ptarrant/resume
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
44f1176073a718ae78af2bea93788df83b821cc0
resume/2025/Head-of-SOC/Resume.md

7.8 KiB
Raw Blame History

PHILLIP TARRANT

Head of Security Operations | SOC Director

Morrison, TN | (706) 294-6733 | ptarrant@gmail.com | LinkedIn

PROFESSIONAL SUMMARY

Results-driven Security Operations leader with 20+ years in cybersecurity and proven expertise scaling SOC operations in high-growth MSSP environments. Successfully grew SOC client base by 225% while managing a team of 17 direct reports and improving operational margins from 18% to 52%. Hands-on leader combining strategic vision with deep technical expertise in SIEM, SOAR, DFIR, and threat detection. Track record of building operational structure through SOPs, playbooks, and automation that drove 47% automated ticket resolution at scale.

CORE COMPETENCIES

SOC Leadership & Operations Technical Expertise
Team Building & Development (17+ direct reports) SIEM: Splunk, Sentinel, ELK, Stellar Cyber
SOC Scaling & Growth Strategy SOAR: Swimlane, D3, Torq
Playbook & Workflow Development EDR: SentinelOne, Defender, Darktrace
SOP Creation & Process Design DFIR & Malware Analysis
KPI Development & Metrics Reporting Threat Hunting & Detection Engineering
P&L Management & Profitability Python, PowerShell, Automation
Vendor Management & Negotiations Cloud Security: AWS, Azure
Executive Communication NIST, PCI-DSS, HIPAA Compliance

PROFESSIONAL EXPERIENCE

Senior Information Security Consultant

Confidential | Remote | January 2025 - Present

Contract consulting providing SOC leadership and cybersecurity expertise to multiple organizations.

  • Served as interim SOC Director at ATS Cyber Security Services, restructuring SOC workflows and elevating team capabilities through targeted training programs
  • Currently leading SOC operations for US Defense Space market supplier across multiple Microsoft tenants and international locations
  • Managing full SOC lifecycle including alert triage, DFIR engagements, and vulnerability management
  • Designed and implemented automation operations including SDLC processes and deployment pipelines
  • Managed enterprise Vulnerability Management Program for major fintech client using Qualys, building custom reports and automation scripts

Director of Automation

Compuquip Cybersecurity | Doral, FL | June 2024 - December 2024

Led Automation Team to transform SOC operational efficiency through intelligent automation.

  • Built automation infrastructure handling 3,500 tickets weekly with 47% closed without human intervention
  • Designed, programmed, and deployed AI-powered tools using custom prompts and logic engines for security automation
  • Spearheaded new automation architecture using Python, AWS Lambda, and SOAR platforms
  • Drove team development in automation workflows and modern SOAR technologies
  • Created custom heuristics, filtering rulesets, and rule engines for automated alert triage

SOC Director

Compuquip Cybersecurity | Doral, FL | March 2023 - June 2024

Directed Security Operations Center serving MSSP clients, overseeing all SOC, Red Team, and managed services operations.

  • Scaled SOC client base from 16 to 52 customers (225% growth) through service expansion
  • Improved SOC profitability from 18% to 52% margin (80% in peak quarter), contributing to 15% annual net income growth
  • Managed team of 17 direct reports including SOC analysts, engineers, and specialists
  • Part of executive leadership team with COO/CEO/CFO, participating in quarterly strategic planning
  • Oversaw Red Team/Offensive Security operations and Managed Remediation Service projects
  • Managed DFIR engagements, MDR services, proactive vulnerability scanning, patching, and penetration testing
  • Developed and maintained situational awareness reports for APT and foreign adversary incidents
  • Created threat trend analysis reports and operational metrics for executive visibility

SOC Technical Manager

Compuquip Cybersecurity | Tampa, FL | January 2021 - March 2023

Managed SOC operations with focus on process development, team mentorship, and incident research.

  • Authored comprehensive SOPs and training documentation establishing operational standards
  • Led incident research activities and mentored SOC engineers on advanced investigation techniques
  • Developed SOC playbooks and workflows standardizing response procedures
  • Generated end-of-month operational reports for management and customer stakeholders
  • Maintained threat intelligence and situational awareness reports for advanced persistent threats
  • Created threat trend analysis reports and performance metrics

Sr. Cyber Security Architect

Travel Syndication Technology (TST) | Alpharetta, GA | April 2020 - January 2021

Responsible for security architecture, compliance programs, and security operations strategy.

  • Developed and maintained cloud security posture and protection controls
  • Created custom automation tools for infrastructure attack simulation and detection design
  • Led organization through PCI and NIST 800-series compliance audits
  • Formulated and managed phishing awareness and developer security training programs
  • Designed automated security verification and testing programs

Senior Cyber Security Engineer

Intercontinental Exchange | Marietta, GA | March 2020 - April 2020

Architecture and Automation Team member focused on SOC tooling and data pipeline optimization.

  • Designed security data flow architecture from endpoints through aggregation, parsing, and storage
  • Developed custom tools automating SOC triage and response activities
  • Built vulnerability and threat hunting dashboards for tracking and mitigation
  • Incorporated security into CI/CD pipelines including cloud-based deployments

Cyber Security Engineer

Intercontinental Exchange | Marietta, GA | August 2018 - March 2020

Incident Response and Digital Forensics Team lead investigator.

  • Served as lead investigator on critical security incidents with thorough forensic investigations
  • Created extensive documentation establishing IR team processes and procedures
  • Led malware analysis operations in isolated sandbox environments
  • Developed training programs including custom malware writing exercises for junior analysts
  • Managed multi-server compromise investigations coordinating across three teams and time zones

Technical Services Manager

The National Wild Turkey Federation | Edgefield, SC | October 2015 - August 2018

Managed IT team of 8 direct reports supporting 300+ staff members.

  • Directed team of technicians and developers with full performance management responsibilities
  • Managed security for entire web presence including network and application security
  • Negotiated vendor contracts saving $50,000+ annually through in-house migrations
  • Oversaw infrastructure expansion doubling server capacity

CERTIFICATIONS

Certification Issuer
GWAPT - Web Application Penetration Tester GIAC
GCFA - Forensic Analyst GIAC
GCIH - Incident Handler GIAC
Lethal Forensicator Coin SANS (Award for Digital Forensics Excellence)

EDUCATION

Associate Degree in Network Administration | Virginia College | 2014-2016 | GPA: 4.0

KEY ACHIEVEMENTS

  • SOC Scaling: Grew MSSP SOC from 16 to 52 clients while maintaining service excellence
  • Operational Excellence: Improved SOC margins from 18% to 52% through process optimization
  • Automation Leadership: Built systems processing 3,500 weekly tickets with 47% automated resolution
  • Team Development: Successfully led and mentored teams up to 17 direct reports
  • Executive Partnership: Collaborated with C-suite on strategic direction as part of leadership team
  • Enterprise Scale: Managed operations for 50+ clients, 150,000+ assets, 1M+ users
Reference in New Issue View Git Blame Copy Permalink