SamAlmur
IT Security Cybersecurity Vulnerability Management Threat Detection & Incident Response Houston, TX
***.*******@*****.***
https://www.linkedin.com/in/sam-a-26036a163/
Summary
Dedicated cybersecurity Professional with over 5 years of experience focusing on enhancing security operations in varied environments. Key achievements feature a 90% decrease in high and critical vulnerabilities and an improved Microsoft Secure Score. Skills include incident response, threat detection, risk assessments, and vulnerability management, with a commitment to stakeholder collaboration for strengthening defenses and ensuring adherence to NIST and other compliance frameworks. Skills
Endpoint Security: Microsoft Defender for
Endpoint, Cisco AMP, Microsoft Intune
SIEM, MDR & Threat Monitoring: Alert
Logic SIEM, Arctic Wolf MDR, FortiAnalyzer,
Splunk, Microsoft Sentinel
Threat Hunting & Log Analysis: Microsoft
Advanced Hunting, AWS GuardDuty, Fortinet
Analyzer, event correlation, log review
Vulnerability & Patch Management: Qualys,
Nessus, Microsoft Defender Vulnerability
Management, Arctic Wolf Patch Management
Email Security & Phishing Defense:
Abnormal AI, Microsoft Defender for Office
365, Microsoft DLP, Terranova Security
Identity & Access Management: Microsoft
Entra ID, AD, Conditional Access, Microsoft
Defender for Identity
Network & Infrastructure Security: Cisco
Umbrella, Fortinet ZTNA, Forescout, UniFi
Security Gateway, Fortinet Firewalls
Governance, Risk & Compliance: NIST, ISO
27001, SOC 2, familiarity with PCI DSS and
HIPAA, security playbooks, security policy
development, phishing simulation, and security
awareness training
Application & API Security foundation:
OWASP API Security Top 10, API risk
awareness, authentication/authorization risks,
broken object-level authorization and security
misconfiguration.
Ticketing & Collaboration: Jira, ServiceNow,
Zendesk, IT/DevOps to support secure
deployment practices.
Automation & Scripting: familiarity with
PowerShell and Python for automation and
script deployment
Experience
Logistec January 2026 to May 2026
Cybersecurity administrator
Houston, Texas
Supported security operations for 500+ users, 800+ endpoints, and 25+ servers by investigating incidents across endpoint, identity, email, network, and cloud environments.
Served as first point of contact for security incident alerts, investigated suspicious login activity and possible exploits to identify root causes, and collaborated with SOC team to resolve issues and prevent future incidents.
Investigated an average of 20+ EDR security incidents monthly while maintaining incident response times between 5–15 minutes through SIEM, EDR, and security monitoring platforms
Reduced high and critical vulnerabilities by more than 90% by conducting weekly Qualys assessments, prioritizing remediation efforts, and coordinating corrective actions with infrastructure teams.
Increased Qualys vulnerability-scanning coverage to approximately 90% of enterprise endpoints and servers, improving visibility into organizational security risks and remediation efforts.
Increased Microsoft Secure Score from 55% to 72% by implementing security recommendations and strengthening Microsoft security controls.
Enhanced detection quality by identifying false positives, tuning security alerts, and recommending SIEM and EDR monitoring improvements based on security best practices.
Delivered phishing-awareness and cybersecurity training through Terranova Security campaigns and Abnormal Security initiatives to improve employee security awareness and reduce phishing risk.
Supported successful NIST audit activities by maintaining security documentation, validating controls, participating in audit preparation activities, and assisting with remediation efforts.
Strengthened identity security governance by developing and standardizing Microsoft Entra ID security procedures and access-management documentation
Created investigation reports, remediation recommendations, and executive-ready security summaries to ensure consistent incident response and effective stakeholder communication. AARC Consultants April 2025 to January 2026
Lead IT & Cybersecurity Professional
Houston, Texas
Conducted cybersecurity assessments for 10+ client organizations within critical infrastructure and water utility environments by evaluating OT and IT security controls against industry security frameworks
Performed vulnerability assessments, remediation tracking, and risk analysis using Tenable and Microsoft security technologies to strengthen client security posture
Performed risk assessments and vulnerability reviews using Tenable and Microsoft security technologies to support continuous monitoring activities.
Coordinated incident response activities with clients, vendors, MSSP partners, and internal stakeholders, enhancing timely investigation and remediation of security incidents.
Facilitated tabletop exercises, threat simulations, and incident response planning, strengthening organizational preparedness and response capabilities.
Improved client risk visibility by identifying security gaps, documenting findings, and developing remediation recommendations for executive leadership and operational teams
Tracked remediation efforts and documented corrective actions, collaborating with stakeholders to effectively resolve identified security findings.
Collected security evidence, maintained assessment documentation, and supported audit preparation and compliance reviews.
