About

Thanks for stopping by. Read below to learn more about myself and my background.

Tony Muzo portrait

Background

I am a cybersecurity professional with 8+ years of experience across Threat Intelligence, Incident Response, and Security Operations. I progressed from SOC analyst roles into leading investigations, producing ransomware-focused threat intelligence, and developing actionable detection opportunities for blue teams.

My work focuses on profiling threat actors, analyzing TTPs, and translating complex technical behaviors into intelligence products that support SOC, IR, and executive decision-making. I specialize in ransomware ecosystem analysis, MITRE ATT&CK mapping, and producing intelligence deliverables enriched with IOCs, behavioral signatures, and defensive recommendations.

Across roles at One Arrow Consulting, the City of St. John’s, Cisco Security, and Symantec, I have supported organizations through investigations of malware outbreaks, credential compromises, phishing campaigns, and high‑volume alert environments. My work integrates operational vigilance with strategic intelligence to strengthen overall defensive posture.

Education

I have completed multiple technical and communication-focused programs through SANS Institute, AWS training pathways, and cybersecurity writing and speaking courses. I continue to pursue advanced security engineering and intelligence education to refine my investigative and reporting capabilities.

Skills

  • Threat Intelligence: Ransomware profiling, adversary TTP analysis, MITRE ATT&CK mapping.
  • Security Operations: Event monitoring, incident coordination, access control and endpoint behavior analysis.
  • Incident Response: Threat containment, documentation, multi-team collaboration.
  • Network Security: Firewalls, endpoint protection, IDS/IPS, WAF technologies.
  • Governance & Compliance: ISO 27001, NIST frameworks, audit support.
  • Communication: Technical & executive reporting, security awareness writing and instruction.

Certifications