Cybersecurity Analyst in Saas

Technical Skills

- Cloud Security (AWS, Azure, GCP)

- Risk & Vulnerability Assessment

- SIEM & SOAR Platforms (Splunk, Palo Alto Cortex XSOAR)

- Endpoint Detection & Response (EDR)

- Cloud Access Security Broker (CASB)

- Secure Development Lifecycle & DevSecOps

- Network Security & Firewall Management

- Penetration Testing & Red Teaming

- Encryption & Data Loss Prevention (DLP)

- Threat Intelligence & IOC Analysis

Soft Skills

- Analytical & Problem-Solving

- Communication & Cross-Functional Collaboration

- Incident Management & Crisis Response

- Continuous Learning & Adaptability

- Technical Documentation & Reporting

*Senior Cybersecurity Analyst | CloudSecure SaaS Inc.*

San Francisco, CA | June 2022 – Present

- Lead the development and implementation of real-time SIEM rules integrating threat intelligence feeds, reducing incident response time by 35%.

- Designed a cloud-native vulnerability scanning platform utilizing AWS Lambda and DynamoDB, enhancing automated remediation workflows.

- Conduct quarterly penetration tests and manage follow-up mitigation plans, improving SaaS application security posture by aligning compliance with SOC 2 and ISO 27001 standards.

- Collaborate with DevOps teams to embed security controls into CI/CD pipelines, fostering a DevSecOps culture across the organization.

- Conduct security awareness training sessions for engineering teams, decreasing phishing susceptibility by 20%.

*Cybersecurity Analyst | DataShield SaaS Solutions*

Remote | Jan 2020 – May 2022

- Monitored and analyzed security alerts using Splunk, performing root cause analysis for high-priority incidents across multiple SaaS platforms.

- Implemented multifactor authentication and identity access management strategies, successfully reducing unauthorized access attempts by 40%.

- Conducted quarterly risk assessments and updated security policies in line with evolving cloud security landscapes and compliance frameworks.

- Partnered with product teams to develop secure coding standards and review code for vulnerabilities before deployment.

*Security Operations Engineer | CloudForte Technologies*

San Jose, CA | Jun 2018 – Dec 2019

- Managed cloud security configurations across GCP and Azure environments, including Identity & Access Management (IAM) and network security controls.

- Developed automation scripts (Python, Bash) to streamline log aggregation and threat detection processes, improving detection accuracy.

- Supported incident response efforts during security breaches, coordinating with forensic teams and documenting lessons learned.

**Bachelor of Science in Cybersecurity**

University of California, Berkeley

Graduated: 2017

- Certified Cloud Security Professional (CCSP) – 2023

- Offensive Security Certified Professional (OSCP) – 2022

- AWS Certified Security – Specialty – 2023

- ISO/IEC 27001 Lead Implementer – 2024

Automated Cloud Security Framework

Led a project to develop an automated security framework utilizing AWS Lambda, GuardDuty, and Config Rules, reducing manual intervention by 50% and enabling continuous compliance monitoring for a multi-tenant SaaS platform.

Threat Intelligence Platform Integration

Integrated AI-driven threat intelligence feeds (Anomali) into SIEM workflows, enabling proactive identification of emerging threats. This initiative resulted in early detection of a zero-day vulnerability exploited in the industry.

- English (Native)

- Spanish (Professional Working Proficiency)