Work

Resume – Tony Muzo

Resume
Cybersecurity
Threat Intelligence
Incident Response
SOC
CTF

Professional resume of Tony Muzo — Cybersecurity analyst, team lead, and threat intelligence specialist.

Tony Muzo resume preview

Tony Muzo

Location: 629 King Street West, Toronto, ON M5V 0G9
Phone: 437-962-8228
Email: tony@tonymuzo.dev
Portfolio: tonymuzo.dev

Summary

Cybersecurity professional with 8+ years of experience in Security Operations, Incident Response, and Threat Intelligence. Proven ability to progress from SOC analyst to leading investigations and producing actionable intelligence reports. Skilled in threat actor analysis, vulnerability management, and aligning defensive operations with organizational risk.

Explore projects, labs, and detailed reports at tonymuzo.dev — including threat actor profiles, automation scripts, and CTF results.

Professional Experience

Threat Intelligence Analyst

One Arrow Consulting – Toronto, ON
May 2025 – Present

  • Research and profile ransomware groups, mapping TTPs and infrastructure to MITRE ATT&CK.
  • Produce intelligence deliverables with IOCs, detections, and behavioral analysis for SOC and IR teams.
  • Monitor dark web and leak sources for emerging campaigns.
  • Deliver concise technical and executive intelligence reports to guide defense strategy.

Security Analyst

City of St. John’s – St. John’s, NL
Jan 2024 – Jul 2025

  • Monitored endpoints and networks using Cisco Secure Endpoint, Cisco FTD, and Wazuh SIEM.
  • Conducted vulnerability scanning, remediation tracking, and policy enforcement using Intune & GPO.
  • Supported incident triage, recovery, and post-incident documentation.

Incident Responder

Cisco Security (Contract via E-Solutions) – Remote
Jan 2020 – Feb 2023

  • Investigated malware, phishing, and credential compromises across global client networks.
  • Built and refined response playbooks; contributed to lessons-learned reports.
  • Delivered tactical remediation guidance to improve client resilience.

SOC Analyst (Tier 1–2)

Symantec Corporation – Toronto, ON
Sep 2016 – Dec 2019

  • Progressed from Tier 1 to Tier 2 SOC Analyst handling escalations and containment workflows.
  • Analyzed anomalies in endpoint and access logs to detect suspicious activity.
  • Collaborated with intelligence teams to assess threat campaigns.
  • Supported global 24/7 monitoring, alert triage, and escalation processes.

Competitions & Achievements

National Cyber League (NCL) – Fall 2025

Platform: Cyber Skyline

  • Team Game: Ranked 214 / 4,215 (Top 5%) — served as Team Captain, leading coordination and strategy across OSINT, Web Exploitation, and Log Analysis modules.
  • Individual Game: Ranked 989 / 7,865 (Top 12.5%) — excelled in Cryptography, Password Cracking, and Network Traffic Analysis.
  • Detailed performance pages: tonymuzo.dev/ncl-team | tonymuzo.dev/ncl-individual

Skills & Expertise

  • Threat Intelligence: Ransomware Profiling | Adversary TTP Analysis | MITRE ATT&CK Mapping
  • Security Operations: Event Monitoring | Incident Coordination | Access Control Management
  • Incident Response: Threat Containment | Documentation | Cross-Team Collaboration
  • Network Security: Firewalls | Endpoint Protection | IDS/IPS | WAF
  • Governance & Compliance: ISO 27001 | NIST | Security Audits
  • Communication: Technical Reporting | Executive Briefing | Security Awareness

Certifications

  • GFACT – GIAC Foundational Cybersecurity Technologies
  • GSEC – GIAC Security Essentials Certification
  • GCIH – GIAC Certified Incident Handler
  • Wazuh Certified Trainer
  • AWS Secure Builder – SEC480
  • SEC402 & SEC403 – Cyber Security Writing and Speaking
  • SEC495 – Leveraging LLMs: Building & Securing RAG and Agentic RAG

Additional Information

For detailed projects, threat actor reports, and automation work:
🔗 tonymuzo.dev