Sampath Thota

Cybersecurity Engineer

📍 Birmingham, AL, USA

🟢Aping In

Cybersecurity Engineer with 4+ years of experience in SOC detection engineering, cloud security, and DevSecOps across finance, enterprise, and platform environments. Built end-to-end security workflows covering SIEM-based threat detection, automated incident response, and cloud-native application security using AWS and Splunk. Applies MITRE ATT&CK, Zero Trust, and IaC practices to reduce detection gaps and improve system resilience.

Skills

Splunk Enterprise SIEM9/10

MITRE ATT&CK9/10

Zero Trust Architecture8/10

AWS Security (IAM, EC2, S3, CloudTrail, KMS)8/10

DevSecOps / CI/CD Security8/10

Incident Response (NIST 800-61) (8/10)Microsoft Sentinel (8/10)Python (8/10)SOAR Playbooks (8/10)Linux Security Hardening (7/10)Ansible (7/10)Bash / PowerShell (7/10)Nessus / Qualys (Vulnerability Management) (7/10)OWASP ZAP (7/10)Terraform (7/10)Burp Suite (7/10)Cloud Security Posture Management (CSPM) (7/10)CrowdStrike Falcon (EDR) (7/10)Risk & Compliance (NIST, ISO 27001, SOX, PCI-DSS) (7/10)Active Directory / Group Policy (7/10)

Work Experience

Cyber Security Engineer

Morgan Stanley

Sept 2025 — Present

Optimized Splunk and Microsoft Sentinel detection workflows for high-volume financial systems, ingesting AWS CloudTrail and EDR telemetry to reduce response time from 5 to 3.2 hours. Developed MITRE ATT&CK-aligned correlation rules reducing 120+ monthly false positives. Built SOAR-based incident response playbooks in Python enabling EC2 isolation and IAM revocation within 15 minutes. Remediated 110+ AWS misconfigurations aligned with SOX and PCI-DSS standards.

Cyber Security Engineer

Airbnb

Aug 2021 — Dec 2023

Implemented Zero Trust architecture on AWS using Terraform and IAM policies. Engineered a DevSecOps pipeline integrating Burp Suite and OWASP ZAP, reducing vulnerability remediation SLA from 30 to 7 days. Secured 150+ containerized microservice endpoints with WAF rules. Consolidated 25 secret stores to 6 centralized systems. Automated GDPR/CCPA compliance reporting with Python and Ansible, saving 200+ hours annually. Directed threat hunting and red/blue team exercises integrating SOAR workflows.

Junior Cyber Security Engineer

Dell Technologies

Jan 2020 — Jul 2021

Implemented network segmentation and access controls using Active Directory Group Policies across 850+ enterprise endpoints. Supported PowerProtect Cyber Recovery vault deployment using AWS CloudFormation and Terraform across 5 data centers. Developed Python-based SIEM integrations with CrowdStrike Falcon, creating 60+ custom IOCs. Integrated Metasploit, Burp Suite, and OWASP ZAP across 25+ firmware releases. Hardened 150+ servers with STIG-based configurations via PowerShell and Active Directory.

Education

University of Alabama at Birmingham

MSc · Cyber Security

2024 – 2025