J. Ed Howard

Cybersecurity Engineer

I have 10+ years of experience in security operations, detection engineering, incident response, vulnerability management, and network defense. My work has centered on improving visibility, tightening core controls, and building practical automation that helps teams respond faster.

Email Download Resume View Experience

Profile

I am strongest in roles that need both hands-on security work and steady follow-through. That includes monitoring and detection, incident response, firewall and endpoint security, vulnerability management, and working with infrastructure or engineering teams to get fixes implemented.

Experience

Security engineering and operations roles

Principal Security Consultant/Owner

JedSec LLC

May 2020 - Present

  • Designed and deployed security controls including next-generation firewalls, web proxies, and email security for enterprise environments.
  • Led SIEM onboarding and detection engineering, including parser development, correlation rules, dashboards, and tuning playbooks for SOC use.
  • Integrated EDR/XDR tooling into response workflows to support containment, investigation, and post-incident follow-through.
  • Ran vulnerability scanning and prioritization workflows, turning findings into risk-based remediation plans with infrastructure and engineering teams.
  • Built Python and PowerShell automation for enrichment and triage tasks to reduce manual effort and improve consistency.

Security Engineer, Operations Team

All Data

Jul 2016 - Mar 2020

  • Monitored and investigated alerts across host, network, and application layers in enterprise environments.
  • Managed firewall rule lifecycle and IDS/IPS tuning to improve detection quality and reduce false positives.
  • Established logging standards and ensured critical systems were retained, parsed, and searchable within the SIEM.
  • Participated in incident response, root cause analysis, and remediation tracking after security events.
  • Worked with infrastructure and application teams to move key security controls earlier into deployment and change processes.

Recent Work

A few areas I have spent the most time in

SIEM Coverage and Detection Tuning

Expanded log ingestion, normalized key sources, and improved alert quality through rule tuning and analyst feedback.

Firewall Policy Modernization

Supported architecture review, policy cleanup, and migration planning with stronger governance and safer rule testing.

EDR Workflow Integration

Connected endpoint telemetry with triage and response playbooks to speed investigations and improve containment consistency.

Vulnerability Prioritization Pipeline

Mapped findings to business risk, ownership, and remediation timelines so critical issues were easier to track and close.

Technical Toolkit

Areas I have worked in most often

SIEM and log analysis, detection engineering, incident response, SOC operations, EDR/XDR, firewall administration, IDS/IPS, vulnerability management, cloud security, AWS and Azure, Python, PowerShell, Bash, security monitoring, MITRE ATT&CK, Linux, and Windows.