Wiston Lestin – Cloud Security | Detection & Response

Wiston Lestin

Detection & Response • Security Automation • Cloud Security

Cybersecurity professional focused on Detection Engineering, Incident Response, and security automation across enterprise and cloud environments. Strong with Microsoft Sentinel/Defender XDR and automation that reduces MTTR.

Contact LinkedIn GitHub

About

I build scalable detections (Detection-as-Code), lead high-pressure investigations, and design SOAR playbooks that cut MTTR by 40–50%. Experienced across Microsoft Security Stack (Sentinel, Defender XDR, Defender for Cloud) with adaptability to AWS & GCP.

Skills Compétences

Detection-as-Code KQL Incident Response Threat Hunting Microsoft Sentinel Defender XDR Logic Apps / SOAR Python PowerShell Terraform Azure / AWS / GCP Splunk / Elastic Microsoft Graph API

Experience Expérience

Security Analyst – Detection & Response Operations

TC Transcontinental · Jan 2023 – Present

Reduced false positives by 40% via Sentinel rule tuning.
Cut MTTR by 50% using automated SOAR playbooks.
Led IR across 7,000+ endpoints.

Security Detection Analyst

Desjardins · Apr 2022 – Nov 2022

50% FP reduction in financial-sector detections.
Handled high-volume alerts in a regulated environment.

Information Security Specialist – Detection Engineering

Hitachi Systems Security · Oct 2021 – Apr 2022

Built enterprise SIEM detections and proactive hunts.
Managed EDR platforms and forensic investigations.

Network Administrator & Infrastructure Engineer

Various Organizations (European Union, HAYTRAC, Avancie) · 2006 – 2021

Built foundational cloud infrastructure and automation experience.
Developed strong systems administration background supporting current detection engineering expertise.
Managed enterprise networks and security implementations across diverse environments.

Selected Projects Projets sélectionnés

DefenderHunter Detection Framework

PowerShell-based hunting & detection system integrated with Microsoft Defender XDR and Sentinel for automated investigations.

Tech: PowerShell, KQL, Defender XDR, Sentinel

Network Share Enumeration System

Automated permissions analysis with CMDB sync and ServiceNow remediation workflows.

Tech: PowerShell, CMDB, ServiceNow

AuditCloud360 (In Dev)

Automated Azure & AWS security audit with reporting and alerting.

Tech: Azure, AWS, Python, Terraform

SecureOrbit360 (In Dev)

SOC workflow automation integrating Logic Apps and n8n (isolation, enrichment, ticketing, notifications).

Tech: Logic Apps, n8n, Defender XDR, Sentinel

Certifications Certifications

CompTIA CASP+
CompTIA PenTest+
CompTIA CySA+
CompTIA Security+
Microsoft Azure Fundamentals (AZ‑900)
ISC² Certified in Cybersecurity
ICSI Certified Network Security Analyst

Get in touch Contact

Open to IR, detection engineering, and security automation roles.

Email LinkedIn GitHub