Summary
Overview
Work History
Education
Skills
Websites
Certification
Training
Clearance
Technical Competencies
Timeline
Generic

ALHAJI S. KARGBO

Severn

Summary

Experienced Senior Cybersecurity Engineer with a strong track record in designing and implementing robust security architectures. Skilled in threat detection, incident response, and risk management, with extensive experience deploying security solutions across various sectors. Adept at leveraging data-driven KPIs to enhance cybersecurity defenses and ensure system integrity.

Overview

17
17
years of professional experience
1
1
Certification

Work History

Senior Security Engineer (US Air Force – SABRE Project)

Decisions Oriented
Odenton
06.2024 - Current
  • As a Senior Security Engineer, I am responsible for the design, development, implementation, and management of SIEM in a classified on-premises private cloud environment
  • The private cloud, known as the Secret and Below Releasable Environment (SABRE), will be the cloud of choice to share and collaborate with the US Department of Defense and our allied partners from other nations across the globe (totaling 52 agencies and countries)
  • I focused on leveraging Splunk's capabilities to provide actionable insights, enhance security posture, and optimize operational performance
  • My role requires deep technical expertise in Splunk architecture, data onboarding, and advanced search capabilities
  • I work closely with cross-functional teams, including IT, security, and operations, to ensure the efficient and effective use of Splunk in monitoring, security, and troubleshooting
  • Develop and maintain a robust and scalable Splunk architecture, including indexers, search heads, forwarders, and clustering configurations
  • Lead efforts to onboard various data sources into Splunk, ensuring data is ingested, parsed, and indexed correctly for optimal search and reporting capabilities
  • Create complex Splunk queries, dashboards, and reports to provide insights and visualizations that meet business requirements
  • Implement and manage security monitoring and alerting solutions within Splunk, including the development of correlation searches and incident detection rules
  • Analyze and optimize the performance of Splunk environments, including search performance tuning, index management, and resource allocation
  • Provide advanced troubleshooting and support for Splunk-related issues, including log analysis, error resolution, and root cause identification
  • Create and maintain detailed documentation of Splunk configurations, best practices, and procedures
  • Provide training and mentoring to junior team members and end-users
  • Assist in ensuring that Splunk implementations comply with relevant regulatory and compliance requirements, and support audit activities as needed

SOC Manager (Federal Client)

Electrosoft
Reston
02.2024 - 06.2024
  • Manage security operations, leading collaborations with a team of highly talented SOC Analysts to deliver tailored solutions for esteemed government clients
  • The advisory role involves guiding clients on threats and malware in the wild, advocating best security practices, and navigating approval processes
  • Oversee all enterprise-wide incident reporting, including review for compliance with established standards and appropriate follow up activities
  • Develop and maintain Standard Operating Procedures for security analyst roles and responsibilities
  • Understand the internal SOC technologies and security feeds (firewall, router, switch) for device upgrades and patches for remediation and eradication procedures
  • Lead and develop a well-trained SOC Team with core competencies necessary to manage risk, stay ahead of security threats or position team to effectively mitigate risk
  • Provide oversight for and ensure completion of routine activities related to travel, event, and executive security
  • Responsible for administrative and other support duties, to include scheduling, training, onboarding, and collection of metrics
  • Delegate unassigned newly submitted tickets to analysts keeping in mind current workloads and availability
  • Manage between 10-15 SOC Analysts; from Tier 1 to Tier 3 Analysts in a 24 hours SOC operations
  • Oversee all integration into Elasticsearch from different logs sources, and help create dashboards and reports

Security Delivery Engineer Manager (Federal Client)

Accenture Federal Services
Arlington
06.2019 - 03.2024
  • Manage various projects and programs, leading collaborations with a team of highly talented experts to deliver tailored solutions for esteemed government clients
  • Oversee skilled analysts and engineers developing comprehensive blueprints for augmenting ICAM, SOC, Vulnerability Management, DLP, and other projects
  • The advisory role involves guiding clients on design principles, advocating best security practices, and navigating approval processes
  • Conducting thorough cybersecurity and technology process reviews, identifies operational gaps
  • Leveraging expertise to design innovative, effective solutions enhances cybersecurity posture, streamlines daily processes, and optimizes IT efficiencies
  • The commitment to thrive through continuous research, analysis, and design drives resolving existing challenges and delivering improved solutions
  • Research and translate risk information on Identity Credential Access Management (ICAM) capabilities to support client’s Zero Trust Architecture mandates
  • Perform in-depth gap analysis assessment of existing Identity Credential Access Management (ICAM) capabilities to identify capability gaps
  • Make recommendations from identified capability gaps to increase cybersecurity, improve daily operations, and gain IT efficiencies
  • Develop ICAM Privilege Access Management (PAM) solution blueprint, detailed design, and privileged user management target state roadmap
  • Lead team of Analysts and Engineers to redevelop and improve an effective SOC program
  • Lead and develop a team of diverse Analysts and Engineers that execute the functions of an effective Security Operations program
  • Gather artifacts, assess, and analyze the present working solution, and recommend alternative solutions with proof of value and cost
  • Enhance Splunk and improve SOC processes, follow best practices for notable events, data models, correlation searches, assets and identity, threat intelligence, UEBA, etc
  • Lead and serve as an SME for CASB solution; configure, manage, operate, and administer the solution, serving as an escalation point for critical and complex client issues
  • Lead and serve as vulnerability management specialist, managing and maintaining tenable for both compliance and vulnerability management
  • Demonstrate experience in end-to-end deployment of Identity Access Management (IAM) and SSO solutions
  • Experience with planning, implementation, and operations

