Cybersecurity Engineer II with Cloud & Automation Expertise
Resume:
Akash Ponnam
Houston, TX +1-346-***-**** *************@*****.*** LinkedIn
SUMMARY
Cyber Security Engineer with 3+ years of experience securing banking and enterprise environments through SIEM monitoring, threat detection, vulnerability management, cloud security, and incident response operations. Experience building automation-driven security workflows using Python, PowerShell, Microsoft Sentinel, Splunk, ServiceNow, and ELK Stack to improve alert triage, threat containment, and remediation processes across high-volume production systems. Background includes AWS security controls, Zero Trust Architecture, RBAC governance, MFA administration, IDS/IPS monitoring, CI/CD security, CVE analysis, and NIST CSF compliance operations supporting regulated infrastructure and enterprise security programs.
PROFESSIONAL EXPERIENCE
Cyber Security Engineer JPMC USA Oct 2025 – Present
Established automated Threat Detection playbooks using Python and Microsoft Sentinel, coordinating with global SOC teams to reduce the mean time to respond (MTTR) by 22 minutes for high-severity alerts.
Hardened cloud infrastructure security by implementing Zero Trust Architecture and AWS IAM least-privilege policies, collaborating with cloud architects to secure 450+ production accounts against unauthorized access.
Orchestrated enterprise-wide Vulnerability Management cycles using Qualys and CVE Analysis, partnering with system owners to remediate 1,800+ critical security flaws across the global banking network.
Engineered real-time Behavioral Analytics using ML-based Anomaly Detection and Splunk, working alongside data scientists to identify 120+ sophisticated lateral movement patterns within internal traffic.
Strengthened Endpoint Security by deploying CrowdStrike EDR and custom IDS/IPS signatures, leading cross-functional teams in the containment of 95 distinct malware threats without disrupting financial services.
Directed NIST CSF compliance audits and Secrets Management through HashiCorp Vault, mentoring junior analysts on CI/CD Security to ensure the stable rollout of 14 high-compliance banking applications. Cyber Security Engineer Epsilon USA Oct 2024 – Oct 2025
Executed high-fidelity SIEM monitoring and Splunk alert analysis, collaborating with cross-functional infrastructure teams to triage and investigate suspicious anomalies across systems processing 95,000+ daily security logs.
Hardened cloud security visibility by configuring Azure, IAM policies, and CloudTrail monitoring, partnering with cloud engineers to secure 18 enterprise workloads within highly regulated environments.
Managed enterprise-wide Vulnerability Assessments using Tenable Nessus, coordinating with system administrators to validate remediation and resolve 320+ critical and high-risk security findings.
Strengthened Identity and Access Governance through Active Directory reviews and RBAC validation, working with internal auditors to ensure secure access management for 2,400+ enterprise users.
Contained 140+ active security threats by investigating phishing attempts and malware alerts using McAfee Gateway and IDS/IPS monitoring, preventing operational impact through rapid incident response procedures.
Coordinated security operations through ServiceNow incident management and Compliance Reporting, leading technical walkthroughs to maintain visibility across 7 concurrent cybersecurity remediation initiatives. DevSecOps Engineer Dell Technologies India Jul 2020 – Aug 2022
Contributed to the integration of automated SAST, DAST, and secrets scanning tools directly into corporate Jenkins and GitHub Actions workflows, helping establish basic Secure SDLC gates that flagged 45+ potential vulnerabilities before production release.
Executed daily CI/CD security checks and tracked software dependencies across 4 development pipelines, supporting baseline policy enforcement to prevent the deployment of compromised open-source components.
Implemented basic automated Policy-as-Code and Terraform/IaC validation rules for 30+ cloud infrastructure templates, assisting software teams with fixing configuration drift across 3 distinct server segments.
Performed regular container vulnerability scanning and CVE analysis using Nessus on base images, coordinating directly with engineering team leads to patch, validate, and update 600+ active containerized workloads.
Managed day-to-day incident response workflows and updated system remediation tickets using Python scripts and ServiceNow, working closely alongside network infrastructure teams to flag and resolve 250+ cloud infrastructure anomalies.
