Cybersecurity Analyst Threat Detection & Incident Response

AZIZ AHMED KAMARA

Cybersecurity Analyst Threat Detection • Incident Response • Cloud Security

+1-703-***-**** ****@**********.*** VA LinkedIn US Citizen Summary

Certified Cybersecurity Analyst with 5+ years of experience in threat detection, incident response, vulnerability management, and application security across financial and healthcare environments. Proven ability to analyze complex security events using SIEM and EDR platforms such as Splunk, Microsoft Sentinel, and CrowdStrike. Skilled in threat hunting, penetration testing, and cloud security (AWS, Azure), with hands-on experience in developing detection logic using Python and SQL. Strong understanding of MITRE ATT&CK, secure architecture, and regulatory frameworks including NIST, ISO 27001, and HIPAA. Technical Skills

Category Skills & Tools

Security Operations & Threat Management SIEM (Splunk, Microsoft Sentinel, QRadar, Elastic/ELK) • Incident Response • Threat Hunting • Log Analysis • Security Monitoring • Detection Engineering • Threat Intelligence • Alert Triage • Incident Triage Security Engineering & Tools CrowdStrike Falcon • Microsoft Defender for Endpoint • EDR/XDR • IDS/IPS • Tenable • Nessus • Qualys • Wireshark • Security Onion • SOAR

(Phantom, XSOAR) • JIRA

Cloud & Infrastructure Security AWS Security (GuardDuty, Security Hub, IAM) • Azure Security (Defender for Cloud, Sentinel) • Identity & Access Management (IAM) • Network Security • Endpoint Security • Zero Trust Architecture • VPN • Firewalls

(Palo Alto, Fortinet)

Application & Offensive Security Penetration Testing • Vulnerability Assessment • OWASP Top 10 • Burp Suite • Metasploit • Secure Code Review (Java, Go) • Threat Modeling • API Security • SAST/DAST

Programming & Automation Python • SQL • PowerShell • Bash • Automation Scripting • REST APIs • JSON

Governance, Risk & Compliance (GRC) MITRE ATT&CK • NIST CSF • ISO 27001 • HIPAA • GDPR • DISA STIG

• Risk Assessment • Audit Support • Policy & Control Mapping Experience

Cyber Security Analyst

Mastercard, VA Jan 2022 – Present

• Led end-to-end investigation and response for security incidents including phishing campaigns, malware infections, insider threats, and unauthorized access, ensuring timely containment, eradication, and recovery

• Analyzed high-volume logs across SIEM platforms (Splunk, Microsoft Sentinel) and EDR (CrowdStrike Falcon) to detect anomalous behavior, lateral movement, and persistence techniques

• Developed and optimized detection rules, correlation searches, and alerting logic using Python and SQL, significantly improving detection coverage and reducing false positives

• Conducted proactive threat hunting activities by leveraging MITRE ATT&CK framework to identify attacker tactics, techniques, and procedures (TTPs) across endpoints and network layers

• Collaborated with cloud and infrastructure teams to identify and remediate security gaps in AWS and Azure environments, including misconfigurations, excessive permissions, and exposed services

• Performed threat modeling and security design reviews to mitigate risks such as account takeover (ATO), fraud abuse, and privilege escalation

• Conducted root cause analysis of security incidents and provided actionable remediation strategies to strengthen long-term security posture

• Produced detailed incident reports, dashboards, and executive summaries to support audit readiness and compliance with NIST and ISO 27001 standards

• Integrated threat intelligence feeds into SIEM workflows to enhance detection of emerging threats and indicators of compromise (IOCs)

SOC Analyst

CVS Health, VA May 2021 – Dec 2021

• Monitored and triaged thousands of daily security alerts in a 24 7 SOC environment, covering endpoint, network, and cloud- based threats

• Investigated suspicious activities including phishing attempts, credential compromise, malware alerts, and unauthorized access using SIEM and EDR tools

• Performed in-depth log analysis and correlation to validate incidents, determine scope, and escalate high-severity threats to incident response teams

• Tuned and refined detection rules and alert thresholds within SIEM platforms to improve signal-to-noise ratio and reduce alert fatigue

• Assisted in vulnerability management by tracking identified risks, validating remediation efforts, and coordinating with IT and security teams

• Maintained comprehensive incident documentation, ensuring alignment with HIPAA compliance requirements and internal audit standards

• Supported playbook development and incident response procedures to standardize and improve SOC operations and JWT misconfigurations.

Penetration Tester

Edward Jones, NY May 2020 – Apr 2021

• Performed penetration testing on web applications, APIs, and internal systems to identify exploitable vulnerabilities and security weaknesses

• Executed both automated and manual testing techniques, including authentication bypass, injection flaws, misconfigurations, and access control issues

• Assessed applications against OWASP Top 10 and industry best practices, identifying critical vulnerabilities and prioritizing remediation efforts

• Utilized tools such as Nessus, Burp Suite, and Metasploit to perform vulnerability scanning and exploitation testing

• Documented findings in detailed reports including risk ratings, proof-of-concept exploits, and clear remediation recommendations

• Collaborated with development and engineering teams to validate fixes and improve secure coding practices across applications

• Contributed to strengthening overall application security posture by identifying recurring patterns and recommending preventive controls

Systems Technician / Administrator

Guaranty Trust Bank (SL) Ltd Nov 2016 – Jan 2019

• Provided technical support for enterprise IT systems, resolving hardware, software, and network-related issues for over 300 users

• Managed Active Directory environments including user provisioning, access control, password policies, and group policy configurations

• Assisted in maintaining secure network infrastructure by troubleshooting connectivity issues and supporting firewall and endpoint configurations

• Handled high-volume service requests and incidents using ticketing systems, ensuring timely resolution and adherence to SLAs

• Supported system hardening and patch management activities to reduce vulnerabilities and improve system security Education

PhD in Cybersecurity (Cloud Security Specialization) National University, San Diego, CA

Master of Science in Cybersecurity

Old Dominion University, Norfolk, VA

Bachelor of Science in Computer Networking & Cybersecurity University of Maryland Global Campus, Adelphi, MD

Certifications

Certified Information Security Manager (CISM) – ISACA CompTIA CySA+ (Cybersecurity Analyst)

CompTIA PenTest+

CompTIA Security+

Cisco Certified Network Associate (CCNA)

Contact this candidate