About
Experienced cybersecurity professional with over 5 years of hands-on experience protecting networks, systems, and data from emerging threats. Skilled in risk assessment, incident response, and implementing effective security controls. Passionate about staying ahead of evolving cyber threats and helping organizations build strong, secure environments. Recently completed a cybersecurity certification and looking to apply technical and analytical skills in a real-world environment.
Skills & Expertise (54)
Work Experience
Cyber Security Analyst
South Trust Bank
Feb 2025 - Present
Directed security operations in a dynamic AWS cloud environment, ensuring robust protection of critical infrastructure and sensitive data. Engineered and deployed security monitoring with Splunk Enterprise Security, enabling real-time threat detection and analysis with custom alerts and dashboards. Executed proactive threat-hunting using the MITRE ATT&CK framework and threat intelligence platforms to identify and neutralize APTs. Conducted comprehensive vulnerability assessments and penetration tests on AWS infrastructure using Nessus and Qualys, driving timely remediation with IT and DevOps. Automated incident response playbooks using Palo Alto Cortex XSOAR, accelerating incident response and reducing resolution times. Configured and maintained AWS security services, including IAM, Security Groups, CloudTrail, Config, and GuardDuty, ensuring best practices for cloud and hybrid environments. Analyzed and reverse-engineered malware to identify attack vectors, strengthening the organization’s threat response and detection capabilities. Designed Python and CloudFormation scripts to automate detection, scanning, and policy enforcement, optimizing security workflows across environments. Led complex incident investigations, collaborating across teams to contain, mitigate, and resolve security breaches effectively. Developed and delivered targeted security awareness training, significantly reducing phishing risks and reinforcing a proactive security culture. Deployed and tuned XDR solutions, enhancing endpoint visibility and automating behavioral anomaly detection. Applied best practices for container security, hardening Docker and Kubernetes deployments across the CI/CD pipeline. Drafted and maintained security documentation, including incident reports and policies, supporting audit readiness and operational transparency. Performed forensic analysis on compromised systems, including memory/disk imaging and timeline reconstruction, to inform threat mitigation. Optimized network security configurations (firewall rules, IDS/IPS, VPNs), enforcing segmentation and access control policies. Utilized real-time and curated threat intelligence feeds (STIX/TAXII, OSINT) to craft detection rules and enrich alerts in SIEM. Supported hybrid environments by aligning AWS and on-prem security controls with NIST CSF and ISO 27001 frameworks. Developed and maintained custom playbooks in Palo Alto Cortex XSOAR to streamline alert triage and automate repetitive security workflows, significantly improving MTTR. Built Python-based automation scripts to parse alerts, enrich data from threat intel APIs, and trigger remediation workflows within SOAR pipelines. Integrated Git for version controlling detection rules, automation scripts, and playbooks, enabling structured collaboration within the security team. Collaborated with DevOps engineers to embed security controls into CI/CD pipelines, enhancing shift-left security practices and reducing misconfiguration risks.
SOC Analyst
Cylinder Health
Feb 2024 - Jan 2025
Investigated security alerts and anomalies across hybrid Windows and Linux environments, using Elastic Security and IDS/IPS tools (Suricata, Snort) for real-time threat detection and analysis. Performed vulnerability management using Nessus Professional and QualysGuard, conducting scans, prioritizing findings, and coordinating remediation with system owners. Contributed to incident response activities, assisting with triage, root cause analysis, containment, and recovery across cloud and on-premises assets. Configured and optimized SIEM detection rules, reduced false positives, and enhanced log correlation to improve response accuracy and visibility. Applied threat intelligence from internal and external TIPs to enrich investigations and strengthen detection use cases aligned with the MITRE ATT&CK framework. Assessed and documented cloud-specific security risks in AWS environments, aligning controls with best practices in IAM, security groups, and logging (CloudTrail, GuardDuty). Developed and maintained incident response playbooks and SOPs, ensuring repeatable, standardized procedures for various attack scenarios. Executed internal security audits and policy reviews, supporting ISO 27001 and GDPR compliance efforts and strengthening overall governance. Evaluated web application security posture using Burp Suite and OWASP ZAP, identifying injection flaws, authentication issues, and misconfigurations. Enhanced endpoint visibility and protection through effective deployment and tuning of antivirus, EDR, and host-based intrusion detection systems (HIDS). Analyzed network traffic via Wireshark and tcpdump, identifying lateral movement attempts and unauthorized data exfiltration patterns. Documented post-incident analysis and lessons learned, feeding insights into detection engineering and vulnerability mitigation processes. Partnered with cross-functional IT and infrastructure teams to ensure secure configurations and timely patch deployment across systems. Participated in red/blue team exercises to test detection capabilities and improve response coordination in real-time scenarios.
Network Engineer
Savanthis Solutions
Aug 2020 - Jul 2023
Assisted in managing network devices such as routers, switches, and firewalls to maintain reliable connectivity and secure communication within small to medium business environments. Supported configuration and monitoring of VPNs and access control lists (ACLs) to help enforce network access policies. Monitored basic network performance and security logs, escalating potential issues to senior staff for further investigation. Performed routine system administration tasks on Windows Server, including user account management and software updates. Delivered first-level technical support for network and system-related issues, documenting solutions to improve team knowledge sharing. Helped configure firewall rules and policies under supervision to protect network perimeter from unauthorized access. Participated in basic vulnerability scanning and patch management activities, assisting in identifying and reporting security risks. Assisted in deploying endpoint protection and intrusion detection systems, supporting overall security posture. Maintained network documentation, including configurations and maintenance logs, ensuring accurate records for operational continuity. Supported network segmentation projects by applying security controls to isolate sensitive areas within the network. Collaborated with IT and security teams during incident response efforts, providing network information and assisting in remediation tasks.
Education
Masters in Computer Science - Chicago State University
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
OPT
Relocation
Open to Relocation
Skills (54)
Click a skill to find developers with the same skill