Conducted routine log analysis and alert triaging within Microsoft Sentinel and the ELK Stack, investigating over 1,200 monthly security events while monitoring RBAC governance and MFA protocols to maintain compliance with ISO 27001 standards. TECHNICAL SKILLS
Threat Detection & SIEM: Detection Engineering, SIEM Administration, Splunk, Microsoft Sentinel, QRadar, Log Analysis, Event Correlation, Alert Triage, Threat Monitoring, Use Case Development, Statistical Anomaly Detection, MITRE ATT&CK Analytics
Incident Response & Threat Hunting: Incident Response, Threat Hunting, IOC Analysis, Malware Analysis, Digital Forensics, Host-Based & Network Forensics, Evidence Preservation, Volatility, Disk & Memory Analysis, Root Cause Analysis, IR Playbook Development
Network & Endpoint Security: TCP/IP, DNS, VPN, Routing & Switching, Firewalls (Palo Alto, Fortinet), IDS/IPS (Snort, Suricata), WAF, EDR/XDR, CrowdStrike, SentinelOne, Microsoft Defender, Wireshark, Network Segmentation, Endpoint Hardening
Cloud & Infrastructure Security: AWS Security, Azure Defender, GCP Security, IAM, CloudTrail, CSPM, Zero Trust Architecture, Cloud IR Strategy, Docker Security, Kubernetes Security, Micro-Segmentation
Vulnerability Management & Offensive Security: Nessus, Qualys, Tenable, Vulnerability Assessment, CVE Analysis, Patch Management, CVSS, Penetration Testing (Web, API, Network), MITRE ATT&CK TTP Simulation, Burp Suite, Nmap, Exploit Path Analysis
Identity & Access Management: Active Directory, RBAC, MFA, SSO, Privileged Access Management (PAM), CyberArk, Thycotic
Security Automation & DevSecOps: Python, PowerShell, Bash, Golang, SOAR Playbooks, Workflow Automation, API Security, CI/CD Security, Terraform, Ansible, Secrets Management, HashiCorp Vault
Monitoring & Observability: ELK Stack, Grafana, Prometheus, CloudWatch, Log Aggregation, Dashboarding & Alerting, Metrics Monitoring
AI/ML Security: AI-Driven Threat Detection, Behavioral Analytics, ML-Based Anomaly Detection, False Positive Reduction, Prompt Injection Awareness, AI Threat Prioritization
Compliance & Governance: NIST CSF, NIST 800-53, ISO 27001, SOC 2, HIPAA, PCI-DSS, GDPR, Governance Risk & Compliance (GRC), Audit
& Compliance Reporting, Policy Development
Platforms & Collaboration Tools: Jira, ServiceNow, Git, ITIL, Agile (Scrum), Cross-Functional Team Coordination, Security Awareness Training, Process Improvement, Stakeholder Communication PROJECTS
Automated Threat Detection & IR Pipeline
Built an ML-based anomaly detection model processing 200K+ daily SIEM and API log events, applying statistical analysis and behavioral analytics to identify multi-stage threat patterns across enterprise networks.
Automated end-to-end incident response workflows across 40+ production CI/CD pipelines by embedding SAST, DAST, container vulnerability scanning, and cloud configuration validation for AWS, Azure, and GCP. Network Segmentation & Zero Trust Pilot
Designed and implemented granular micro-segmentation policies across 120+ critical production servers and applications, leveraging next- generation firewalls to enforce strict traffic filtering rules.
Enforced Zero Trust security principles by deploying risk-based access control reviews, role-based access controls (RBAC), and isolated network zones to secure 5+ business-critical environments. Automated Red-Team Simulation Framework
Developed a custom Python and PowerShell adversary simulation framework mapped to 50+ MITRE ATT&CK techniques, allowing security teams to actively emulate advanced persistent threat behaviors.
Automated continuous exploit-path testing and defensive playbooks across hybrid cloud and on-prem infrastructures, successfully identifying critical visibility gaps to improve SOC alert detection coverage. EDUCATION
M.S. in Computer Science, California State University Long Beach, Long Beach, CA Aug 2022 – May 2024 CERTIFICATIONS
AWS Certified SysOps Administrator – Associate — Amazon Web Services
AWS Certified Cloud Practitioner — Amazon Web Services
Oracle OCI Generative AI Professional — Oracle
CompTIA Security+
OSCP (Offensive Security Certified Professional) — In Progress
Contact this candidate