Aryan Singla

Senior Security Technical Analyst

E-mail:[email protected]
Phone no: 610 245 8421

Senior Security Technical Analyst

A highly skilled and results-driven Security Technical Analyst with extensive expertise in Privileged Access
Management (PAM), CyberArk, and Microsoft Security Solutions. With a strong background in securing and
managing Microsoft environments, including Active Directory (AD), GPO, LDAP, Kerberos, MFA, Microsoft
Defender, and Microsoft Certificate Services, I specialize in implementing robust PAM solutions and ensuring the
security of organizational systems against evolving cyber threats. Proficient in PowerShell scripting and
automation, I excel at troubleshooting and resolving complex security issues efficiently. My expertise also extends to
Microsoft Entra ID, Conditional Access, and security for cloud-based environments, enabling the protection of
sensitive data and systems in hybrid and cloud environments. With a proven track record of managing security
incidents, conducting forensic analysis, and delivering comprehensive threat intelligence, I am dedicated to
safeguarding critical infrastructure while optimizing security processes.

Summary:
● Over 25+ years of experience in security incident response, forensic analysis, and cyber threat intelligence.
● Expertise in identifying and assessing threats to critical systems and data, with a strong ability to monitor,
respond to, and mitigate security risks.
● Skilled in responding to and investigating security intrusions and malicious activities, using advanced tools
and techniques.
● Proficient in performing thorough forensic analysis using security tools, ensuring accurate identification
and remediation of cyber threats.
● Adept at processing and utilizing Threat Intelligence (TI) to derive actionable intelligence that informs
proactive defense strategies.
● Solid understanding of security frameworks and standards such as ISO 27001/27002, NIST 800-53, PCI
DSS, and CIS Controls, ensuring compliance with organizational security requirements.
● Lead efforts in incident containment, eradication, and recovery, ensuring business continuity and
minimizing operational impact.
● Successfully deployed and configured Microsoft Defender for Identity and Defender for Office in
enterprise environments, ensuring integration with existing security infrastructure, enhancing threat
detection and response capabilities
● Led the integration of security tools and infrastructure during M&A activities, ensuring seamless migration
and security compliance for newly acquired companies, and providing security advisories to senior
leadership during divestitures.
● Implemented and managed Role-Based Access Control (RBAC) and Attribute-Based Access Control
(ABAC) across enterprise environments, ensuring secure and granular access management for users and
applications.
● Leveraged Identity and Access Management (IAM) tools to define roles, permissions, and access policies
that align with business needs while maintaining security compliance.
● Ensured the enforcement of least-privilege principles and provided detailed access audits, including role
assignments and policy reviews.
● Applied data protection controls across critical applications, ensuring data integrity, confidentiality, and
compliance with regulatory standards like GDPR and HIPAA.
● Designed encryption strategies for data at rest and in transit, leveraging industry-standard encryption
algorithms and secure protocols to safeguard sensitive information.
● Implemented data masking, tokenization, and access controls for highly sensitive data to prevent
unauthorized access and reduce potential attack surfaces.
● Architected and maintained high-performance database solutions using Oracle and Postgres, optimizing
data access patterns for scalability and speed.
● Integrated NoSQL databases like Cassandra and MongoDB for handling unstructured data in distributed
and cloud environments, ensuring seamless interaction with legacy systems.
● Developed data migration strategies and optimized database performance, including query optimization,
indexing, and partitioning techniques.
● Developed and optimized Java and Python applications, leveraging frameworks like Spring and Flask for
scalable, maintainable software solutions.
● Integrated React and JavaScript for building dynamic, user-centric front-end applications with rich user
interfaces, ensuring a responsive and smooth user experience.
● Automated processes with C# for system integration and backend service development, ensuring high-
efficiency workflows and minimal downtime.
● Designed and developed secure RESTful APIs and GraphQL interfaces, ensuring secure, efficient
communication between services, both internally and externally.
● Integrated security protocols like OAuth 2.0 and JWT for API authentication and authorization, preventing
unauthorized access and maintaining the integrity of sensitive data.
● Optimized API performance through caching strategies, rate-limiting, and load balancing, ensuring fast and
reliable service delivery under heavy loads.
● Led the deployment and configuration of various security tools, including Microsoft Defender for Cloud,
Azure Front Door, and Zscaler, ensuring full integration with enterprise security strategies, strengthening
the organization’s security posture.
● Conducted security reviews and risk assessments for enterprise infrastructure, identifying vulnerabilities
and implementing mitigation strategies across hybrid cloud environments, ensuring compliance with
organizational security standards.
● Collaborated with CTOs, CISOs, and cross-functional security teams to ensure alignment on security
strategies during M&A and tool integrations, while providing clear and actionable security guidance for
senior leadership.
● Strong collaborator, working with internal teams and external partners to assess and mitigate security
threats and risks to the organization.
● Ability to lead and mentor teams, providing guidance on forensics, incident response procedures, and
overall security management.
● Proven experience in managing security projects, including setting priorities, managing timelines, and
ensuring that critical tasks are completed on time.
● Skilled at identifying potential security risks and recommending solutions to reduce vulnerabilities in the
organization’s infrastructure.
● Expertise in preparing and presenting security reports, incident documentation, and C4 model
documentation to track incidents and propose improvements.
● Strong analytical and critical thinking skills to assess and resolve security issues, ensuring the safety of
organizational assets.
● Deep knowledge of industry regulations such as HIPAA, GLBA, PCI-DSS, and NIST CSF, ensuring
compliance with security standards.
● Proven ability to mentor junior staff, transfer knowledge, and build a strong team of security professionals.
● Skilled in identifying vulnerabilities in security systems and applying Indicators of Compromise (IOCs) to
prevent future risks.
● Hands-on experience with recovering from security incidents, ensuring a smooth recovery process while
minimizing the impact on operations.
● Strong ability to communicate complex technical issues to both technical and non-technical stakeholders,
ensuring clear understanding and informed decision-making.
● Capable of managing multiple security incidents and projects simultaneously while maintaining high
standards of quality and efficiency.
● Holder of CISSP, CCFP, or equivalent certifications (e.g., CISM, CISA, CHFI), bringing industry-
recognized expertise to the security team.
● Expertise in deploying and managing CyberArk PAM solutions to secure privileged access to critical
systems and applications within Microsoft environments.
● Extensive experience with Active Directory (AD), Group Policy Objects (GPO), LDAP, and Kerberos to
manage identities, access control, and authentication protocols in enterprise environments.
● Skilled in implementing Microsoft Entra ID, Multi-Factor Authentication (MFA), and Conditional Access
policies to secure user access and protect against unauthorized access.
Certifications & Education:
● AWS Certified Cloud Practitioner - By Amazon Web Services
● Gen AI
● CyberArk Certified Sentry (CCS)
● Microsoft Certified: Identity and Access Administrator Associate
● Microsoft Certified: Azure Security Engineer Associate
● Certified Information Systems Security Professional (CISSP)
● Microsoft Certified: Security, Compliance, and Identity Fundamentals
● Certified Information Security Manager (CISM)
● MarkLogic Fundamentals – By MarkLogic University
● Bachelor of Engineering (B.E.) in Electronics & Communication, from MIT Manipal, India 2000

