Cyber Security Engineer

Kanz Ul Eman

Richmond, TX +1-309-***-**** ************@*****.*** LinkedIn

SUMMARY

Cyber Security Engineer with over 5 years of experience in designing, deploying, and managing secure enterprise IT infrastructures, both on-premise and across multi-cloud environments. Expertise in developing end-to-end cybersecurity strategies that encompass risk assessment, and the implementation of security best practices to safeguard organizational assets. Adept at configuring and optimizing network security through the management of routing protocols such as OSPF and BGP, while securing communication channels over protocols including TCP/IP, HTTP/S, DNS, and VPN.

SKILLS & CERTIFICATIONS

Networking Protocols: TCP/IP, IPv4, VPN, HTTP, DNS, LAN/WAN, OSPF, BGP Security Tools: Nmap, Snort, TCPDUMP, Nessus, Wireshark, Core Impact, OpenVAS, HIDS/HIPS, SIEM (Splunk), Active Directory, IDS/IPS, DNS, DHCP, Burp Suite, OWASP, MetaSploit, Vulnerability Scanning, SIM Tools Security Frameworks & Standards: NIST, ISO 27001, CIS Controls, GDPR, SOC 2, PCI DSS Cloud Security: AWS (Identity and Access Management, EC2, S3, VPC, CloudTrail, CloudWatch, Security Hub), Cloud Security Posture Management (CSPM), Defender XDR, Sentinel, PIM, Entra ID Operating Systems: Windows, Linux (Kali Linux, Parrot OS, Ubuntu), macOS Certifications: CEH (Certified Ethical hacking) certification through Coursera, CompTIA ++ Security EXPERIENCE

Citi Group TX, USA

Cyber Security Engineer Apr 2024 - Present

• Performed root cause analysis of phishing, malware, and brute-force attacks using endpoint telemetry and log data from EDR and SIEM systems.

• Optimized Splunk SIEM configurations by enhancing correlation rules and custom dashboards, increasing threat detection accuracy by 35% and reducing mean time to respond (MTTR) by 20%.

• Directed formal risk assessments aligned with the NIST Cybersecurity Framework, maintaining a comprehensive Risk Register to track threat likelihood, business impact, mitigation strategies, and risk ownership across departments.

• Executed advanced vulnerability scans and penetration testing using tools like OpenVAS, Nessus, and Burp Suite, identifying high- risk exposures and reducing infrastructure vulnerabilities.

• Monitored security events and alerts in real-time using Splunk and QRadar, triaged incidents based on severity and business impact, and escalated critical threats to Tier-3 teams.

Informative Web Solutions India

Cyber Security Engineer Apr 2018 - Dec 2021

• Led security audits and cloud-based vulnerability assessments across web applications, APIs, and SaaS platforms, identifying and remediating over 30 high-risk vulnerabilities, significantly improving compliance across business units.

• Employed NIST CSF, CIS Controls, and MITRE ATT&CK to guide risk mitigation efforts and strengthen overall security posture.

• Wired cloud security posture by configuring AWS IAM roles, enforcing encryption for data-at-rest and in-transit, and applying least- privilege access models, improving security governance in hybrid environments.

• Engineered and optimized detection rules using KQL, Sigma, and YARA for improved visibility into advanced persistent threats

(APT) and lateral movement patterns.

• Established incident response runbooks, and directed investigations into phishing, malware, and DDoS attacks, streamlining SOC processes and improving containment and recovery timelines.

• Led proactive threat hunts using hypothesis-driven approaches across endpoint, network, and cloud environments, uncovering stealthy threats undetected by automated tools.

• Designed dashboards and visualizations in Kibana and Splunk to monitor anomaly patterns, failed logins, and beaconing behavior. EDUCATION

Master of Science in Information Systems (Network and Security Management) Dec 2024 Illinois State University Normal, IL

ACADEMIC PROJECTS

Project: AI-Powered Virtual Event Planning Tool

Developed an AI-driven virtual event planning tool leveraging NLP models like BERT and GPT-4 to automate scheduling, email authorization, participant engagement tracking, and real-time support. Enhanced efficiency by streamlining event management tasks, reducing manual effort, and improving event planning workflows. Key Contributions:

• AI-powered content generator using GPT-4 for event invitations, schedules, and emails.

• Integrated BERT and GPT-4 NLP models into the application backend, enhancing user interaction monitoring and automating real- time support, resulting in a 35% increase in user satisfaction.

• Engineered an AI-powered smart scheduling feature that optimized event timelines by 30% based on user-defined priorities and resource availability, enhancing user satisfaction.

Contact this candidate