Plano, Texas, United States
I’m a cybersecurity engineer with hands-on experience across cloud security, SIEM operations, incident response, and threat simulation. My background includes working in both academic and enterprise settings to implement security tools, build detection pipelines, and conduct red team simulations. At SUNY-FMCC, I currently manage a cloud-based cyber range built on AWS, where I lead training sessions using MITRE ATT&CK techniques, Splunk dashboards, and QRadar rule tuning. I’ve delivered incident response and threat-hunting exercises to over 80 students in real-time attack environments. During my cybersecurity internship with a red team project partnered with the NSA, I focused on OWASP Top 10 testing, cloud vulnerability analysis, and AWS Security Hub automation. I also bring previous experience in compliance-driven environments, working on PCI DSS and ISO 27001 audits, firewall and VPN configuration, and vulnerability remediation using tools like Nessus and IBM AppScan. I’m passionate about threat detection, cloud infrastructure defense, and building scalable security operations. Tools & Platforms: Splunk, QRadar, Burp Suite, Nessus, AWS IAM, AWS WAF, IBM AppScan, GuardDuty, Python, Bash, Wireshark Interests: SIEM Tuning ,Cloud Security,Vulnerability Management, MITRE ATT&CK, Incident Response, Red Teaming, Threat Hunting
1.Coordinated logistics and team support for NCAA athletic events as part of campus operations during graduate studies. 2.Managed event-day scheduling, volunteer coordination, and compliance with NCAA and American East Conference protocols.
-Worked with the Assistant Dean of Athletics to streamline the Athletics Administration office. -Coordinated sporting activities to ensure seamless logistics and participant participation. -Enhanced workplace organization and efficiency by managing administrative chores including data entry, document preparation, and filing. - Facilitated communication and addressed problems between student athletes, coaching staff, and Athletics Administration. - Used Microsoft Office Suite to create aesthetically attractive presentations and reports for internal and external audiences. - Executed community engagement programs with cross-functional teams to improve university-community connections.
1.Conducted red team exercises simulating OWASP Top 10 attacks on web and cloud applications 2.Used Burp Suite, Nessus, and Checkmarx for manual and automated vulnerability assessments 3.Developed automated threat scanning pipelines using AWS Security Hub and GuardDuty 4.Contributed to threat modeling using MITRE ATT&CK and STIX/TAXII frameworks 5.Documented incident timelines, IOCs, and security control gaps during testing sessions 6.Supported data loss prevention testing and email phishing simulation workflows
1.Performed web application security testing using IBM AppScan, OWASP ZAP, and Burp Suite 2.Automated SIEM alert triage scripts using Python to reduce false positives and improve detection 3.Conducted PCI DSS and ISO 27001 compliance audits for enterprise systems 4.Deployed and tuned IDS/IPS, VPNs, and firewall rules for on-prem and hybrid infrastructure 5.Created vulnerability reports and CVE remediation plans using Nessus and internal scanning tools 6.Collaborated with dev teams to ensure secure SDLC practices and code-level fix recommendations