Supported audit preparation and remediation activities resulting in successful compliance reviews and closure of major audit findings
Conducted security control assessments and documented remediation activities aligned with NIST cybersecurity frameworks.
Assisted in development and review of security policies, contingency planning documentation, incident response procedures, and governance processes aligned with NIST guidance.
Developed security policies, governance processes, and risk-management practices aligned with NIST security principles and industry best practices.
Parker Wellbore April 2024 to April 2025
IT Security Analyst II
Houston, Texas
Supported enterprise security operations for 1,000+ users and 1,400+ Microsoft Defender-managed endpoints by investigating incidents across endpoint, identity, email, and network environments
Investigated an average of 20+ security alerts weekly, including EDR incidents and email-security threats, using Microsoft Defender, SIEM, MDR, and threat-intelligence sources
Validated exploitability and coordinated remediation for 50+ high and critical vulnerabilities in collaboration with infrastructure, cloud, and operations teams, enhancing overall security posture.
Enhanced detection quality by identifying recurring alert patterns and recommending security-control improvements, significantly reducing false positives through weekly security reviews.
Strengthened endpoint and identity security controls through Microsoft Defender, Intune, DLP, Conditional Access, and security-hardening initiatives.
Applied MITRE ATT&CK methodologies, IOC analysis, and threat intelligence during incident response and threat-hunting activities
Reviewed vulnerability findings and coordinated remediation efforts with infrastructure, cloud, and operations teams, effectively minimizing organizational risk.
Investigated security incident alerts and suspicious login activity to determine root causes.
Supported successful NIST and SOC 2 audit activities through evidence collection, documentation maintenance, security-control validation, and audit preparation. AARC Environmental October 2019 to April 2024
IT Support Specialist
Houston, Texas
Improved endpoint security coverage by deploying and administering Microsoft Intune, endpoint- protection technologies, and device-compliance controls
Conducted vulnerability assessments and tracked remediation using Microsoft Defender, Qualys, and Nessus to mitigate organizational security risk.
Enhanced Microsoft 365 security posture through implementation of DLP, MFA, access controls, and compliance-focused security configurations
Delivered cybersecurity onboarding and security-awareness training programs to promote secure-use practices across the organization
Supported security investigations through SIEM, EDR, endpoint, identity, and network-security alert analysis
Strengthened Active Directory and Windows Server security through hardening initiatives, privilege restrictions, and security best practices.
Conducted cybersecurity risk assessments for critical infrastructure and water utility organizations using NIST-aligned methodologies.
Evaluated security controls, documented compliance gaps, and developed remediation recommendations to strengthen cybersecurity posture.
Facilitated tabletop exercises and cyber incident simulations to improve crisis response preparedness.
Trained employees on effective use of company software and tools.
Collaborated with vendors for procurement of IT supplies and equipment. Alert Logic April 2019 to July 2019
Cybersecurity Analyst
Houston, Texas
Accelerated incident investigations involving malware, brute-force attacks, reconnaissance activity, and web application threats
Improved threat-detection by monitoring Alert Logic SIEM and AWS GuardDuty security events
Analyzed logs and Snort IDS alerts to identify and respond to malicious activity.
Conducted investigations into unauthorized access, modifications, and malware infections to mitigate risks.
Drafted incident response reports and coordinated escalations to ensure timely resolution. Exchange Hub - Atlanta, Georgia December 2018 to March 2019 Cybersecurity Analyst (Trainee)
Atlanta, Georgia
Investigated anomalies in Splunk and network traffic logs to identify potential security threats.
Supported vulnerability assessments and ensured compliance alignment with NIST frameworks to enhance security posture.
Completed CompTIA CySA+ training and hands-on labs in SIEM, threat analysis, and vulnerability scanning.
Education
Universiti Kebangsaan Malaysia (UKM)
Master of Engineering: Communication And Computer Engineering Mehran University of Engineering & Technology
Bachelor of Engineering: Electronic Engineering
Certifications
EC-Council Certified Incident Handler (ECIH) - Dec 2024
CompTIA CySA+ - Dec 2022 CompTIA Security+ - Jul 2021 CSAP - Dec 2022
Microsoft Certified: Azure Fundamentals - Jul 2021 Azure Administrator - Jul 2021
Microsoft Certified: Information Protection Administrator - Nov 2022 Identity & Access Administrator - Oct 2022
APISEC University: OWASP API Security Top 10 and Beyond!
Fortinet Certified Associate in Cybersecurity - Jan 2025 TRAINING
AI Security
Training OWASP API Security
CCNA Routing & Switching (200-125)
IBM Enterprise Security in Practice
EC-Council: ISO/IEC 27001:2022
Certified in Risk and Information Systems Control (CRISC)