Vincent Jerald G. Mendoza

I'm a

About

With more than three years of experience in Cybersecurity, I have gained comprehensive knowledge across various branches of the field. My expertise spans from Malware Analysis and Email/Web Threats to Network Security, as well as identifying and mitigating both External and Internal threats. Throughout this time, I have honed my skills in proactively safeguarding systems, analyzing potential risks, and responding to security incidents to ensure protection against the evolving cyber risks.

Experience

I've immersed myself in the dynamic world of embedded systems early in my career, exploring the intricate realms of robotics, IoT, and automation. It's been an exhilarating journey, filled with the excitement of pushing boundaries and crafting innovative solutions. However, as my passion for technology evolved, so did my interests. Recently, I made a significant pivot into the realm of cybersecurity, drawn by the ever-growing importance of safeguarding digital infrastructures. This transition represents not just a career shift, but a thrilling new chapter where I can apply my knowledge and skills to protect against emerging threats in the digital landscape.

More than 2 years in Embedded Systems Development
Successful Projects Developed in Embedded Systems
More than 3 years of experience in Cybersecurity
Cybersecurity Certifications Earned

Skills

Proficient in the following:

  • Log Correlation and Analysis, OSINT, Threat Hunting
  • Email/URL Threat Analysis
  • IPS/IDS and SIEM(Splunk) Tools

Average skills in the following:

  • Network Administration
  • Malware Analysis and Debugging Tools
  • Java, Assembly, C++ Programming
  • HTML, CSS, Bootstrap

Basic skills in the following:

  • Linux, SQL, JavaScript, Python, JQuery, NodeJS, ExpressJS, GIT

Knowledgeable in the following tools:

  • Confluence, Jira, ServiceNow
  • Splunk, Microsoft Defender, Sentinel One, FireEye, Infoblox, Symantec, QRadar, Carbon Black, Extrahop, QRadar, ThreatGrid, CyberArk, Pacbot
  • OllyDbg, IDAPro, Wireshark, Fiddler, etc.

Soft Skills

  • Dedicated and hardworking individual
  • Self-motivated, initiative, maintains a high level of energy
  • Tolerant and flexible, can adjusts to different situations

Resume

Education

Bachelor of Science in Computer Engineering

University of Baguio, Philippines

Class Year 2020

Read more

Completed four research and study courses in CCNA

  • CCNA R&S: Introduction to Networks
  • CCNA R&S: Routing and Switching Essentials
  • CCNA R&S: Connecting Networks
  • CCNA R&S: Scaling Networks

Developed the INC Attendance Monitoring System using Bar Code

  • locally-hosted website that uses Bootstrap and PHP
  • The system is used to log the attendance of the church members using the Bar Code Technology

Developed the UB: Universal Electronic Tester

  • Arduino Microcontroller Based project
  • Final Year Project (Copyright Registered)
  • Currently being used in the University of Baguio Electronics Laboratory
  • Won 2nd Place in the University of Baguio Best Student Research (Applied Science Category) link of source

1st Place: Computer Programming Level 2

  • University of Baguio
  • April 19, 2018

1st Place: 1st Baguio City Robotics Cup - Sumobot Category

Professional Experience

CYBERSECURITY ANALYST — SOC ENVIRONMENT

SecureOps Incorporated, Philippines

January 2023—Present

  • Monitor several business-critical devices across multiple locations for a variety of clients
  • Monitor Splunk consoles and dashboards, and investigate security alerts
  • Creating tuning recommendations for IDS/IPS devices across client infrastructures
  • Identify/Investigate potential malware infections, intrusions, DoS/ DDOS attacks on client network space
  • Write analysis notes and reports detailing findings
  • Perform queries and research to complement monitoring
  • Perform Threat Hunting and analysis based on User Entity and Behavior Analytics, and Data Loss Prevention

THREAT RESPONSE ENGINEER — CORE TECH DEPARTMENT

Trend Micro Incorporated, Philippines

August 2021 - April 2022

  • WIN32 API Assembly Language Programming, File Operations and Windows Internals (Kernel, Boot-up, Registries, File systems, Processes and Threads, Windows Message, DLL, etc.)
  • Using different types of debuggers and tools (OllyDbg, IDAPro, Wireshark, Fiddler, etc.)
  • Web Concepts and Classification which involves:
    • URL Classification
    • Web Threat/Tech Support Scam Analysis
    • Ransomware/EK Analysis
  • Email and Internet Threat analysis and in classification which involves:
    • Spam/Scam classification
    • Ransomware/EK Analysis
    • Phishing Analysis
  • Malware Installation and Behavioral Analysis of Binary Threats
  • Decompiling and unpacking of binary files (C++, Delphi, VB, C#, and Packers)
  • Analysis in propagation of:
    • Direct Infectors
    • Encryption and Morphism
    • Indirect Infectors
    • Complicated Infection, Anti-debugging and anti-emulations
    • Worm techniques
    • Droppers, Downloaders, DGA
    • C&C, Backdoors, and Botnets
    • Key logging and Memory Scrapping
    • Ransomware
    • Rootkits and MBR Wipers
    • Exploits and ShellCodes
  • Analysis of interpreted programs such as:
    • Scripts (JS/VBS/Python) + HTML Malware
    • Fileless Infection Analysis
    • Macro Virus and Downloader Analysis
  • Conduct a Black Box analysis to different types of malwares and create a partial or complete malware report
  • Conduct detailed analysis and develop documentation on the behavior of the malware
  • Develop and document steps to contain and eradicate the malware, and how to recover from damages

