Gabe Corsini
Cloud Security Engineer | Microsoft Sentinel & XDR Specialist
Building and automating modern security operations for the enterprise.
About
I am a Cloud Security Engineer at GuidePoint Security, specializing in Microsoft Sentinel, Defender XDR, and security automation. My focus is on building and leading scalable security operations that detect, investigate, and respond to advanced threats.
With deep expertise in KQL, PowerShell, and Python, I deliver robust detection engineering, incident response, and continuous improvement for enterprise SOCs. My mission is to empower organizations to stay ahead of evolving threats through automation, analytics, and operational excellence.
Current focus: Leading the SIEM/XDR workstream for GuidePoint's Microsoft Security Practice, driving innovation in detection, response, and security automation.
Experience
Cloud Security Engineer / Microsoft Sentinel & XDR Lead
GuidePoint Security | May 2025 - Present- Lead architect for Microsoft Sentinel and Defender XDR deployments across enterprise clients
- Develop and automate advanced detections, incident response playbooks, and threat hunting queries (KQL, PowerShell, Python)
- Drive continuous improvement in SOC operations through automation and analytics
- Mentor and enable security teams on Microsoft security best practices
Security Engineer / Solutions Architect
Ardalyst Commercial, LLC | Jan 2023 - May 2025- Architected identity and security operations for 60+ Microsoft 365 environments, ensuring compliance with CMMC, DFARS, and other regulations
- Built and automated security operations centers to detect, investigate, and respond to threats in real-time
- Implemented Microsoft Sentinel, Defender XDR, Defender for Cloud, and Defender for Endpoint to enhance threat detection and response
- Developed KQL queries and Sentinel analytics rules for detecting anomalous activity in Microsoft 365 environments
- Provided pre- and post-sales support, enabling effective client deliverables across the entire customer journey
Information Systems Technician First Class (E6)
U.S. Navy | Sep 2012 - Dec 2022- Managed secure communications and security operations for mission-critical defense systems
- Led Microsoft 365 deployment for Operation Flank Speed, supporting 500,000+ users with secure identity and access management
- Implemented Entra ID and security solutions during large-scale remote work transformation
- Maintained classified system security protocols and incident response procedures
- Operated forward-deployed communications and security systems requiring zero-trust principles