Cybersecurity Engineer - SOC Analyst & Cloud Security Specialist
Resume:
ANMOLDEEP GILL
Cybersecurity Engineer SOC Analyst Penetration Testing AWS Security
+1-972-***-**** *********@***********.*** TX US Citizen Summary
Cybersecurity Engineer with 3+ years of hands-on experience across Security Operations (SOC), penetration testing, and cloud security. Proven ability to detect, analyze, and respond to security threats using SIEM tools, vulnerability scanners, and network analysis techniques. Experienced in performing penetration testing aligned with OWASP Top 10, threat hunting using MITRE ATT&CK, and securing AWS environments through IAM and monitoring controls. Strong background in log analysis, incident response, and security automation using Python and Bash. CompTIA Security+ and Network+ certified. Technical Skills
Category Skills & Tools
Security Domains: Penetration Testing • Vulnerability Management • Threat Detection • Incident Response • Network Security • Application Security • Cloud Security • Risk Assessment • CIS Controls • OWASP Top 10 • MITRE ATT&CK Security Tools: Nmap • Metasploit • Wireshark • Burp Suite • Nessus • OpenVAS • Nikto • Hydra • Netcat • Tcpdump • Dirb
SIEM / Monitoring: Splunk (Log Analysis, Dashboards, Basic Detection Rules) • Microsoft Sentinel (Basic) • Log Correlation • Alert Triage • Incident Investigation Programming & Automation: Python • Bash • PowerShell • SQL • Scripting • Log Parsing • REST APIs Cloud Security: AWS IAM • S3 Security • EC2 Security • Security Groups • VPC • CloudTrail
• Encryption
Networking & Systems: TCP/IP • DNS • HTTP/HTTPS • VPN • Firewalls • Linux (Kali, Ubuntu) • Windows Security
Governance, Risk & Compliance (GRC) NIST (Basic) • CIS Controls • Risk Assessment • Security Policies • HIPAA Work Experience
Cybersecurity Engineer
Walmart – Prosper, TX Jul 2023 – Present
• Monitored and analyzed security events across endpoints, network traffic, and system logs to detect anomalies, indicators of compromise (IOCs), and suspicious patterns
• Performed vulnerability scanning and assessment using Nmap, Nessus, and OpenVAS, identifying misconfigurations, exposed services, and weak access controls
• Conducted penetration testing activities including reconnaissance, enumeration, and exploitation using Metasploit, Burp Suite, and manual techniques
• Investigated security incidents such as unauthorized access attempts, phishing activity, brute-force attacks, and lateral movement indicators
• Analyzed logs from multiple sources (system logs, authentication logs, network traffic) and correlated events using Splunk
(lab exposure) and custom queries
• Implemented and enforced security controls aligned with CIS benchmarks and OWASP best practices, reducing system vulnerabilities
• Secured AWS cloud resources by configuring IAM roles, policies, S3 bucket permissions, and security groups, enforcing least privilege and access control
• Monitored AWS activity using CloudTrail logs to detect suspicious login attempts and unauthorized API calls
• Performed network packet analysis using Wireshark and Tcpdump, identifying anomalies such as unusual traffic spikes, DNS tunneling patterns, and port scanning activity
• Developed Python and Bash scripts for automating log parsing, anomaly detection, and file integrity monitoring
• Supported incident response lifecycle including detection, triage, containment, and documentation of security events
• Identified and tested vulnerabilities aligned with OWASP Top 10 (e.g., SQL Injection, XSS – basic) in controlled environments
• Collaborated with infrastructure and application teams to remediate vulnerabilities, patch systems, and improve security posture
• Documented findings in detailed reports including risk severity (CVSS), impact analysis, and remediation recommendations SOC Analyst / Junior Penetration Tester
CVS Health, VA Oct 2022 – Jun 2023
• Monitored and triaged high-volume security alerts in a 24 7 SOC environment, covering endpoint, network, and cloud-based threats using SIEM and EDR tools
• Investigated security incidents including phishing attacks, credential compromise, malware infections, and unauthorized access attempts, performing root cause analysis
• Performed log aggregation, correlation, and analysis across multiple data sources (Windows logs, network logs, authentication logs) to identify indicators of compromise (IOCs)
• Conducted proactive threat hunting using known attack patterns mapped to MITRE ATT&CK framework, identifying suspicious behaviors and lateral movement
• Tuned and optimized SIEM detection rules, correlation searches, and alert thresholds, reducing false positives and improving detection accuracy
• Performed vulnerability scanning and assessment using tools such as Nessus/OpenVAS, validating findings and coordinating remediation efforts
• Assisted in web application security testing aligned with OWASP Top 10, identifying issues such as SQL Injection, XSS
(basic), and misconfigurations
• Executed penetration testing activities in lab and controlled environments, including reconnaissance, enumeration, and exploitation using Nmap, Metasploit, and Burp Suite
• Analyzed network traffic using Wireshark and Tcpdump to detect anomalies such as port scanning, suspicious DNS activity, and abnormal traffic patterns
• Supported incident response lifecycle including detection, triage, containment, and escalation of high-severity security incidents
• Developed and improved incident response playbooks and runbooks, enhancing SOC efficiency and response time
• Assisted in vulnerability management lifecycle, including risk prioritization, remediation validation, and reporting
• Maintained detailed documentation of incidents, findings, and remediation actions in alignment with HIPAA compliance and audit requirements
• Collaborated with security, infrastructure, and application teams to remediate vulnerabilities and strengthen overall security posture
Projects
Enterprise SOC Monitoring & Threat Detection Lab
• Built a simulated SOC environment using Splunk and Windows/Linux logs to monitor and analyze security events
• Ingested and normalized logs (authentication, system, network) to detect anomalies and suspicious activities
• Created custom dashboards, correlation searches, and alerts for failed logins, privilege escalation, and brute-force attempts
• Performed alert triage and incident analysis, mapping findings to MITRE ATT&CK techniques
• Reduced false positives by tuning detection rules and refining alert thresholds Penetration Testing & Vulnerability Assessment Lab
• Conducted end-to-end penetration testing including reconnaissance, scanning, enumeration, exploitation, and reporting
• Used tools such as Nmap, Metasploit, Burp Suite, Nikto, and Dirb to identify vulnerabilities
• Exploited common vulnerabilities aligned with OWASP Top 10 (SQL Injection, XSS – basic, authentication flaws)
• Performed vulnerability scanning using Nessus/OpenVAS and validated findings manually
• Generated professional reports including CVSS scoring, risk analysis, and remediation recommendations AWS Cloud Security Implementation
• Designed and secured AWS environments using IAM roles, policies, and least-privilege access control
• Configured S3 bucket security, encryption, and access policies to prevent data exposure
• Implemented network-level security using VPC and security groups
• Monitored and analyzed activity using AWS CloudTrail logs to detect unauthorized access
• Identified and remediated cloud misconfigurations aligned with best practices Security Automation & Log Analysis (Python)
• Developed Python scripts for log parsing, anomaly detection, and file integrity monitoring
• Automated detection of suspicious activities such as repeated login failures and unauthorized file changes
• Built basic alerting mechanisms to notify potential security incidents
• Reduced manual effort in repetitive security tasks through automation Education
Collin College – Frisco, TX
Bachelor of Science in Cybersecurity
Associate of Science in Cybersecurity
Certifications
CompTIA Security+
CompTIA Network+
Contact this candidate