Available · Open to collaboration

Daniel Andrawis

Chief Executive Officer & Founder, AndrawisTech

New York City, New York

← Back to Team Get in Touch LinkedIn
About

Cybersecurity Professional & Entrepreneur

Daniel Andrawis is a cybersecurity professional and entrepreneur based in New York City. As a Defense and Resilience Analyst at Deloitte, he specializes in advanced threat detection and security operations at scale — building analytics pipelines across over 4 petabytes of data on Google SecOps.

With 2+ years in the security industry, Daniel brings deep technical expertise and a builder's mindset to everything he does. He is the founder of AttackMesh, a full-stack penetration testing management platform designed for authorized security engagements.

Fluent in both English and Russian, Daniel brings a global perspective to his work across threat detection, incident response, and security operations.

Deloitte Current Employer
4+ Certifications
4 PB+ Data Analyzed
2+ Years in Security
Career

Work Experience

Defense & Resilience Analyst

Deloitte · New York, NY

Current Aug 2025 – Present

Advanced Analytics Data Lake Initiative

  • Developed advanced threat detection analytics for SecOps on Google SecOps, utilizing Elastic to analyze over 4 petabytes of data
  • Optimized Elastic query performance and modeled ML detection outputs to enhance monitoring accuracy across SecOps environments
  • Integrated Tines with Elastic to design and deploy automated security playbooks, streamlining incident response
  • Designed and implemented a SecOps cost model and revised ingestion architecture, optimizing platform pricing and resource usage
  • Configured and customized playbooks in the Tines SOAR platform to enhance security operations processes
Google SecOps Elastic Tines SOAR Threat Detection ML

Risk & Financial Advisory — Detection & Response Intern

Deloitte · New York, NY

Jun 2024 – Aug 2024
  • Built a dynamic dashboard to visualize threshold data, enhancing situational awareness and reducing analyst response time
  • Triaged health monitoring alerts, accurately filtering out false positives to improve signal-to-noise ratio
  • Designed and implemented a transitional tool to streamline migration to a new ticket management system
Incident Response Dashboard Development Alert Triage

Operations Support Intern

Center for Internet Security · East Greenbush, NY

May 2023 – May 2024
  • Guided SLTT government partners through onboarding and technical support for CIS-provided cybersecurity tools
  • Consulted partners on implementing CIS benchmarks in production environments
  • Monitored and managed client endpoints via CrowdStrike Falcon Gov, ensuring compliance with security protocols
  • Streamlined ticketing operations by distributing workloads and mitigating backlog
CrowdStrike Falcon CIS Benchmarks Government Compliance

Certifications

CompTIA Security+

CompTIA

Tines Core Certification

Tines

Tines Advanced Certification

Tines

Belkasoft iOS Forensics

Belkasoft

Technical Skills

Google SecOps Elastic / ELK CrowdStrike Falcon Tines SOAR MITRE ATT&CK NIST Compliance CIS Controls PCI Compliance Cyber Threat Intelligence Red Teaming Digital Forensics OSINT Atlassian Suite Infrastructure Development

Programming & Languages

Python Bash SQL Russian — Native / Bilingual