Rodrigo Americo

Cyber Security Analyst with 10+ years of experience in IT and a strong background in Security Operations (SOC), Incident Response, and Cloud Security within regulated financial and enterprise environments. My work focuses on threat detection, incident investigation, and improving SOC efficiency through detection tuning and security automation. I have hands-on experience monitoring and investigating security events using SIEM platforms such as Splunk and Datadog, correlating logs across cloud, endpoint, and network telemetry sources. Currently working as a Cyber Security Engineer at Dock, a fintech company providing Banking-as-a-Service and operating in a highly regulated payments environment. I support security operations and fraud investigation activities by analyzing alerts, investigating suspicious activity, and improving detection capabilities across multiple security platforms. One of my key contributions was helping reduce SOC false positives by approximately 90% through detection tuning, alert enrichment workflows, and review and improvement of playbooks and documentation. I also implemented automation workflows using no-code/low-code tools such as n8n to streamline investigations, reducing the average investigation time from approximately 30 minutes to about 10 minutes per alert. My experience also includes monitoring security activity across multi-cloud environments (AWS and Microsoft Azure), analyzing WAF activity, investigating CSPM findings, and reviewing identity-related alerts involving authentication anomalies and access control systems. Areas of expertise: • Security Operations (SOC) • Incident Response & Threat Investigation • SIEM Monitoring (Splunk, Datadog) • Cloud Security Monitoring (AWS, Azure) • Detection Engineering & Alert Tuning • Security Automation for SOC workflows • Phishing and Fraud Investigation