kelvin Odarikpe

Triaged and monitored 120+ weekly security alerts across Datadog, ELK Cloud SIEM, Microsoft Defender for Endpoint, and SentinelOne, escalating confirmed incidents with MITRE ATT&CK mapping and containment details. Built and tuned 25+ correlation rules/monitors, reducing SIEM false positives by 40% and improving MITRE ATT&CK coverage from 6 to 14 tactics.

Stood up Azure Sentinel with Microsoft Defender for Endpoint and Purview DLP, running on-call and owning first response for security alerts in a 142-person remote-first SaaS. Contained credential-compromise attempts within 24 hours and improved security escalation accuracy from 35% to 91% while cutting escalation time by 65% using runbooks and Tier 1→2→3 processes.

Built the central SIEM pipeline (ELK + Kibana) to reach 100% log coverage, closing 12 monitoring blind spots via Filebeat, Metricbeat, syslog, and Azure Monitor telemetry. Hardened Linux/Windows Server to CIS Level 1 and reduced open critical CVEs by 78% within 60 days, while improving Kubernetes workload security and producing weekly posture reports.

Served as a first-line triage analyst for endpoint and identity alerts, performing process/file/network investigation and escalating confirmed incidents with evidence and severity classification. Standardized runbook-driven diagnostics, cutting MTTR on endpoint incidents by 45%, and improved Intune endpoint compliance to 97% within 45 days.

Supported GDPR healthcare security by administering Active Directory/Entra ID and building access-log monitoring and privilege-usage reporting for downstream detection use cases. Architected enterprise SSO (SAML 2.0) and automated RBAC provisioning across 15+ apps, eliminating 100% orphaned accounts within 30 days and revoking 230+ excessive privilege assignments.

Completed a B.Sc. in Computer Engineering at Abubakar Tafawa Balewa University in Nigeria.

Earned an M.Sc. in Computer & Information Systems at Arden University in Berlin.