Read more

EMBEDDED SYSTEMS DEVELOPER

Freelance / Project Based Contract

June 2019 - August 2021

  • Worked for Layad Circuits and Zaxxun Robotics in Project Based Contracts
  • Personal Projects Developed:
    • Gas Alarm System - A system that sends a text message to the user when a specific percentage of gas is sensed
    • Land Slide Early Warning Device - Sends an alarm to another system 1km away if system senses land movement or shifting of land
    • Jacket Heating System - System that automatically heats up the jacket to a specified range. Easily detachable and powered via a power bank of the user's choice
    • Vibration Sensing Door - A system wherein an alarm will be sent to the user via sms when a strong vibration is sensed from the door
    • Automatic Vacuum Controller - A system designed to automatically turn on the vacuum when a powertool/s is turned on
    • Line Tracing Robot Server - A line following robot that serves food to a specified table and goes back to its original position. Also added an auto-charging feature
    • 6DOF Robot Claw Programming - Programmed a robot to assemble food on a plate and to also mix coffee
    • Automatic Egg Incubator - Developed an egg incubating system with an accuracy of +-0.5 degrees celsius. Precisely controls temperature and humidity, as well as turn the eggs 90 degrees on each side at a specified interval. Also has an alarm feature and error/malfunction protection

ON THE JOB TRAINING: R&D/PRODUCT ASSEMBLY

Layad Circuits Electronics and Engineering Services

February 2019 - June 2019

  • Researched and documented the different ATMEL chips (ATTiny and ATMEGA)
    • Researched, tested, and documented the ATTINY85 and the ATTINY13A microcontrollers
    • Documented how to program the microcontroller, test its limits, and in what type of specifications and requirements it is best used
    • Researched on the bare minimum hardware specifications of the ATMEGA328P-PU microprocessor
    • Researched the ICSP configuration of the ATMEGA328P-PU and how to burn the bootloader
  • Designed a small development board for the ATMEGA328 chip
    • Took part in the research and development of the BYOA (Build Your Own Arduino)
    • The goal is to design a bare minimum Arduino Uno that you can make at home with very minimal tools
    • Link of source: LayadCircuits_Saleng_BYOA_v1.pdf
  • Developed a bootloader upload jig for the ATMEGA32-PU IC
    • A system that automatically programs the ATMEGA328P-PU IC with the Arduino Uno bootloader with just a push of a button
    • The system is designed using an Arduino Uno microcontroller as its main uploader and a 28pin ZIF socket for easy access
  • Developed an automatic wire dispenser
    • A wire dispenser that automatically dispenses a specified length of wire
    • The system developed had a margin of error of +-5%
    • Final project before the end of internship

Certifications

Certified in Cybersecurity

  • Organization: ISC2
  • Issue Date: February 2024
  • Skills: Access Controls Concepts Business Continuity (BC) Concepts, Disaster Recovery (DR) Concepts, Incident Response Concepts, Network Security, Security Operations, Security Principles
  • Verification Link
Your Image Description

Certified Cybersecurity Analyst

  • Organization: CompTIA
  • Issue Date: Julyt 2023
  • Skills: Behavioral Analytics, Blue Teamer, Cyber-incident Response, Cybersecurity Analytics, Cybersecurity Architecture, Cybersecurity Engineering, Reporting And Communication, Risk Management, Threat Intelligence, Threat Management, Vulnerability Analysis, Vulnerability Management
  • Verification Link
Your Image Description

Certified Penetration Tester (PenTest+)

  • Organization: CompTIA
  • Issue Date: July 2023
  • Skills: Attacks And Exploits, Cybersecurity Compliance, Embedded Device Testing, Exfiltration, Framework NIST, GDPR Compliance, HITRUST Compliance, Information Gathering, MITRE ATT&CK, PCI-DSS Compliance, Penetration Testing, Planning And Scoping, Reconnaissance, Red Teamer, Reporting And Communication, Secure Code Analysis, SOC 2 Compliance, Vulnerability Assessment, Vulnerability Identification, Vulnerability Management, Web Application Testing
  • Verification Link
Your Image Description

Certified in Cyber Threat Management

  • Organization: CISCO
  • Issue Date: February 2024
  • Skills: Common Vulnerability Scoring System (CVSS), Disaster Recovery, Evidence Handling And Attack Attribution, Governance, Incident Response, Network And Server Profiling, Penetration Testing, Risk Assessment, Risk Management, Secure Device Management, Security Assessments, Security Controls, The Cyber Kill Chain, The Diamond Model Of Intrusion Analysis, Threat Intelligence Services
  • Verification Link
Your Image Description

Security Analyst Level 1 (SAL1)

  • Organization: TryHackMe
  • Issue Date: March 2025
  • Skills: Case report, Cyber Security, Security Analysis, SOC Triage
  • Verification Link
Your Image Description

Splunk Certified Cybersecurity Defense Analyst

  • Organization: Splunk
  • Issue Date: July 2025
  • Skills: Alerting, Analyst, Big Data, Big Data Administration, Big Data Analysis, Big Data Analytics, Big Data & Analytics, Big Data Machine Learning, Cyber Defense, Cyber Kill Chain Framework, Cyber Risk, Cyber Safety, Cybersecurity, Cyber Security Standards, Cyber Security Systems, IT Security Intelligence, Monitoring, Security, SOC, Splunk, Threat Detection, Threat-Hunting
  • Verification Link
Your Image Description