Post Job Free
Sign in

Cyber Security Engineer

Location:
Queens, NY, 11421
Posted:
June 19, 2025

Contact this candidate

Resume:

IMRAN RASHID

Sr. Cyber Security Engineer

*****.*********@*****.*** +1-872-***-****

PROFESSIONAL SUMMARY

Over 8 years of expertise in cybersecurity, specializing in SOC operations, threat analysis, incident response, and compliance with standards such as ISO 27001, NIST 800 series, FedRAMP and PCI-DSS.

Proficient in SIEM (Splunk, QRadar, Azure Sentinel, LogRhythm), endpoint security (Microsoft Intune, Tanium, Carbon Black), and identity management (SailPoint IIQ, IdentityNow, ForgeRock).

Skilled in firewall management (Palo Alto, Cisco ASA, Fortinet, CheckPoint), IDS/IPS, DLP, VPN, and cloud security (AWS, Azure, GCP).

Experienced in penetration testing, vulnerability scanning (Nessus, Rapid7, Burp Suite), digital forensics, and threat intelligence (STIX, Cloudflare Radar).

Leveraged Cyber Kill Chain framework, MITRE ATT&CK, Elasticsearch, and Kibana to enhance threat analysis, log aggregation, and visualization, strengthening incident response and threat detection in SOC environments.

Designed and implemented automated workflows for cloud and on-prem environments, integrating REST APIs and GitHub Actions to support secure, scalable DevSecOps practices.

Adept at scripting (PowerShell, Python, Bash) and automation for security operations, including REST API integration and CI/CD pipelines.

Strong background in network protocols (TCP/IP, OSPF, BGP, EIGRP), Active Directory, and endpoint management (Windows Autopilot, Kaseya).

Proven ability to design and implement security solutions, conduct risk assessments, and ensure compliance through GRC frameworks (COBIT, OWASP).

TECHNICAL SKILLS

Security Platforms: Splunk, QRadar, LogRhythm, Azure Sentinel, Google Chronicle, LogRhythm, IBM QRadar, CrowdStrike Falcon, Symantec, Rapid7 InsightVM/Nexpose, Burp Suite, Nessus, Tanium, FireEye

Cloud Security: Azure Security Center, AWS IAM, GCP Security Command Center, Microsoft Defender Suite (ATP, Sentinel, Defender for Endpoint/Identity)

EDR & DLP: Carbon Black, Tanium, Varonis, Symantec, AirWatch, McAfee, Proofpoint, CrowdStrike, Forcepoint

Firewalls/Network Security: Palo Alto, Cisco ASA, CheckPoint, Fortinet, F5, Juniper SRX, Armis, Gigamon, VPN, ACL, IDS/IPS, Cisco ISE

Automation/Scripting: Python, PowerShell, Bash, Terraform, Ansible, Jenkins, GitHub Actions

SOAR: Splunk Phantom, Demisto, SOAR integrations with STIX/TAXII, ticketing automation

Protocols & Networking: TCP/IP, OSPF, BGP, EIGRP, DNS, DHCP, SSL, TLS, VPN, SAML, OAuth

Compliance & Risk Frameworks: NIST 800-53, ISO 27001/27002, PCI-DSS, COBIT, FedRAMP, OWASP Top 10

Tools: Wireshark, OpenVAS, WebInspect, IBM AppScan, Acunetix, STIGs, EnCase, FTK, Ghidra, IDA Pro

Data & BI: Informatica ETL, SQL, Data Warehousing, Power BI, STIX Bundles

PROFESSIONAL EXPERIENCE

ACNB Bank – Gettysburg, PA

Sr. Cyber Security Engineer Jun 2024 – Present

Designed and deployed Splunk ES dashboards for real-time monitoring within the Cyber Incident Response Team (CIRT) and Cyber Security Operations Center (CSOC).

●Architected and managed cloud environments (AWS, Azure, GCP), configuring IAM, encryption, and Cloudflare services (WAF, CDN, DDoS protection).

●Conducted proactive threat hunting using CrowdStrike, Forcepoint, SecureWorks, and Cribl, reducing SIEM data storage costs by 40% through optimized log ingestion.

●Implemented SailPoint Identity IQ for identity and access management, integrating with cloud platforms and automating user provisioning.

●Managed Cisco ASA, Fortinet FortiGate, and Juniper SRX firewalls, configuring UTM policies and troubleshooting via CLI and Cisco Security Manager.

●Applied MITRE ATT&CK framework to map adversary tactics during threat hunting, integrating findings into Splunk Phantom for automated incident response, improving threat detection accuracy by 10%.

●Applied Cyber Kill Chain framework to structure threat hunting workflows, integrating Elasticsearch and Kibana with Splunk Phantom to visualize and analyze endpoint logs from CrowdStrike Falcon, improving mean time to detect (MTTD) by 15%.

●Integrated GitHub Actions with Splunk Phantom for automated security incident response, streamlining DevSecOps workflows and reducing manual intervention by 40%.

●Automated device provisioning with Windows Autopilot and enforced compliance policies using Microsoft Intune and Defender for Endpoint.

●Integrated STIX Bundles into Splunk and SOAR platforms (Splunk Phantom) to enhance automated threat intelligence and incident response.