PROFESSIONAL EXPERIENCE:
Silver Cross Hospital, New Lenox, IL
Jan 2020 – Present
Security Incident Response Lead

Responsibilities:
● Led and coordinated the incident response team, ensuring effective containment and resolution of security
incidents.
● Analyzed and documented security events, providing detailed reports to management and stakeholders.
● Managed the forensic analysis of security breaches, utilizing industry-standard tools and techniques.
● Conducted root cause analysis to identify vulnerabilities, and implemented measures to prevent future
security incidents.
● Successfully deployed and configured Microsoft Defender for Identity and Defender for Office in enterprise
environments, ensuring integration with existing security infrastructure, enhancing threat detection and
response capabilities.
● Led the integration of security tools and infrastructure during M&A activities, ensuring seamless migration
and security compliance for newly acquired companies, and providing security advisories to senior
leadership during divestitures.
● Led the deployment and configuration of various security tools, including Microsoft Defender for Cloud,
Azure Front Door, and Zscaler, ensuring full integration with enterprise security strategies, strengthening the
organization’s security posture.
● Conducted security reviews and risk assessments for enterprise infrastructure, identifying vulnerabilities and
implementing mitigation strategies across hybrid cloud environments, ensuring compliance with
organizational security standards.
● Collaborated with CTOs, CISOs, and cross-functional security teams to ensure alignment on security
strategies during M&A and tool integrations, while providing clear and actionable security guidance for
senior leadership.
● Led the implementation of RBAC and ABAC for role assignment, user permissions, and secure
authentication across the client’s cloud-based and on-premise applications.
● Integrated Azure Active Directory (AAD) with RBAC to streamline role assignments and automate access
controls, ensuring compliance with internal and external regulations.
● Ensured proper access governance through regular reviews of user roles and permissions, identifying and
remediating any over-privileged accounts.
● Enforced robust data protection measures by integrating encryption, access control, and data masking within
the client’s application stack to safeguard sensitive data.
● Conducted threat modeling and risk assessments to identify potential data vulnerabilities and implemented
proactive mitigation measures, including endpoint protection and access logging.
● Integrated data loss prevention (DLP) tools to prevent accidental or intentional data exfiltration across
multiple applications.
 ● Architected secure and scalable Oracle and Postgres database environments, implementing backup
strategies, data replication, and disaster recovery solutions to ensure data availability.
● Optimized database performance by analyzing slow queries and utilizing indexing and partitioning, resulting
in a 40% reduction in query execution time.
● Migrated data from legacy systems to NoSQL databases like Cassandra and MongoDB, ensuring a seamless
transition without data loss.
● Developed backend services using Java and Python, ensuring high-performance execution and seamless
integration with external systems.
● Built robust RESTful APIs to connect cloud-based services with the on-prem systems, implementing
advanced security protocols for authentication and authorization.
● Utilized React for the client’s web-based applications, ensuring real-time updates and a user-friendly
interface across all platforms.
● Developed and secured RESTful APIs to facilitate communication between the client’s backend systems
and third-party services, implementing OAuth and JWT for secure, token-based authentication.
● Optimized API performance through the use of caching, rate-limiting, and load balancing, enabling
consistent response times even during high traffic periods.
● Created detailed API documentation to ensure easy integration and adoption by the development team and
third-party vendors.
● Oversaw the integration of Indicators of Compromise (IOCs) into security operations to improve threat
identification and prevention.
● Provided leadership and mentorship to junior incident response team members, fostering a collaborative and
proactive security culture.
● Advised senior leadership on security trends, incident metrics, and overall incident response strategies.
● Managed the documentation of all security incidents, ensuring accurate logs and comprehensive post-
incident reporting.
● Configured Privileged Session Management (PSM) to capture, monitor, and record privileged access
sessions to detect and prevent potential security threats.
● Integrated CyberArk with Active Directory for seamless management of privileged identities and account
permissions within the Microsoft ecosystem.
● Ensured compliance with industry regulations by aligning CyberArk policies with organizational security
standards and best practices.

