SJVIK
← stevenjvik.tech

Steven J. Vik

Cybersecurity Analyst · Security Operations · Incident Response

Seattle, WA steven@stevenjvik.tech linkedin.com/in/stevenjvik stevenjvik.tech

Professional Summary

Security operations professional with 5+ years across enterprise SOC environments, DoD installations, and law enforcement agencies. Expertise in SIEM-driven threat detection (Splunk, LogRhythm), Python automation for incident response workflows, and compliance adherence to NIST 800-53, CJIS, HIPAA, and DISA STIG. Demonstrated track record of reducing MTTR, building scalable detection playbooks, and maintaining operational discipline in 24/7 critical infrastructure environments.

Work Experience

IT Operations Center Analyst

Mar 2024 – Mar 2025

Sound Transit — Seattle, WA  ·  Contract via Infojini

  • Operated as primary SOC analyst in 24/7 enterprise environment monitoring 3,000+ endpoints across regional transit infrastructure
  • Built Python automation for alert validation — reduced MTTR by 40%, eliminated false-positive fatigue across the analyst team
  • Resolved 150+ security incidents per month via Splunk, SolarWinds, and Blackrock3 at 99.9% SLA
  • Rebuilt ServiceNow ITSM workflows to match actual SOC escalation paths; authored SOPs that cut analyst onboarding time by 25%
  • Maintained CJIS Level 4, HIPAA, and NIST 800-53 compliance with zero violations throughout the engagement
Splunk SolarWinds Python ServiceNow NIST 800-53 HIPAA CJIS Level 4

IT Security Specialist

Mar 2017 – Mar 2018

Joint Base Lewis-McChord — Tacoma, WA  ·  Contract via TEKsystems

  • Hardened Windows 10 environments for 500+ DoD users via DISA STIG — reduced unauthorized access incidents by 25%
  • Developed Splunk SIEM threat hunting protocols targeting lateral movement and privilege escalation; adopted as team-wide standard
  • Built vulnerability management strategy combining CVSS severity with asset criticality; improved security posture metrics by 35%
  • Deployed STIG baseline across all endpoints with zero service interruptions; enforced GPO-based controls and hardened AD configuration
Splunk DISA STIG Active Directory Threat Hunting Vulnerability Management Windows Server

IT Consultant

Mar 2020 – Mar 2021

Seattle University & City of Medina PD — Seattle, WA

  • Secured hybrid operations for academic and law enforcement clients during COVID-19 continuity response
  • Delivered CJIS-compliant endpoint security for 200+ users across both client environments
  • Redesigned SolarWinds monitoring workflows — improved SOC efficiency by 20%
  • Authored incident response playbooks adopted for cross-team knowledge transfer and onboarding
CJIS SolarWinds Endpoint Security IR Playbooks Remote Access

Enterprise Technology Auditor

Jul 2023 – Jan 2024

TES USA / Amazon Campus — Tukwila, WA

  • Coordinated infrastructure audits across 20+ Amazon buildings — AV systems, Cisco hardware, and projector infrastructure
  • Streamlined asset inventory documentation and developed improved tracking processes that shortened audit cycles and improved equipment accuracy
Asset Inventory Cisco Infrastructure Auditing Documentation

Technical Skills

SIEM & Detection Splunk, LogRhythm, SolarWinds, Blackrock3
Scripting & Automation Python, PowerShell, Bash
ITSM ServiceNow
Infrastructure Linux, Proxmox VE, Windows Server, LXC/Docker, Tailscale
Compliance NIST 800-53, HIPAA, CJIS Level 4, DISA STIG, ITIL
Security Disciplines Incident Response, Threat Hunting, Vulnerability Assessment, Digital Forensics, Malware Analysis

Certifications

Active

CompTIA Security+ CompTIA Network+ CompTIA A+ ITIL Foundation Linux Essentials (LPI 010-160) CJIS Level 4 Google Cybersecurity Certificate

In Progress — 2026

CCNA CySA+ PenTest+ Linux+ Project+ SSCP CEH

Education

B.S. Cybersecurity & Information Assurance

Western Governors University  ·  Expected 2026

A.A. Cybersecurity & Forensics

Highline Community College