David Ujah

Lead security engineer responsible for enterprise-wide cybersecurity across a $5B nationwide retail organization. Designed, deployed, and operated Microsoft Sentinel SIEM to centralize security monitoring across Azure, AWS, endpoints, and network infrastructure.

Built advanced KQL detection rules and analytic workflows to identify credential abuse, malicious API activity, firewall attacks, and endpoint threats. Integrated CrowdStrike Falcon (EDR, Identity Protection, USB Control) into Sentinel to enable real-time detection and response.

Architected and deployed AWS GuardDuty export pipelines using encrypted S3, SNS, and Azure ingestion to provide full cloud threat visibility inside Microsoft Sentinel. Enabled GuardDuty Runtime Monitoring, DNS logs, VPC Flow Logs, and Kubernetes audit logs.

Developed automated incident response and reporting using Azure Logic Apps, including Teams alerts, threat-intelligence enrichment, and leadership-level security reports.

Designed zero-trust security controls using Microsoft Entra Conditional Access and CrowdStrike Identity Protection to enforce MFA and device-based access.

Integrated Fortinet FortiGate firewall logs to detect intrusion attempts, botnet activity, IPS events, and malicious traffic across stores, warehouses, and corporate networks.

Own security architecture, detection engineering, cloud threat visibility, and security automation for the organization.

Monitored enterprise systems for security threats, intrusions, and suspicious activity across endpoints, servers, and network infrastructure. Investigated security incidents to determine root cause, impact, and remediation actions.

Performed vulnerability assessments and assisted with remediation efforts to reduce security risk across corporate systems. Maintained security and disaster recovery documentation to support compliance and incident response readiness.

Implemented and maintained security tools used for threat detection, prevention, and analysis. Deployed and managed firewalls and data encryption to protect sensitive systems and company data.

Provided cybersecurity operations and risk management support for Amazon Robotics manufacturing and enterprise environments. Analyzed system and network risk, and implemented security countermeasures to protect critical infrastructure.

Managed user authentication and access control, maintained firewalls and encryption, and ensured systems were patched and hardened against vulnerabilities. Investigated security incidents and data breaches to determine impact and remediation steps.

Conducted vulnerability assessments, penetration testing, and digital forensics to identify security weaknesses. Collaborated with cross-functional teams to implement security policies, disaster recovery plans, and security awareness programs.