Heartland Financial USA, Inc. Rockford, IL

Feb 2015 – Dec 2020
Forensic Analyst.
Responsibilities:
● Led forensic investigations of security breaches, employing industry-standard tools like EnCase, FTK, and
X1 Social Discovery.
● Conducted data recovery from compromised systems, ensuring that evidence was preserved for future legal
and compliance needs.
● Analyzed network traffic and log files to trace malicious activities and identify the origin of cyberattacks.
● Applied forensic methodologies to determine attack vectors and recommend solutions to enhance the
organization's overall security posture.
● Identified data exfiltration incidents and tracked the movement of sensitive information across internal and
external networks.
● Utilized advanced tools to analyze malicious payloads and provide actionable intelligence for the incident
response team.
● Conducted data integrity checks to ensure the accuracy and consistency of evidence, preventing
contamination of forensic data.
● Collaborated with internal and external stakeholders to ensure a complete and secure analysis of forensic
data, ensuring compliance with relevant standards.
● Assisted in legal and regulatory reporting by providing clear and concise forensic findings for investigators
and auditors.
● Developed and maintained forensic procedures and best practices for analyzing and reporting on security
incidents.
 ● Designed and implemented ABAC and RBAC within the client’s enterprise applications to manage access
policies based on user roles, attributes, and compliance requirements, leveraging Azure Active Directory for
IAM policy enhancement.
● Applied robust data security strategies, including end-to-end encryption for data in transit and at rest, and
implemented data tokenization and access control mechanisms to mitigate data breach risks and ensure
compliance with PCI-DSS.
● Engineered scalable and fault-tolerant database systems using Postgres and Cassandra, applying sharding
techniques for high scalability and optimized Oracle performance through query tuning and indexing,
enhancing efficiency by 25%.
● Led backend development in Python and Java, developed and deployed REST APIs using Spring Boot and
Flask for secure data exchange, and ensured high-performance API security with OAuth 2.0 and JWT
integration.
● Built and maintained the frontend using React, optimizing for cross-platform consistency, and automated
API testing and performance benchmarking, ensuring high availability and minimal latency across deployed
environments.
● Trained staff on forensic procedures, ensuring that evidence is handled properly and consistently across the
team.
● Presented forensic findings to senior management and regulatory bodies, ensuring they understood the scope
and impact of incidents.
● Stayed updated with the latest forensic tools, methodologies, and regulations to ensure the highest level of
security and compliance.

Illinois Mutual Life Insurance Company, Peoria, IL

Sep 2010 – Jan 2015
Threat Intelligence Analyst.

Responsibilities:
● Collected, analyzed, and processed cyber threat intelligence (CTI) to identify trends and emerging threats
that could impact State Funds systems.
● Created actionable threat intelligence reports to inform security strategies and help mitigate future risks.
● Applied IOCs to enhance proactive security measures, identifying potential threats before they impacted
the network.
● Worked closely with external cyber threat intelligence providers to stay informed about the latest threats
targeting similar industries.
● Collaborated with internal teams to integrate Threat Intelligence into security tools like SIEM systems and
firewalls for real-time detection.
● Developed and maintained intelligence-sharing relationships with governmental agencies and third-party
partners for early threat detection.
● Tracked adversary tactics, techniques, and procedures (TTPs) to identify evolving threats and recommend
countermeasures.
● Provided recommendations for the implementation of security controls to prevent identified threats from
exploiting vulnerabilities.
● Monitored open-source intelligence (OSINT) to track and evaluate emerging cyber threats targeting the
industry.
● Conducted threat assessments to identify potential risks and recommended measures to minimize their
impact on critical business assets.
● Developed and maintained a threat intelligence database, allowing quick access to relevant information
during incidents.
● Delivered regular briefings and intelligence updates to leadership, ensuring they were aware of potential
threats and the effectiveness of current defenses.
● Managed and executed threat-hunting initiatives, proactively identifying and mitigating risks before they
materialized.
● Implemented Multi-Factor Authentication (MFA) and Conditional Access policies to strengthen identity
security and protect against unauthorized access.
● Led the configuration and integration of Identity Protection and Identity Governance solutions to enforce
secure authentication and user lifecycle management.
 .
Chicago Medical Society, Chicago, IL
Jun 2005 – Aug 2010
Security Operations Lead

Responsibilities:
● Led the security operations team, ensuring that daily security monitoring and threat detection systems were
operating effectively.
● Managed the configuration and optimization of security tools like SIEM, IDS/IPS, and endpoint protection
platforms.
● Led incident triage efforts, ensuring that high-priority incidents were escalated and resolved efficiently.
● Coordinated the response to security incidents, ensuring swift containment, eradication, and recovery of
affected systems.
● Monitored network traffic for signs of malicious activity, ensuring proactive identification of threats.
● Developed and refined security operations workflows to improve the efficiency of incident detection and
response processes.
● Worked with other departments to ensure that security operations were aligned with business needs and
compliance requirements.
● Ensured that security tools were properly tuned and optimized to minimize false positives and provide more
accurate threat detection.
● Conducted security audits to assess the effectiveness of existing security operations and identified areas for
improvement.
● Provided regular reports and metrics on security operations performance to senior leadership, ensuring
transparency and alignment with organizational goals.
● Managed security operations projects, ensuring that new initiatives were implemented successfully within
established timelines.
● Led training initiatives for junior team members, ensuring they were equipped with the knowledge and
tools to perform effectively in security operations.
● Worked with external partners to enhance collaboration on security incident response and threat mitigation.
● Designed and implemented security solutions using Microsoft Defender for Identity to detect and respond
to threats across identity systems.
● Integrated Microsoft Exchange Online Protection into the broader security framework to protect against
spam, phishing, and malware in email communications.
● Applied security best practices to configure and maintain Microsoft Certificate Services to issue, renew,
and revoke certificates for secure communication.
● Conducted security assessments to identify vulnerabilities in identity systems and implemented measures to
mitigate those risks.
● Managed and configured RSA Authentication Manager to strengthen authentication processes and secure
access to critical systems.

Lutheran Social Services of Illinois, Des Plaines, IL

Jun 2001 – May 2005
Security Policy and Compliance Analyst
Responsibilities:
● Developed and enforced security policies and procedures in alignment with regulatory frameworks like ISO
27001, PCI-DSS, and NIST CSF.
● Conducted security risk assessments to identify potential vulnerabilities and recommend appropriate
security measures to mitigate risk.
● Ensured compliance with industry standards and regulations, such as HIPAA, GLBA, and PCI DSS, across
all security operations.
● Developed and maintained security documentation to ensure that processes were clearly outlined and easily
followed by internal teams.
● Managed and executed compliance audits, identifying gaps and working with teams to remediate findings.
● Worked with senior leadership to ensure that security policies aligned with the organizational strategy and
business objectives.
● Created and maintained training documents to ensure team members were well-versed in the latest security
policies, compliance requirements, and best practices.
● Assisted with the development of incident response policies, ensuring that the organization was prepared to
handle any type of security breach.
● Provided consultation on security practices and procedures to internal departments to ensure regulatory
compliance.
● Led security awareness training programs to ensure staff adherence to security protocols and reduce human
error.
● Analyzed third-party vendors to ensure they adhered to the organization's security standards and
compliance requirements.
● Collaborated with legal teams to ensure that the organization’s security policies meet all legal requirements
and industry regulations.
● Regularly reviewed and updated security policies to keep pace with changes in security threats and
regulatory standards.