Endpoint Security
Microsoft Defender for Endpoint investigation, endpoint hardening, alert triage, and response workflow support.
Security Engineer · Terre Haute, Indiana
Cybersecurity portfolio for modern endpoint and identity defense.
I help strengthen security operations through practical endpoint defense, identity controls, incident response workflows, and risk-aware vendor reviews.
About
Security-minded, operations-aware, and focused on real controls.
I am Ryan Lopez-Dunn, a Security Engineer based in Terre Haute, Indiana. My work centers on protecting users, devices, and business systems through strong identity posture, endpoint visibility, and disciplined response practices.
I bring hands-on experience with Microsoft Defender for Endpoint, Entra ID, Conditional Access, MFA and phishing-resistant authentication, Cisco Umbrella, KQL hunting, incident response, endpoint security, identity security, vendor and security risk reviews, and PCI support.
My approach is practical and evidence-driven: identify the risk, improve the control, document the workflow, and make the next investigation faster.
Security Skills
Capabilities across endpoint, identity, detection, and risk.
Identity Security
Entra ID, Conditional Access, MFA strategy, phishing-resistant authentication, and account protection practices.
Threat Hunting
KQL hunting, detection review, suspicious activity analysis, and repeatable investigation documentation.
Incident Response
Alert validation, containment coordination, timeline development, evidence gathering, and post-incident improvement.
Network Security
Cisco Umbrella identity attribution support, DNS-layer visibility, and policy-centered investigation support.
Security Risk
Vendor and security risk reviews, control mapping, PCI support, and security-focused business analysis.
Projects
Safe summaries of practical security work.
Endpoint Detection
Microsoft Defender Investigation Workflow
Designed a repeatable investigation workflow for Defender alerts, including triage steps, evidence review, escalation points, and documentation habits.
Identity Controls
Conditional Access Security Improvements
Supported security improvements around Entra ID Conditional Access policies, MFA expectations, and stronger authentication coverage.
DNS Security
Cisco Umbrella Identity Attribution Support
Helped improve visibility into user and device attribution for Cisco Umbrella activity to support clearer investigation and policy review.
Vendor Risk
Identity Verification Vendor Research
Researched identity verification vendors with attention to security posture, business fit, control expectations, and implementation considerations.
Consulting Brand
LD Identity Security
Developed a personal consulting brand concept focused on identity security, practical control maturity, and accessible security guidance.
Certifications
Professional development and security learning.
Security Certifications
Add active cybersecurity certifications here as they are earned or renewed.
Microsoft Security
Recommended space for Microsoft security, identity, compliance, or endpoint-focused credentials.
Continuing Education
Use this section for labs, training, coursework, and professional security development.
Resume
Need the concise version?
Download a PDF resume with experience, projects, and cybersecurity focus areas.
Contact