Aman Singh

Integrated ReliaQuest GreyMatter MDR with Splunk, SentinelOne, Microsoft Defender, Armis, and Tanium; built MITRE ATT&CK-aligned detections, CIM-compliant correlation searches, and Risk-Based Alerting to reduce false positives and improve MTTR. Developed automated asset aggregation (Python/PowerShell) and scoring models exposed in Splunk to prioritize remediation and drive coverage KPIs.

Optimized Palo Alto Prisma Cloud for CSPM and implemented Thycotic IAM policies; integrated Anomali ThreatStream with QRadar and created detection rules to automate correlation and improve SOC workflows. Implemented DLP policies in Microsoft Purview and performed vulnerability scans for IT and ICS/OT environments to reduce exposure.

Supported incident response and threat intelligence operations by integrating Recorded Future, Anomali ThreatStream, and Splunk Phantom SOAR to automate detection and reduce response times; performed risk assessments and threat hunting across cloud and ICS/OT environments. Developed custom scripts (Python/Bash/PowerShell) to automate log parsing, detection, and compliance checks.

Led deployment and migration to McAfee Endpoint Security and Proofpoint DLP, onboarded diverse log sources into Splunk, tuned indexer/search resources, and automated compliance reporting to meet HIPAA/HITRUST requirements. Deployed Tanium EDR and CyberArk PAM while driving vulnerability management and SOC automation with Splunk Phantom.

Performed SAST/DAST and penetration testing using AppScan, Checkmarx, Veracode, Burp Suite, and OWASP ZAP; integrated security testing into the SDLC and produced remediation guidance to address OWASP Top 10 and critical web vulnerabilities. Developed custom Nessus audit scripts and standardized security testing protocols.

Deployed McAfee Endpoint and DLP, maintained QRadar SIEM dashboards, and conducted vulnerability assessments with Nessus and Rapid7 to prioritize remediation aligned with HIPAA and NIST. Investigated incidents using QRadar and McAfee ePO and automated reporting to improve SOC responsiveness.

Managed CyberArk PAM, administered Active Directory, deployed Splunk Enterprise with distributed forwarders, and developed detection dashboards and runbooks to operationalize MITRE ATT&CK-based detections. Led upgrades, ingestion monitoring, and delivered analyst training and SOPs for incident handoffs.

Pursuing a Doctor of Science in Information Technology beginning January 2022 and currently enrolled.

Completed a Master of Science program focused on Cybersecurity, Forensics, and Counterterrorism from September 2017 to December 2018.