Inside the Red Canary Security Operations Center: Meet Sean O’Hara

Suzanne Moore

Share this Project

If you’ve met anyone in the Red Canary Security Operations Center, you know we don’t hire run-of-the-mill security analysts. To bring you the best Managed Detection & Response, we hire the best. Without further ado: meet Sean O’Hara. As part of the Red Canary Security Operations Center team, Sean continually investigates threats in our customers’ environments and improves our detection coverage.

Tech Is in His DNA

Sean has a broad and diverse background across engineering, architecture, application security, cryptography, reverse engineering, incident response and forensics. He joined the Red Canary Security Operations Center from the HPE Helion Security Team where he worked to support the security of global organizations. As a part of his role, he was responsible for defining, integrating, and processing multiple forms of intelligence (OSINT, commercial, and IR-related) and the breadth of customer telemetry (IDS/NSM/Endpoints/Logs/Business data).

Prior to HPE, Sean worked as a Tier III Threat Analyst at AT&T supporting advanced investigations and hunting for threats.

Sean’s love of computers and technology is in his DNA. “My dad was a computer geek,” Sean explained. “We had BBS systems when no one was into computers. I got around a bunch of people who were doing exploits and became intrigued. Someone I knew was getting hacked repeatedly and it was fun to figure out how that happened.”

Sean began honing his expertise in the military; he started out as an intrusion detection analyst monitoring over 100 Air Force bases. He then quickly moved up to an Incident Response Analyst on the Air Force Computer Emergency Response Team (AFCERT) performing network and system forensics.

Joining the Red Canary Security Operations Center

Sean O'Hara, Red Canary Security Operations Center“I like Red Canary because we’re actually making security better for our customers,” Sean said. “Half of Endpoint Detection and Response (EDR) systems are alerts and noise, and I’ve seen what it’s like for IT teams to deal with hundreds or thousands of alerts per day. We’re paring down the noise and doing the heavy lifting for our customers—analyzing all the things they don’t have the time, resources or technical capabilities to manage—and then helping them take action. It’s really motivating to continually find better ways to help companies secure their assets, and that’s all built into the system at Red Canary.”

This is reinforced by Keith McCammon, our Chief Security Officer: “One of the things that attracted us to Sean was his breadth of knowledge and experience. We deal primarily in endpoint data, but you can’t deliver a high quality of service unless you also understand the competing signals that customers receive from other types of detection technologies and controls. This includes everything from firewalls and network security monitoring stacks at the perimeter to internally-focused controls such file integrity monitoring and data loss prevention.”

Sean understands firsthand what it’s like to design, build and ultimately respond to each class of system; but more importantly he understands what it means to be on the receiving end of all of them at once.

Keith explained, “Our security team solves problems for our customers every day. In order to continue doing this we need to understand our customers’ challenges at a very low level, and Sean brings a wealth of this understanding to the team.”

Are you looking to hire someone like Sean? The power of the Red Canary Security Operations Center is that our customers around the world now have Sean O’Hara investigating potentially suspicious activity in their environment and enabling their rapid response.





Request a demo with Red Canary