Dennis Lee
Verified Expert in Engineering
Cybersecurity Engineer and Developer
New York, NY, United States
Toptal member since May 15, 2025
Dennis is a results-driven cybersecurity engineer with 12+ years of experience securing digital assets and building resilient systems. He specializes in threat detection, incident response, vulnerability management, and ensuring compliance with industry standards. Dennis thrives on solving complex security challenges and empowering organizations to operate securely in a digital-first world.
Portfolio
Experience
- Endpoint Detection and Response (EDR) - 11 years
- Windows - 10 years
- Risk Management - 7 years
- Security Engineering - 6 years
- Identity & Access Management (IAM) - 5 years
- Security Management - 5 years
- IT Security - 4 years
- Architecture - 4 years
Preferred Environment
Windows
The most amazing...
...project I've led involved the rapid containment of a ransomware attack, restoring systems within hours and preventing data loss across a global enterprise.
Work Experience
Cybersecurity Engineer
SmartSign
- Managed security tools such as Zscaler, data loss prevention (DLP), SIEM, endpoint detection and response (EDR), and IAM, conducted assessments, facilitated governance support, spearheaded awareness campaigns, and managed vulnerability coordination.
- Conducted security assessments to identify gaps and ensure alignment with IT governance and compliance frameworks.
- Led security awareness initiatives to educate employees on cybersecurity best practices and reduce human-related risks.
- Coordinated with internal teams and vendors to manage vulnerabilities and ensure timely remediation of security issues.
- Headed project planning and implementation for security initiatives, ensuring successful execution aligned with business goals.
- Developed performance metrics to evaluate the impact of security projects and support data-driven business impact analysis.
Security Engineer
Cadwalader, Wickersham & Taft LLP
- Spearheaded migration from Cybereason to Trellix EDR, customizing exclusions and ensuring a smooth transition across all endpoints.
- Reduced the phishing success rate from 25% to 3% using monthly Proofpoint simulations and focused training programs.
- Deployed Tenable for vulnerability management, cutting vulnerabilities by 50% through weekly scans and remediation coordination.
- Conducted risk assessments and audits to support ISO 27001 compliance, implementing required controls and mitigation plans.
- Rolled out a full security stack, including Zscaler, SIEM, EDR, IAM, and PAM, to boost threat detection and response per industry standards.
- Managed and optimized Zscaler, DLP, SIEM, EDR, and IAM tools to protect enterprise assets and improve security operations.
Information Technology Security Engineer
City of New York
- Contained the WannaCry ransomware by quickly deploying McAfee ePO DAT updates and isolating infected network segments.
- Strengthened the cybersecurity posture by improving system hardening, patch management, and secure configurations.
- Created detailed incident response playbooks and SIEM procedures, standardizing SOC team operations and workflows.
- Led migration from McAfee ePO to CrowdStrike, deploying endpoint protection across 22,000 assets with tailored policies.
- Built a threat-hunting program based on the MITRE ATT&CK framework to proactively detect and analyze adversarial activity.
Experience
Enterprise EDR Migration from McAfee ePO to CrowdStrike
This complex project involved end-to-end planning, coordination with cross-functional teams, and phased deployment to ensure minimal disruption to daily operations. I developed and fine-tuned security policies tailored to various businesses, providing optimal protection without hindering performance. I also oversaw the configuration and tuning of sensor settings to align with organizational risk posture and compliance requirements. Additionally, I implemented automation and validation scripts to verify successful installations, monitor coverage gaps, and trigger alerts for failed deployments. Finally, I delivered training and technical documentation to the SOC and IT operations teams, enabling them to manage and respond to alerts in the new platform effectively.
As a result of this initiative, the organization saw improved threat visibility, faster incident response times, and reduced endpoint security overhead.
Certifications
CrowdStrike Administrator
CrowdStrike
CISSP - Certified Information Systems Security Professional
ISC2
Security +
CompTIA
ITIL
ITIL
Skills
Platforms
Windows, CrowdStrike, Rapid7, Azure, Zscaler
Languages
Python
Frameworks
Windows PowerShell
Paradigms
Security Software Development
Other
Endpoint Detection and Response (EDR), Operations and Incident Response, IT Project Management, Trellix EDR, Cyber Defense, Trellix ePolicy Orchestrator, Software, Security Management, IT Security, Security Engineering, Identity & Access Management (IAM), Security Operations Centers (SOC), Threats, Attacks, and Vulnerabilities, Risk Management, ISO 27001, Audits, Vulnerability Scanning, Qualys, Design, Cryptography and PKI, Vulnerability Management, Vulnerability Remediation, Defender Endpoint, CyberArk, SecureLink, Phishing Simulation & Analysis, SANs, Encryption, Symantec, ITIL 4, IT Projects, Architecture
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring