Kenneth Rawlings
Richmond,TX
Summary
Analytical and detail-oriented Cyber Security Engineer with 5+ years of experience in cybersecurity incident management, incident response, and risk mitigation. Skilled in API integration, identity & access management (IAM), and security policy development. Adept in firewall management, data loss prevention, and compliance auditing.
Overview
8
8
years of professional experience
1
1
Certificate
1
1
Identity & Access Administrator (SC-300)
1
1
OmpTIA Security+
1
1
Microsoft Azure Fundamentals (AZ-900)
1
1
Barracuda CloudGen Firewall (CGF01)
Work History
Cyber Security Onbaording Engineer
Cloud At Work
04.2023 - Current
- Deploy and manage Microsoft Defender XDR suite (Defender for Endpoint, Cloud Apps, Identity, and Office 365) to detect threats and automate incident response.
- Implement Data Loss Prevention (DLP) policies and Azure Information Protection to safeguard sensitive data across endpoints and cloud workloads.
- Lead centralized management of Microsoft Defender Antivirus, including policy tuning, threat remediation, and integration with Microsoft Sentinel (SIEM) for real-time monitoring.
- Design and execute SOAR automation playbooks in Microsoft Sentinel to reduce mean time to respond (MTTR).
- Conduct vulnerability assessments for Azure-based applications and endpoints, prioritizing remediation using Microsoft Defender for Cloud.
- Collaborate with SOC teams to resolve critical incidents, including advanced malware analysis and forensic investigations using Defender for Endpoint.
- Optimize SIEM alert rules in Microsoft Sentinel, reducing false positives through KQL query refinement.
Azure Cloud Security Analyst
Dexcare
04.2021 - 03.2023
- Managed Microsoft 365 Defender and Azure Security Center to monitor hybrid environments, ensuring compliance with ISO 27001 and NIST frameworks.
- Engineered conditional access policies and Zero Trust configurations to mitigate insider threats and unauthorized access.
- Automated threat-hunting workflows using Microsoft Sentinel, integrating logs from 5000+ endpoints and Azure resources.
- Developed threat models for Azure workloads, aligning with MITRE ATT&CK frameworks and Defender for Cloud Apps.
- Led response to a ransomware attack, isolating compromised endpoints via Defender for Endpoint and restoring data from Azure backups.
- Trained Tier 1 analysts on Defender XDR tools, improving SOC efficiency.
System Administrator
Addison Group
02.2017 - 04.2021
- Managed and maintained Windows and Linux servers, ensuring optimal performance and uptime
- Implemented and enforced security measures, including patch management, access controls, and endpoint protection
- Spearheaded end-user upgrade for 500+ PCs to Microsoft Windows 10.
- Help manage user accounts, permissions, and access controls
- Assist in managing network infrastructure, including routers, switches, firewalls, and VPNs
- Perform routine system backups and ensure data integrity and disaster recovery readiness
- Maintain system documentation, including network diagrams, configurations, and standard operating procedures
- Assist in implementing and enforcing security measures to protect systems from unauthorized access and cyber threats
- Collaborate with the IT team on IT projects and initiatives, contributing to system upgrades and enhancements
- Stay up to date with emerging technologies, industry trends, and best practices in system administration
- Conducted routine system backups and disaster recovery drills to ensure data integrity and business continuity
- Supported network infrastructure, including routers, switches, firewalls, and VPNs, to maintain secure connectivity
- Assisted in IT projects, including system upgrades, migrations, and security audits
Education
Bachelor of Science - Information Assurance and Security
American InterContinental University
05.2018
Skills
- Microsoft Defender Suite: Defender for Endpoint, Identity, Office 365, Cloud Apps, Sentinel (SIEM)
- Azure Security: Security Center, Key Vault, Conditional Access, Azure AD, Log Analytics
- Tools: KQL, PowerShell, Azure Automation, Intune, Power BI
- Frameworks: MITRE ATT&CK, NIST CSF, Zero Trust Architecture
- Tools & Platforms:
- Azure Security Center
- Microsoft 365 Security & Compliance Center
- Log Analytics
- Power BI (Data Insights Integration)
- SOAR Platforms (eg, Azure Logic Apps, Palo Alto Cortex XSOAR)
- Programming/Scripting:
- PowerShell, Python, KQL (Kusto Query Language)
Certification
- Microsoft Azure Fundamentals (AZ-900)
- M365 Security Administrator (MS-500)
- Identity & Access Administrator (SC-300)
- CompTIA Security+
- Barracuda CloudGen Firewall (CGF01)
- Azure Fundamentals (AZ-900)
Languages
English
Native or Bilingual
Timeline
Cyber Security Onbaording Engineer
Cloud At Work
04.2023 - Current
Azure Cloud Security Analyst
Dexcare
04.2021 - 03.2023
System Administrator
Addison Group
02.2017 - 04.2021
Bachelor of Science - Information Assurance and Security
American InterContinental University
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Quote
There is a powerful driving force inside every human being that, once unleashed, can make any vision, dream, or desire a reality.
Tony Robbins
Personal Information
Title: Cybersecurity Professional
Similar Profiles
Jerome ComminsJerome Commins
Individual / Professional Business Consultant at Cloud At Work Mauritius (CAW)Individual / Professional Business Consultant at Cloud At Work Mauritius (CAW)
RACHEL K. BARELARACHEL K. BARELA
President at St. Cloud State University Social Work AssociationPresident at St. Cloud State University Social Work Association
Mason BrownMason Brown
Sr. Operations Program Manager at Consensus Cloud Cloud SolutionsSr. Operations Program Manager at Consensus Cloud Cloud Solutions