Post Job Free
Sign in

Cybersecurity Vulnerability Management & Incident Response

Location:
Houston, TX
Posted:
July 04, 2026

Contact this candidate

Resume:

SamAlmur

IT Security Cybersecurity Vulnerability Management Threat Detection & Incident Response Houston, TX

513-***-****

***.*******@*****.***

https://www.linkedin.com/in/sam-a-26036a163/

Summary

Dedicated cybersecurity Professional with over 5 years of experience focusing on enhancing security operations in varied environments. Key achievements feature a 90% decrease in high and critical vulnerabilities and an improved Microsoft Secure Score. Skills include incident response, threat detection, risk assessments, and vulnerability management, with a commitment to stakeholder collaboration for strengthening defenses and ensuring adherence to NIST and other compliance frameworks. Skills

Endpoint Security: Microsoft Defender for

Endpoint, Cisco AMP, Microsoft Intune

SIEM, MDR & Threat Monitoring: Alert

Logic SIEM, Arctic Wolf MDR, FortiAnalyzer,

Splunk, Microsoft Sentinel

Threat Hunting & Log Analysis: Microsoft

Advanced Hunting, AWS GuardDuty, Fortinet

Analyzer, event correlation, log review

Vulnerability & Patch Management: Qualys,

Nessus, Microsoft Defender Vulnerability

Management, Arctic Wolf Patch Management

Email Security & Phishing Defense:

Abnormal AI, Microsoft Defender for Office

365, Microsoft DLP, Terranova Security

Identity & Access Management: Microsoft

Entra ID, AD, Conditional Access, Microsoft

Defender for Identity

Network & Infrastructure Security: Cisco

Umbrella, Fortinet ZTNA, Forescout, UniFi

Security Gateway, Fortinet Firewalls

Governance, Risk & Compliance: NIST, ISO

27001, SOC 2, familiarity with PCI DSS and

HIPAA, security playbooks, security policy

development, phishing simulation, and security

awareness training

Application & API Security foundation:

OWASP API Security Top 10, API risk

awareness, authentication/authorization risks,

broken object-level authorization and security

misconfiguration.

Ticketing & Collaboration: Jira, ServiceNow,

Zendesk, IT/DevOps to support secure

deployment practices.

Automation & Scripting: familiarity with

PowerShell and Python for automation and

script deployment

Experience

Logistec January 2026 to May 2026

Cybersecurity administrator

Houston, Texas

Supported security operations for 500+ users, 800+ endpoints, and 25+ servers by investigating incidents across endpoint, identity, email, network, and cloud environments.

Served as first point of contact for security incident alerts, investigated suspicious login activity and possible exploits to identify root causes, and collaborated with SOC team to resolve issues and prevent future incidents.

Investigated an average of 20+ EDR security incidents monthly while maintaining incident response times between 5–15 minutes through SIEM, EDR, and security monitoring platforms

Reduced high and critical vulnerabilities by more than 90% by conducting weekly Qualys assessments, prioritizing remediation efforts, and coordinating corrective actions with infrastructure teams.

Increased Qualys vulnerability-scanning coverage to approximately 90% of enterprise endpoints and servers, improving visibility into organizational security risks and remediation efforts.

Increased Microsoft Secure Score from 55% to 72% by implementing security recommendations and strengthening Microsoft security controls.

Enhanced detection quality by identifying false positives, tuning security alerts, and recommending SIEM and EDR monitoring improvements based on security best practices.

Delivered phishing-awareness and cybersecurity training through Terranova Security campaigns and Abnormal Security initiatives to improve employee security awareness and reduce phishing risk.

Supported successful NIST audit activities by maintaining security documentation, validating controls, participating in audit preparation activities, and assisting with remediation efforts.

Strengthened identity security governance by developing and standardizing Microsoft Entra ID security procedures and access-management documentation

Created investigation reports, remediation recommendations, and executive-ready security summaries to ensure consistent incident response and effective stakeholder communication. AARC Consultants April 2025 to January 2026

Lead IT & Cybersecurity Professional

Houston, Texas

Conducted cybersecurity assessments for 10+ client organizations within critical infrastructure and water utility environments by evaluating OT and IT security controls against industry security frameworks

Performed vulnerability assessments, remediation tracking, and risk analysis using Tenable and Microsoft security technologies to strengthen client security posture

Performed risk assessments and vulnerability reviews using Tenable and Microsoft security technologies to support continuous monitoring activities.

Coordinated incident response activities with clients, vendors, MSSP partners, and internal stakeholders, enhancing timely investigation and remediation of security incidents.

Facilitated tabletop exercises, threat simulations, and incident response planning, strengthening organizational preparedness and response capabilities.

Improved client risk visibility by identifying security gaps, documenting findings, and developing remediation recommendations for executive leadership and operational teams

Tracked remediation efforts and documented corrective actions, collaborating with stakeholders to effectively resolve identified security findings.

