual and periodic analytical reporting.
• Collaborate cross-functionally to deliver informative intelligence content for members, cross-sector entities, and public-sector partners.
• Support and participate in member and analyst exchange programs, including assisting with training and operational support at regional and
  international locations.
• Conduct presentations and briefings at conferences, workshops, webinars, and panel discussions, representing the organization at external engagements.
• Maintain operational readiness by supporting rotational or on-call shifts, including weekends and holidays, during incidents or major events as
  required.
• Develop and maintain a trusted network of intelligence sources to enhance insight beyond publicly available information.
• Design and introduce new and innovative intelligence products aligned with evolving stakeholder and member requirements.
• Provide intelligence analysis supporting resilience, crisis management, and risk management functions.
• Build and maintain strong relationships with internal and external stakeholders across multiple operational domains.
• Establish and strengthen partnerships with APAC member organizations, CERTs, and regional CTI operations to enhance regional threat intelligence
  coverage.
• Attend regional and international events to expand professional networks
  and intelligence collaboration within the APAC region.

Conducted comprehensive internal audits to identify areas for improvement within the organization's information security program, ensuring risks are mitigated and vulnerabilities are addressed.

Monitored and managed company assets, ensuring all assets are properly protected and continuously monitored for security breaches.

Worked closely with IT teams to integrate security measures seamlessly into existing infrastructure, ensuring robust protection without disrupting operations.

Performed regular security audits, ensuring compliance with industry regulations, ISO standards, and best practices to maintain a secure environment.

Reviewed documentation for adherence to local and national code requirements, ensuring that organizational practices align with legal standards.

Conducted thorough checks and data analysis on internal IT data, ensuring that all operations and security protocols meet ISO security standards.

Performed regular web security assessments, ensuring that all access is role-based, and only authorized personnel can access sensitive information.

Developed data analysis dashboards to streamline monitoring of key security metrics, enabling real-time tracking and efficient decision-making.

• Coordinated incident response efforts across multiple departments, fostering teamwork in resolving complex issues effectively.
• Assisted in successful completion of security audits, resulting in boost of client trust and confidence.
• Maintained up-to-date knowledge of emerging threats by attending professional development events and staying informed on industry trends.
• Analyzed log files for anomalies, identifying potential intrusions or malicious activity before significant damage occurred.
• Enhanced security monitoring capabilities by upgrading to more sophisticated surveillance tools, providing real-time alerts on potential security infringements.
• Recommend improvements in security systems and procedures.
• Monitor networks, computers, and applications looking for events and traffic indicators that signal intrusion or indicators of compromise
• Responsible for evaluating security logs, defining how logs must be parsed to make them usable for detection rules on SIEM platform and writing new detection rules.
• Create cyber security report base on client request.
• Perform incident response and investigation on all incoming alerts on SIEM.
• Creating SIEM dashboard to other Geolocation Team and clients.
• Answering client inquiries using our ticketing system ServiceNow.
• Streamlined business and security processes by automating repetitive tasks using Microsoft Power Automate.
• Created interactive dashboards and data visualizations for reporting using Azure Power BI, enabling effective decision-making based on real-time insights with use of SIEM logs.

• Resolved complex issues by utilizing strong analytical skills and innovative problem-solving techniques.
• Build security policy and standard and requirements for newly established SOC.
• Used in different security tools like SIEM, SOAR,Cloud and EDR.
• Prepare reports that identify technical and procedural findings and provide. recommended remediation strategies/solutions.
• Capture and analyze network traffic associated with malicious activities using network monitoring tools.
• Used OSINT for investigation for internal and external alerts.
• Investigation using different application tools for effective results.
• Reviewed problem logs to identify recurring problems and coordinated issue resolution activities.

Analyzed post-resolution security incidents to identify gaps and recommend improvements in technical controls and incident response processes.

Reduced false positive alerts by fine-tuning detection parameters in security monitoring systems, significantly enhancing operational efficiency.

Customized, managed, and optimized SIEM (Security Information and Event Management) systems for real-time threat detection, correlation, and analysis.

Recommended improvements in security systems, policies, and procedures to strengthen the overall security posture.

Identified, evaluated, and reported information security threats impacting both the ePLDT Group and its clients.

Managed and monitored Endpoint Detection and Response (EDR) solutions to ensure proactive threat detection and enhance client security.

Created daily and monthly security reports based on client requirements and SLAs.

Performed vulnerability assessments as part of the client onboarding process to ensure secure integration into managed security services.

Analyzed malware samples and leveraged threat intelligence feeds to identify and document Indicators of Compromise (IOCs).

Facilitated client onboarding for security services and provided regular updates throughout project development and implementation phases.

Entered service tickets into the incident tracking system to facilitate faster problem identification and resolution.

Discussed customer concerns regarding the application user experience to promote improvements in usability and satisfaction.

Contributed to knowledge base articles, sharing expertise with colleagues to enhance overall team capabilities and knowledge sharing.

Conducted regular reviews of service desk metrics to identify opportunities for improvement and implement effective enhancements.

Implemented remote desktop support tools to increase efficiency in resolving user issues remotely.

Provided after-hours support as needed to minimize business impact during downtime or critical events.

Collaborated with IT teams to resolve complex technical issues, ensuring minimal downtime for end users.

Monitored system performance proactively to identify and address potential issues before escalation.

Generated reports to track service desk performance and analyze trends, supporting data-driven decision-making.

Validated documents submitted by the client to ensure accuracy and compliance.

Monitored sender IDs requested by the client for registration.

• Created help desk tickets, troubleshot and resolved desktop issues.
• Delivered onsite technical support for employees.
• Determined hardware and network system issues using proactive troubleshooting techniques.
• Answered questions and provided information to customers about new software or hardware.
• Optimized network performance with regular maintenance checks, software updates, and hardware upgrades.
• Prepared new computers and mobile devices according to internal policies on standardized software and security deployments.
• Used ticketing systems to manage and process support actions and requests.
• Provided Tier 1 IT support to non-technical internal users through desk side support services.
• Resolved escalated issues by serving as subject matter expert on wide-ranging issues.
• Updated software to safeguard against security flaws.
• Configured and tested new software and hardware.
• Created user accounts and assigned permissions.
• Generated reports to track performance and analyze trends.
• Patched software and installed new versions to eliminate security problems and protect data.