Security Engineer

ICMA-RC
Washington
01.2014 - 06.2019
  • Responsible for maintaining and administering IT security controls that ensured all corporate data's confidentiality, integrity, and availability (CIA)
  • Supporting the strategic Information Security Plan was a crucial function of my role
  • In this capacity, I implemented, configured, and maintained industry-standard cyber defense capabilities, including web content filters, advanced log analysis, network monitoring, packet capture analysis, firewalls, anti-virus capabilities, vulnerability management, and configuration management
  • Oversaw relationships with third-party security vendors to ensure the security of external systems and applications are following security standards
  • Established and continuously provided high-level reports to senior management on cyber-hygiene; vulnerability, Security Configuration and Security Awareness, sharing monthly KPI’s
  • Focused on platform compliance trends and deficiencies
  • Assisted in deploying and maintaining Cloud Access Security Broker Solution (CASB), specifically Microsoft Cloud App Security
  • Participated in conducting security research on new technology, threats, and remediation techniques, make recommendations to System Admins, developers and other technical teams and oversee their implementation based on the recommended solutions
  • Served as backup managing privileged account access in CyberArk, used discovery, accounts feed and bulk uploads (About 400+ service accounts, local administrator accounts and other critical privileged accounts), from windows, Linux, and Unix platforms, including supported applications
  • Created policies and ran reports to identify privileged access that needs attention (not active for specific period or exceeded password change period) in CyberArk

IT Security Coordinator

University Health Center, UMD
College Park
02.2008 - 12.2013
  • Managed the entire Information Technology Infrastructure and Security
  • I was responsible to design, develop and roadmap streamlined infrastructural solutions in line with the organizational strategy
  • In this capacity, I worked closely with different departments in the university and external partners to establish harmonization and standardization in implementing technology and security solutions
  • Of equal significance to my function was the governance of the solutions, ensuring the integrity and standard of the critical systems and applications remained secured
  • I also oversaw the overall operational environment of the UHC infrastructure and ensured that it met the established university standards for security, regulatory compliance, and functionality
  • In addition, I played a significant role in the transition from manual to electronic health records, including the implementation, deployment, and management of the EHR system, which featured a variety of operating systems, applications, and network configurations

