• Monitored security events in real-time using SIEM tools to detect potential security breaches.• Supported efforts to develop and refine incident response workflows and checklists.• Analyzed log data from various sources (firewalls, IDS/IPS) to correlate security events.• Monitored cloud infrastructure for security events, escalating any unauthorized access attempts.• Reviewed alerts generated by intrusion detection systems (IDS) and firewall logs for suspicious activity.• Identified and tracked the lifecycle of incidents, ensuring timely escalation when necessary.• Collaborated with the compliance team to ensure incident response actions met regulatory requirements.• I identified false positives and improved alert tuning to reduce noise in incident monitoring.• Analyzed network traffic and logs to identify patterns indicative of potential security incidents.• I maintained a working knowledge of security tools like Wireshark, Splunk, and Nessus.• Conducted account reviews and access audits as part of response efforts.• Supported the tracking and updating of open incident tickets in service management systems.• Actively participated in security awareness training to better recognize and report incidents.• Ensured accurate classification and prioritization of incidents for appropriate response.• Monitored email quarantine logs to detect potential phishing and malware threats.• Assisted in developing communication templates for timely incident response notifications.• Reviewed response activities regularly with team members for adherence to response protocols.

• Assisted in analyzing security events and escalating incidents to senior analysts.• Conducted vulnerability scans on network devices and reported findings to the security team.• Supported the review and update of access controls for compliance with HIPAA requirements.• Monitored email filtering systems for potential phishing attempts and spam.• Documented incident response actions and maintained detailed logs for audit purposes.• Reviewed firewall and intrusion detection system logs for anomalies.• Documented system vulnerabilities and prepared reports for vulnerability management meetings.• Supported encryption efforts for sensitive healthcare data in transit and at rest.• Maintained up-to-date documentation of all cybersecurity policies and procedures.• Analyzed logs from multiple sources to correlate data and detect potential threats.• Participated in routine security audits to verify adherence to internal controls.• Generated security reports for management and stakeholders on a monthly basis.• Supported the IT team with change management processes for security updates.• Contributed to the cybersecurity knowledge base by documenting incident response steps and best practices.

• Used AWS Security Hub to centralize and manage security alerts across multiple AWS accounts.• Configured and managed AWS Identity and Access Management (IAM) policies for secure access control.• Conducted vulnerability assessments using Amazon Inspector to identify and remediate system weaknesses.• Protected web applications using AWS WAF to filter and block malicious traffic.• Leveraged AWS Key Management Service (KMS) to manage encryption keys for sensitive data.• Utilized AWS Config to track resource changes and ensure compliance with security standards.• Configured AWS Shield for DDoS protection on critical resources.• Conducted regular reviews and tuning of AWS Firewall Manager for centralized firewall management.• Used AWS Organizations to manage account-level security policies across the organization.• Collaborated with the compliance team using AWS Artifact for auditing and compliance reporting.• Managed security incidents and response workflows in ServiceNow.• Utilized Splunk for log aggregation and analysis across on-prem and cloud systems.• Used AWS Secrets Manager to securely store and rotate access credentials.• Deployed AWS Systems Manager for patch management and secure remote access.• Collaborated on data protection efforts using AWS S3 Bucket Policies for access control.• Conducted continuous monitoring and threat detection with CrowdStrike Falcon EDR.• Created AWS Lambda functions to automate security tasks and incident responses.• Used Elastic Load Balancing (ELB) with security configurations to protect web applications.• Implemented security controls and rules in AWS Network Firewall for VPC protection.• Analyzed AWS CloudFront logs for monitoring CDN access patterns and blocking threats.• Monitored database activities and access with AWS RDS.• Developed and deployed Infrastructure as Code (IaC) templates using AWS CloudFormation.• Supported CI/CD pipeline security with AWS CodePipeline and Snyk.

• Experienced in active and passive reconnaissance part using various tools like Nmap, Maltego, and DNS Lookup to find out the attack surface of the whole network to think about how threat actors will collect information about the organization.• Experienced in threat modeling using Microsoft threat modeling software to identify and mitigate potential security issues early using a proven methodology.• Reviewed various documents/reports generated by third-party vendors to make sure that company assets are secured and monitored.• Assisting with the security operations team (SOC) and various projects to address current and potential security risks.• Worked on detect, protect, and respond concepts in CyberArk privileged access control system.• Detected and mitigated insider threats by utilizing CyberArk PAS/PAM components.• Responsible for creating attack methods to capture the flag on a target server.• Attacked a server through SSH and HTTP vulnerabilities after network and Nmap scans.• Educated on internal threat actors and keeping a check on external threat actors.• Participated in the implementation of AWS Cloud security for applications being deployed in the Cloud. Developed and configured rules and conditions to detect security vulnerabilities in the Cloud Front.• Implemented Security Group Policies within AWS. Developed AWS Service Roles to protect Identity Provider access. Provided monitoring, analysis, and escalation support for clients operating in the Amazon AWS cloud environment.