●Conducted penetration testing with Kali Linux, Metasploit Pro, and Cobalt Strike, and performed risk assessments per NIST 800-53.

●Developed Ansible playbooks for CI/CD pipelines and PowerShell scripts for Azure resource management and CyberArk API integration.

●Configured Google Chronicle for real-time threat detection and forensic analysis, improving MTTD and MTTR by 20%.

Pure Insurance – White Plains, NY

Cyber Security Engineer Dec 2022 – May 2024

●Performed vulnerability assessments and implemented security countermeasures to protect PII and financial data, ensuring compliance with PCI-DSS.

●Deployed and managed CI/CD pipelines using AWS Lambda, CodePipeline, and CodeBuild, integrating cross-account policies and IAM roles.

●Conducted digital forensic investigations using Wireshark, PCAP, and TCPdump, and responded to incidents with Splunk and CrowdStrike Falcon.

●Upgraded legacy CheckPoint firewalls to Palo Alto appliances, enhancing application and URL inspection via Panorama.

●Utilized MITRE ATT&CK framework to map adversary tactics, techniques, and procedures (TTPs) during incident response, enhancing forensic investigations with Wireshark and CrowdStrike Falcon, reducing mean time to resolve (MTTR) by 25

●Utilized Cyber Kill Chain to map adversary tactics during incident response, configuring Elasticsearch and Kibana to create dashboards for visualizing PCAP data from Wireshark, enhancing phishing and malware detection efficiency by 20%.

●Configured Azure AD for O365 and Defender ATP, and implemented Cloudflare Universal SSL for end-to-end encryption.

●Managed MDM for 60,000 devices using Microsoft Intune and AirWatch, integrating with SCCM for hybrid environments.

●Automated security processes with PowerShell scripts for Azure, AWS, and VMware, and conducted DAST/SAST using Burp Suite and Checkmarx.

Custom Ink – Fairfax, VA

Cyber Security Engineer Jan 2021 – Nov 2022

Configured AWS CodePipeline, CodeBuild, and CodeDeploy for secure cross-account deployments, ensuring compliance with FedRAMP and PCI-DSS.

Conducted vulnerability assessments with Rapid7 Nexpose and Acunetix, and managed PCI compliance using Firemon Policy Planner.

Deployed Splunk Phantom SOAR for automated threat detection and response, testing out-of-the-box use cases.

Managed Docker containers for Splunk Phantom SOAR deployments, optimizing resource utilization and enabling scalable DevOps processes.

Applied MITRE ATT&CK to enhance threat modeling in Splunk Phantom deployments, creating Elasticsearch and Kibana dashboards to visualize TTPs from Rapid7 Nexpose scans and streamlining threat detection.

Managed Palo Alto firewalls, troubleshooting User-ID, App-ID, and Content-ID via Panorama, and configured GCP firewall rules and Cloud CDN.

Evaluated Cyber Kill Chain for threat modeling in Splunk Phantom SOAR deployments, using Elasticsearch and Kibana to aggregate and visualize logs from AWS CloudTrail, streamlining automated threat detection processes.a

Built automated detection programs using AWS CloudWatch, CloudTrail, and Lambda, and conducted network assessments with Tenable Nessus.

Deployed SailPoint Identity IQ, integrating with JDBC, LDAP, and AD connectors, and supported Azure cloud security strategies.

Automated Java testing scripts using Selenium and Sikuli in Agile environments.

Grange Insurance – Columbus, OH

Cyber Security Analyst Apr 2019 – Dec 2020

Managed QRadar for SIEM tuning, threat detection, and incident response, and supported Splunk for threat intelligence analytics.

Conducted forensic analysis using Ghidra, IDA Pro, EnCase, and FTK, and developed Python parsers for log anomaly detection.

Supported DevSecOps pipelines using Terraform for AWS/GCP cloud migrations, embedding IAM roles and encryption for compliance with FedRAMP.

Leveraged MITRE ATT&CK framework during forensic analysis with Ghidra and EnCase, identifying IOCs and improving incident response plans for web application vulnerabilities.

Performed quarterly penetration testing, identifying SQL injection and access control vulnerabilities in web applications.

Supported cloud migration to AWS and GCP, configuring IAM roles, encryption, and Terraform-based DevSecOps pipelines.

Contributed to red team engagements, focusing on internal web apps and threat modeling documentation.

Dime Community Bank – Brooklyn, NY

Cyber Security Analyst Jun 2017 – Mar 2019

Integrated QRadar and Nessus for SIEM and vulnerability scanning, supporting initial Splunk deployment for enterprise systems.

Analyzed endpoint and server logs to identify malware behavior and IOCs, using Python for automated health checks of SIEM pipelines.

Configured GCP environments for cloud migration, ensuring FedRAMP compliance through IAM and encryption settings.

Conducted basic penetration testing and vulnerability scanning using custom scripts and Nessus.

EDUCATION & CERTIFICATIONS

Bachelor of Business Administration (BBA), North South University, Bangladesh – 2008.

Master of Business Administration (MBA), Cardiff Metropolitan University – 2010.

Certifications:

oCompTIA Security+

oCompTIA A+



Contact this candidate