Education

MS / MBA -

University of Maryland Global Campus
Adelphi, MD

Bachelor of Science -

Bowie State University
Bowie, MD

Skills

  • Security Audits
  • Network Security
  • Identity and Access Management
  • Scrum
  • Intrusion Detection
  • DevSecOps
  • Vulnerability Management
  • Configuration Management
  • Governance Risk Compliance
  • Endpoint Security
  • Risk Management Framework
  • Cloud Security
  • Data Loss Prevention
  • Cloud Application Security Broker
  • Threat Mitigation
  • Project Management
  • Security Operations Center
  • Zero Trust Architecture
  • Privilege Access Management
  • Windows
  • Linux
  • AWS
  • Azure
  • Palo Alto
  • Cisco
  • RHEL
  • Kubernete
  • Virtru
  • Docker
  • IBoss
  • Crowdstrike
  • Tanium
  • Cylance
  • DBprotect
  • CyberArk
  • Tenable
  • Tripwire
  • Okta
  • Vmware
  • Splunk
  • Delinea
  • PingFederate
  • PingDirectory
  • Microsoft Cloud App Security
  • Jira
  • Carbon Black
  • Splunk Enterprise
  • Fortinet
  • SolarWinds Orion NPM
  • ArcSight
  • QRadar
  • Action Remedy Trouble Management System
  • Cisco ASA
  • Symantec
  • Microsoft Defender
  • Rapid 7
  • Netskope
  • McAfee Mvision
  • Varonis
  • Qualys
  • Microsoft CASB
  • DbProtect
  • Thales
  • Trustwave
  • Terraform
  • Postman
  • MCAS
  • O365
  • ServiceNow
  • Confluence
  • Salesforce
  • Websense
  • Jenkins
  • Ansible
  • Harshicorp
  • NIST 800-53
  • FISMA
  • HIPAA
  • PCI-DSS
  • FedRamp
  • OWASP Top 10
  • SANS Top 20
  • GDPR
  • ICAM
  • PAM
  • Python
  • Bash
  • HTML
  • SQL
  • PHP
  • Shell Scripting
  • JavaScript
  • SIEM management
  • Splunk architecture
  • Incident detection
  • Security monitoring
  • Vulnerability management
  • Threat analysis
  • Risk assessment
  • Project management
  • Team leadership
  • Operational compliance
  • Effective communication
  • Problem solving
  • Virtualization security
  • Mobile device security
  • Disaster recovery strategies
  • Network security expertise
  • Web application firewall management
  • Threat intelligence analysis
  • Malware analysis and reverse engineering
  • Identity and Access management
  • Data encryption techniques
  • Vulnerability assessment expertise
  • Wireless network security
  • Two-factor authentication implementation
  • Firewall configuration and management
  • Security awareness training
  • Intrusion detection systems
  • Ethical hacking techniques
  • Security risk assessment
  • Incident response management
  • Operating system hardening
  • Public key infrastructure management
  • Security architecture design
  • Cloud security management
  • Security policy development
  • Penetration testing skills
  • Virtual private networks
  • Active directory
  • Penetration testing
  • Access control management
  • Network monitoring
  • Secure network architecture
  • Data loss prevention
  • Intrusion detection
  • Disaster recovery planning
  • Encryption techniques
  • Endpoint protection
  • Incident logging oversight
  • Patch management
  • Network security management
  • Ethical hacking
  • Vulnerability assessment
  • Incident response

Websites

Certification

  • CISM
  • CEH
  • CND
  • CEI
  • OKTA
  • SEC+
  • SAFe 5
  • SAFe DevOps
  • SAFe DevSecOps
  • PAM-DEFENDER
  • PAM-SENTRY

Training

  • Tanium
  • Cylance
  • SANS Cloud Security Architecture & Operations
  • SANS Virtualization & Software Defined Security
  • SANS Continuous Monitoring & Security Operations
  • Splunk
  • CyberArk
  • Tripwire

Clearance

INTERIM SECRET

Technical Competencies

Windows, Linux, AWS, Azure, Palo Alto, Cisco, RHEL, Docker, iBoss, Crowdstrike, Tanium, Cylance, dBprotect, CyberArk, Tenable, Tripwire, Okta, Vmware, Splunk, Delinea, PingFederate, Tenable, Microsoft Cloud App Security, Jira, Carbon Black, Alert Logic, Bit Warden, Splunk Enterprise, Palo Alto, Fortinet, RSA AM, Tripwire, SolarWinds Orion NPM, ArcSight, QRadar, Action Remedy Trouble Management System, Cisco ASA, Symantec, Microsoft Defender, Rapid 7, Crowdstrike, Netskope, McAfee Mvision, Okta, Varonis, CyberArk, Qualys, Cylance, Microsoft CASB, DbProtect, Tanium, Thales, Trustwave, Iboss, Terraform, Postman, MCAS, O365, Netskope, ServiceNow, Confluence, Salesforce, Websense, Jenkins, Ansible, Harshicorp, NIST 800-53, FISMA, HIPAA, PCI-DSS, FedRamp, OWASP Top 10, SANS Top 20, GDPR, ICAM, PAM, Python, Bash, HTML, SQL, PHP, Shell Scripting, JavaScript

Timeline

Senior Security Engineer (US Air Force – SABRE Project)

Decisions Oriented
06.2024 - Current

SOC Manager (Federal Client)

Electrosoft
02.2024 - 06.2024

Security Delivery Engineer Manager (Federal Client)

Accenture Federal Services
06.2019 - 03.2024

Security Engineer

ICMA-RC
01.2014 - 06.2019

IT Security Coordinator

University Health Center, UMD
02.2008 - 12.2013

MS / MBA -

University of Maryland Global Campus

Bachelor of Science -

Bowie State University

Similar Profiles

  • Saif AlaniSaif Alani

    Senior Network Security Engineer- SME at Parexel internationalSenior Network Security Engineer- SME at Parexel international

  • Xai VangXai Vang

    Senior Network Security Engineer at McKessonSenior Network Security Engineer at McKesson

  • APPAKUTTY E. KALAINESANAPPAKUTTY E. KALAINESAN

    Senior Principal Application Security Architect | IoT Product Security Lead at OWL LABS INC.Senior Principal Application Security Architect | IoT Product Security Lead at OWL LABS INC.

  • Prince SibandaPrince Sibanda

    Senior Security Engineer at IguardsaSenior Security Engineer at Iguardsa

CREATE PROFILE
ALHAJI S. KARGBO