E p h r em T e kwe
Cybersecurity Analyst
Middletown,Ohio45044•267-***-****•***************@*****.***
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Experienced and adaptive Cybersecurity Analyst with over 5 years of hands-on expertise across diverse security domains.
Strong foundation in incident response, vulnerability management, threat hunting, and compliance auditing.
Skilled in implementing technical safeguards aligned with frameworks like NIST, CJIS, and ISO 27001.
Demonstrated success in managing system security operations in both cloud and on-prem environments.
Highly experienced in tools such as Splunk, CrowdStrike, Qualys, and Burp Suite for monitoring and threat detection.
Collaborated with legal, audit, and infrastructure teams to manage evidence, remediation, and regulatory obligations.
Effectively conducted user access reviews, risk assessments, and security awareness training initiatives.
Ability to articulate complex security issues to technical and non-technical audiences alike. Proven ability to manage end-to-end security projects and lead initiatives that reduced cyber risks by over 40%.
Eager to contribute deep technical skills to support organizational cybersecurity resilience and growth.
Led incident response efforts using CrowdStrike and Microsoft Sentinel, coordinating threat containment and recovery.
Implemented SIEM dashboards in Splunk to detect anomalous behaviors, improving response times by 35%.
Conducted quarterly risk assessments and authored technical reports based on NIST 800-53 and DFARS requirements.
Maintained compliance with ISO, CMMC, and HIPAA through automated access reviews and audit trail validations.
Integrated Qualys vulnerability scans into CI/CD pipelines, ensuring pre-production security posture alignment.
Developed and tested the Cyber Incident Response Plan (IRP) and led multiple IR simulation exercises.
Work E x p e r i e n c e
CybersecurityAnalyst AFS Arlington, VA DECEMBER 2022 – PRESENT
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Administered multi-factor authentication systems (Duo, Okta), enforcing Zero Trust principles across departments.
Utilized Burp Suite and Wireshark for penetration testing and network packet analysis. Managed firewall policies using Palo Alto Networks to ensure optimal segmentation and policy enforcement.
Configured AWS GuardDuty and IAM policies to protect cloud workloads and enable secure least privilege access.
Led remediation for vendor risk assessments, ensuring third-party partners adhered to SOC 2 and GDPR standards.
Monitored and responded to alerts from SOAR platforms to enhance TDIR (Threat Detection, Investigation, and Response).
Created documentation and SOPs on encryption, endpoint hardening, and backup/recovery protocols.
Oversaw security training and phishing simulations to raise organization-wide cyber awareness. Assessed and hardened Windows and Linux servers using CIS benchmarks and real-time log monitoring.
Performed security log reviews and triaged SIEM alerts from QRadar for intrusion detection and escalation. Supported incident investigation and malware analysis using tools like Sysmon and FTK Imager. Maintained and configured endpoint protection platforms including Microsoft Defender and CrowdStrike.
Managed and administered user permissions ensuring RBAC policies were enforced using Active Directory.
Assisted in drafting and enforcing cybersecurity policies per PCI-DSS, CCPA, and internal audit standards.
Deployed security patches and conducted vulnerability scans using Nessus to reduce attack surface. Worked with DevOps to review container security settings in Docker and Kubernetes environments. Led SOC operations for phishing response, analyzing email headers and malicious payloads. Developed custom alert rules in Splunk and correlated events for actionable insights. Managed firewall and VPN access logs ensuring secure perimeter traffic flow and anomaly reporting. Conducted disaster recovery and business continuity testing and ensured compliance with audit controls.
Reviewed and completed third-party vendor security questionnaires to ensure proper data governance. Integrated security toolsets into cloud-native workflows on Azure and Google Cloud. Collaborated with Legal and GRC teams to ensure SOC 2 readiness and audit preparedness. Documented security controls, escalation workflows, and internal playbooks for Tier 1 and Tier 2 teams. Delivered cyber awareness sessions and played a central role in training initiatives. Performed regular network segmentation audits to enforce security zoning across enterprise systems.
Information Security Analyst Bank of America Columbus, OH JUNE 2020 – DECEMBER 2022 IT SUPPORT Shoe Discount Warehouse Hamilton, OH JANUARY 2019 – JUNE 2020
•
•
•
•
Installation of computer Hardware, Imaging OS
Implementing data security systems.
Routine check and maintain computer hardware and peripherals. Install, configure and manage software and their functions according to specifications. Security Tools: Splunk, QRadar, Microsoft Sentinel, CrowdStrike, Burp Suite, Qualys, Nessus, Sysmon, Wireshark, FTK Imager, Palo Alto, GuardDuty, Azure Sentinel, Okta, Duo, FTK, tcpdump Cloud & Infrastructure Security: AWS, Azure, GCP, IAM, VPN, Docker, Kubernetes, CASB, Cloud Compliance, Virtualization
Threat Management: Threat Hunting, Incident Response, Malware Analysis, EDR/XDR, SOAR, SIEM, Zero Trust, IOC Correlation, Dark Web Monitoring, Anomaly Detection Compliance & Governance: NIST 800-53, CJIS, PCI-DSS, ISO 27001, SOC 2, HIPAA, CCPA, GDPR, DFARS, FedRAMP
Networking & Endpoint: Firewall Configuration, Endpoint Hardening, DLP, RBAC, MFA, Active Directory, Network Segmentation, Tokenization, Patch Management, Forensics Scripting & Automation: PowerShell, Python, Automation Playbooks, Security Policy Development, Log Parsing, Audit Reporting, CI/CD Integration, Evidence Lifecycle Management, SIEM Rule Tuning, Configuration Management
S k i l l s
E d u c a t i o n
BachelorofScienceinComputer engineering University of Buea AWS,A m a z o n w e b s e r v i c e ;
C e r t i f i e d
2007-2011