Johnathan Dempsey CYBERSECURITY ARCHITECT
Open to FTE, 100% fully remote, detection engineering roles

Johnathan
Dempsey

Security Operations & Detection Engineering

10+ years driving enterprise security transformation, risk reduction, and operational resilience across Fortune 500 organizations. Experienced in Zero Trust Architecture implementation, AI-driven threat detection, NIST CSF 2.0 alignment, and multi-cloud security operations. Proven track record building Security Operations Centers from inception, reducing organizational risk by 40%, and managing $5M+ security budgets with demonstrated ROI.

Explore Experience Explore Publications Get in touch →
10+
Years in tech
12
Active certs
40%
Risk reduction
$5M+
Budgets owned
Johnathan Dempsey — Cybersecurity Architect, Detection Engineering Specialist Johnathan Dempsey · 2026

01 — Career history

Experience

Senior Manager, Security Operations

National Audubon Society Remote
Current 2024 — Present
  • Architected a MITRE ATT&CK-aligned threat detection framework, establishing detection maturity against enterprise TTPs and reducing Mean Time to Detect (MTTD) by 65%.
  • Orchestrated Security Operations Center development from inception, implementing AI-driven threat detection achieving 99.2% detection fidelity while reducing false positives by 95%.
  • Managed enterprise multi-cloud security monitoring strategy across AWS, Azure, and GCP with centralized threat intelligence integration, improving cloud security posture by 70%.
  • Led $32,000 annual cost optimization through strategic MDR platform migration, reallocating savings to establish vulnerability management and cloud detection capabilities.
  • Implemented phishing-resistant MFA for 1,000+ users via Okta IDP/IAM, achieving 100% adoption and 98% satisfaction while reducing authentication time by 90%.
  • Architected Okta as enterprise IdP across a hybrid Okta/M365 environment, implementing risk-based IAM, MFA, and automated JIT plus JML workflows for employees and third parties; owned org-wide SAML and OAuth integrations.
  • Deployed Tenable One across endpoint, cloud, web application, and ASM domains, establishing a net-new unified vulnerability management capability and advancing security program maturity.
  • Transitioned the organization to an AI-powered email security platform, reducing business email compromise (BEC) incidents by 99%.
  • Developed an AI governance roadmap ensuring secure GenAI adoption across enterprise environments while maintaining compliance with emerging regulations.
  • Achieved 99% security awareness training completion through strategic collaboration with HR, consolidating platforms and reducing training costs by 20%.
SOC build-out MITRE ATT&CK Okta IAM Tenable One AI governance Multi-cloud

Security Engineer

CrowdStrike Remote
2022 — 2024
  • Optimized behavior-based threat detection, reducing insider-threat false positives by 50% while enhancing detection fidelity.
  • Implemented Detection-as-Code processes using Bitbucket workflows, establishing a CI/CD pipeline for detection deployment and reducing deployment cycle time by 80%.
  • Automated CSIRT workflows via ServiceNow Flow Designer and Tines SOAR, decreasing analyst response time by 80%.
  • Managed multi-cloud security monitoring across AWS, Azure, and GCP infrastructure, implementing cloud-native detection strategies.
  • Reduced Mean Time to Respond (MTTR) by 70% and led transition of 30% of enterprise alerts from Splunk to Falcon LogScale.
  • Developed actionable threat intelligence frameworks for advanced persistent threats, including Scattered Spider campaigns.
Detection-as-Code SOAR automation Falcon LogScale Threat intel

Senior Security Engineer

U.S. Bank Remote
2022
  • Implemented security monitoring during the transition from on-prem data centers to Azure, architecting controls to facilitate the new cloud security program.
  • Increased approved detection logic by 20% through innovative detection engineering.
  • Embedded the MITRE ATT&CK framework into detection processes, enhancing threat-mapping capabilities and detection coverage.
  • Led a high-performing team of 4 security engineers, achieving consistent project milestones and KPI targets.
Cloud migration Detection engineering Team leadership

Security Engineer

Sunbelt Rentals Remote
2021 — 2022
  • Deployed enterprise-wide telemetry collection by implementing Sysmon across infrastructure, improving detection-engineering data richness.
  • Developed automated security workflows and custom SIEM parsers, enhancing SOC operational efficiency.
  • Executed advanced incident-response strategies, maintaining zero business interruptions during critical security events.
  • Optimized MSSP collaboration, improving security operations efficiency.
  • Architected the transition to Azure from on-prem to ensure monitoring and security controls aligned with NIST CSF.
Sysmon telemetry SIEM engineering NIST CSF MSSP

Security Engineer

CyberMaxx Remote
2020 — 2021
  • Customized SIEM detection logic and optimized MDR platforms to achieve client-specific security requirements.
  • Delivered advanced incident response through escalated SOC alerts.
MDR SIEM tuning Incident response

Systems / Network Engineering

Various Companies On-site
2013 — 2020
  • Progressive technical roles building the foundation for cybersecurity expertise across retail, critical infrastructure (OT), and finance sectors.

02 — Education & certifications

Credentials

Education

M.S. Cybersecurity

Georgia Institute of Technology

Expected 2027

B.S. Cybersecurity & Information Assurance

Western Governors University

2024

Certifications

CISSP

Certified Information Systems Security Professional

(ISC)²

CISM

Certified Information Security Manager

ISACA

GCIH

GIAC Certified Incident Handler

SANS · GIAC

GDAT

GIAC Defending Advanced Threats

SANS · GIAC

CDPSE

Certified Data Privacy Solutions Engineer

ISACA

CompTIA stack

Security+ CySA+ PenTest+ Cloud+ Network+ Project+ A+

03 — Competencies

Skills & Domains

Strategic Leadership

11
Executive Leadership Board Communication C-Suite Collaboration Strategic Planning Business Transformation Digital Transformation Change Management Cross-Functional Leadership Stakeholder Management P&L Management Budget Optimization

Security Frameworks & Governance

10
NIST CSF 2.0 NIST SP 800-53 NIST SP 800-207 Zero Trust ISO 27001 NERC-CIP MITRE ATT&CK PCI DSS 4.0 Risk Management GRC Third-Party Risk

Technical Domains

10
SOC Development Detection Engineering AI Security Governance Cloud Security Architecture Identity & Access Management Zero Trust Implementation Incident Response Threat Intelligence SIEM / SOAR Optimization Vulnerability Management

Emerging Technologies

4
AI-Powered Threat Detection Multi-Cloud Security (AWS / Azure / GCP) Detection-as-Code Security Automation

04 — Selected writing & talks

Publications

  1. Podcast The Importance of Accountability in Cybersecurity, Mentorship, and the Impact of AI Talent Gap Fireside Chat
  2. Article How to Decide: AI SOC vs MDR Daylight AI
  3. Article When Marketing Fails: AI SOC and the curious gap between vendor claims and user experience Cyber Futurists
  4. Podcast Detection Dispatch Ep. 50: 5 Signs You're Overengineering your Detection Logic w/ John Dempsey Detection Dispatch · Spotify

05 — Get in touch

Let's talk security.

Open to senior individual contributor roles in security operations, detection engineering, and security architecture.

LinkedIn