Collected security evidence, maintained assessment documentation, and supported audit preparation and compliance reviews.

Supported audit preparation and remediation activities resulting in successful compliance reviews and closure of major audit findings

Conducted security control assessments and documented remediation activities aligned with NIST cybersecurity frameworks.

Assisted in development and review of security policies, contingency planning documentation, incident response procedures, and governance processes aligned with NIST guidance.

Developed security policies, governance processes, and risk-management practices aligned with NIST security principles and industry best practices.

Parker Wellbore April 2024 to April 2025

IT Security Analyst II

Houston, Texas

Supported enterprise security operations for 1,000+ users and 1,400+ Microsoft Defender-managed endpoints by investigating incidents across endpoint, identity, email, and network environments

Investigated an average of 20+ security alerts weekly, including EDR incidents and email-security threats, using Microsoft Defender, SIEM, MDR, and threat-intelligence sources

Validated exploitability and coordinated remediation for 50+ high and critical vulnerabilities in collaboration with infrastructure, cloud, and operations teams, enhancing overall security posture.

Enhanced detection quality by identifying recurring alert patterns and recommending security-control improvements, significantly reducing false positives through weekly security reviews.

Strengthened endpoint and identity security controls through Microsoft Defender, Intune, DLP, Conditional Access, and security-hardening initiatives.

Applied MITRE ATT&CK methodologies, IOC analysis, and threat intelligence during incident response and threat-hunting activities

Reviewed vulnerability findings and coordinated remediation efforts with infrastructure, cloud, and operations teams, effectively minimizing organizational risk.

Investigated security incident alerts and suspicious login activity to determine root causes.

Supported successful NIST and SOC 2 audit activities through evidence collection, documentation maintenance, security-control validation, and audit preparation. AARC Environmental October 2019 to April 2024

IT Support Specialist

Houston, Texas

Improved endpoint security coverage by deploying and administering Microsoft Intune, endpoint- protection technologies, and device-compliance controls

Conducted vulnerability assessments and tracked remediation using Microsoft Defender, Qualys, and Nessus to mitigate organizational security risk.

Enhanced Microsoft 365 security posture through implementation of DLP, MFA, access controls, and compliance-focused security configurations

Delivered cybersecurity onboarding and security-awareness training programs to promote secure-use practices across the organization

Supported security investigations through SIEM, EDR, endpoint, identity, and network-security alert analysis

Strengthened Active Directory and Windows Server security through hardening initiatives, privilege restrictions, and security best practices.

Conducted cybersecurity risk assessments for critical infrastructure and water utility organizations using NIST-aligned methodologies.

Evaluated security controls, documented compliance gaps, and developed remediation recommendations to strengthen cybersecurity posture.

Facilitated tabletop exercises and cyber incident simulations to improve crisis response preparedness.

Trained employees on effective use of company software and tools.

Collaborated with vendors for procurement of IT supplies and equipment. Alert Logic April 2019 to July 2019

Cybersecurity Analyst

Houston, Texas

Accelerated incident investigations involving malware, brute-force attacks, reconnaissance activity, and web application threats

Improved threat-detection by monitoring Alert Logic SIEM and AWS GuardDuty security events

Analyzed logs and Snort IDS alerts to identify and respond to malicious activity.

Conducted investigations into unauthorized access, modifications, and malware infections to mitigate risks.

Drafted incident response reports and coordinated escalations to ensure timely resolution. Exchange Hub - Atlanta, Georgia December 2018 to March 2019 Cybersecurity Analyst (Trainee)

Atlanta, Georgia

Investigated anomalies in Splunk and network traffic logs to identify potential security threats.

Supported vulnerability assessments and ensured compliance alignment with NIST frameworks to enhance security posture.

Completed CompTIA CySA+ training and hands-on labs in SIEM, threat analysis, and vulnerability scanning.

Education

Universiti Kebangsaan Malaysia (UKM)

Master of Engineering: Communication And Computer Engineering Mehran University of Engineering & Technology

Bachelor of Engineering: Electronic Engineering

Certifications

EC-Council Certified Incident Handler (ECIH) - Dec 2024

CompTIA CySA+ - Dec 2022 CompTIA Security+ - Jul 2021 CSAP - Dec 2022

Microsoft Certified: Azure Fundamentals - Jul 2021 Azure Administrator - Jul 2021

Microsoft Certified: Information Protection Administrator - Nov 2022 Identity & Access Administrator - Oct 2022

APISEC University: OWASP API Security Top 10 and Beyond!

Fortinet Certified Associate in Cybersecurity - Jan 2025 TRAINING

AI Security

Training OWASP API Security

CCNA Routing & Switching (200-125)

IBM Enterprise Security in Practice

EC-Council: ISO/IEC 27001:2022

Certified in Risk and Information Systems Control (CRISC)



Contact this candidate