Cybersecurity Engineer
USA
Cybersecurity Engineer with 4+ years of experience designing, implementing, and operating enterprise-grade security controls across cloud and on-prem environments. Specialized in SIEM/SOAR engineering, threat detection, incident response, and cloud security posture management.
Microsoft
Feb 2025 — Present
Lead detection engineering and incident response for enterprise cloud workloads using Microsoft Sentinel and Defender for Endpoint. Developed and tuned analytics rules, hunting queries, and correlation logic, reducing false positives by 35%. Designed automated SOAR playbooks (Logic Apps) to isolate endpoints, revoke sessions, and block malicious IPs—cutting manual triage time by 40%. Built threat-hunting pipelines using telemetry from Defender, CrowdStrike, and Azure logs. Deployed Terraform-based Azure hardening baselines aligned with CIS benchmarks, reducing misconfigurations by 50%. Conducted purple team exercises and penetration testing activities.
Cisco
Aug 2019 — Jun 2023
Implemented and managed enterprise perimeter and segmentation using Cisco Firepower, ASA, and SecureX. Integrated Cisco Umbrella telemetry into Splunk for centralized threat detection. Led vulnerability management and remediation using Qualys and Nessus, reducing high-severity findings by 45%. Developed and tuned IDS/IPS signatures; handled malware and ransomware incidents end-to-end. Designed secure remote access using AnyConnect and implemented Duo MFA for privileged access.
MSc · Information Systems
? – 2025
BTech · Computer Science