Security Engineer Resume examples & templates

Ethan Morgan

Portland, OR | emorgan92@gmail.com | (503) 448-2176 | linkedin.com/in/ethanmorgantech

Entry-level Security Engineer with hands-on experience from internships and academic projects. Skilled in vulnerability assessment, security monitoring, and basic incident response. Completed Security+ certification and currently pursuing OSCP. Seeking to leverage technical skills and analytical mindset to protect organizational assets and contribute to a security-focused team.

EXPERIENCE

Junior Security Engineer | TechShield Solutions | Portland, OR | January 2023 – Present

• Monitor and analyze security alerts using Splunk and QRadar, investigating approximately 27 potential incidents per week
• Participate in vulnerability scanning using Nessus and assist in remediation tracking for 200+ company endpoints
• Collaborate with IT staff to implement security patches and updates across Windows and Linux systems
• Document security incidents and create weekly reports for management review

Cybersecurity Intern | Pacific Northwest Bank | Portland, OR | May 2022 – December 2022

• Assisted in implementing multi-factor authentication for 120+ employees, reducing unauthorized access attempts by 94%
• Helped conduct security awareness training for staff, improving phishing test success rates from 68% to 87%
• Supported senior team members in log analysis and basic threat hunting exercises
• Created documentation for common security procedures to improve team onboarding

IT Help Desk Technician | Portland State University | Portland, OR | September 2021 – May 2022

• Resolved approximately 15-20 daily technical issues for students and faculty through phone and in-person support
• Assisted with basic account security including password resets and access management
• Identified and escalated potential security concerns to appropriate IT security personnel
• Maintained detailed documentation of all support tickets in ServiceNow

EDUCATION

Bachelor of Science in Computer Science | Portland State University | Portland, OR | 2022

• Relevant coursework: Network Security, Computer Forensics, Ethical Hacking, Cryptography
• Senior Project: Developed a network intrusion detection system using Snort and Python

CERTIFICATIONS

• CompTIA Security+ (April 2022)
• CompTIA Network+ (January 2022)
• AWS Cloud Practitioner (July 2022)
• Currently pursuing OSCP (expected completion: December 2023)

TECHNICAL SKILLS

• Security Tools: Nessus, Wireshark, Metasploit, Burp Suite, Splunk, QRadar
• Programming: Python, Bash scripting, SQL, some PowerShell
• Systems: Windows, Linux (Ubuntu, Kali), basic macOS administration
• Networking: TCP/IP, firewalls, VPNs, subnetting, DNS, DHCP
• Other: Virtualization (VMware, VirtualBox), Git, Docker basics

PROJECTS

Home Security Lab | Personal Project

• Built and maintain a home lab environment with virtualized systems for security testing and learning
• Practice penetration testing techniques against deliberately vulnerable systems (DVWA, Metasploitable)
• Experiment with intrusion detection systems and log analysis tools

Michael Winters

Portland, OR • (503) 555-7219 • michael.winters@emaildomain.com
linkedin.com/in/michaelwinters • github.com/mwinters-security

Security Engineer with 5+ years of experience protecting enterprise systems and cloud infrastructure. Skilled in vulnerability management and threat detection with proven success reducing incident response time by 37%. Quick learner who thrives in fast-paced environments and bridges the gap between technical security requirements and business needs.

Professional Experience

Senior Security Engineer | TechDefend Solutions | April 2022 – Present

• Lead security monitoring and incident response for 5 enterprise clients with combined assets of 4,300+ endpoints and 216 cloud instances
• Implemented automated threat hunting procedures that reduced mean time to detect (MTTD) from 78 hours to 17 hours
• Designed and deployed a custom SIEM integration that consolidated 6 disparate logging systems, saving $43K annually in licensing costs
• Conducted 14 internal security assessments using Nessus, Burp Suite, and Metasploit, remediating 93% of critical vulnerabilities within SLA timeframes
• Mentored 3 junior engineers through security certification process (all passed on first attempt)

Security Engineer | Velocity Financial Group | June 2020 – March 2022

• Managed identity and access controls for 2,700+ users across hybrid cloud environment (AWS/Azure)
• Collaborated with DevOps team to implement security gates in CI/CD pipeline, catching 27 critical vulnerabilities before production deployment
• Created and maintained security documentation for SOC 2 compliance, contributing to successful audit with zero security findings
• Performed bi-weekly vulnerability scans and coordinated remediation efforts with IT infrastructure team

Information Security Analyst | Northwest Healthcare Systems | August 2018 – May 2020

• Monitored security events using Splunk and ArcSight SIEM platforms across 1,800+ endpoints
• Responded to and documented security incidents according to HIPAA requirements
• Executed phishing simulations that improved user security awareness by 41% over 12 months
• Assisted in developing disaster recovery procedures for critical healthcare systems

Education & Certifications

Bachelor of Science, Computer Science | Oregon State University | 2018

Certifications:

• Certified Information Systems Security Professional (CISSP) – 2022
• Certified Ethical Hacker (CEH) – 2020
• AWS Certified Security – Specialty – 2021
• GIAC Security Essentials Certification (GSEC) – 2019

Technical Skills

• Security Tools: Splunk, ArcSight, CrowdStrike, Nessus, Burp Suite, Metasploit, Wireshark
• Cloud Security: AWS (GuardDuty, Security Hub, WAF), Azure Security Center, GCP Security Command Center
• Compliance: NIST, ISO 27001, SOC 2, HIPAA, PCI-DSS
• Programming: Python, Bash, PowerShell
• Technologies: Linux, Windows Server, Active Directory, Docker, Kubernetes

Projects & Additional Experience

• Created open-source threat hunting scripts for AWS environments (450+ GitHub stars)
• Volunteer instructor for local community college cybersecurity bootcamp (2021-present)
• Presented “Practical Cloud Security for Small Teams” at PDX Security Meetup 2022

Michael Thompson

Boston, MA • (617) 555-4321 • mike.thompson@emailpro.net • linkedin.com/in/mikethompson-security

Professional Summary

Security Engineer with 8+ years of progressive experience designing and implementing enterprise-wide security solutions. Skilled in vulnerability management, network security architecture, and threat detection across diverse environments. Track record of reducing security incidents by 47% and streamlining compliance processes while mentoring junior team members. Known for translating complex security concepts to non-technical stakeholders.

Experience

Senior Security Engineer – Atlantic Financial Group | Boston, MA | June 2020 – Present

• Lead a team of 4 security engineers implementing comprehensive security controls across a hybrid cloud environment supporting 12,000+ users
• Architected and deployed a zero-trust network framework that reduced the attack surface by 67% and cut incident response time from 4.2 hours to 38 minutes
• Spearheaded migration from legacy SIEM to cloud-based solution, resulting in $287K annual savings and 3x increase in threat detection capabilities
• Created and managed vulnerability management program, reducing critical vulnerabilities’ remediation time from 23 days to 6 days
• Collaborate with DevOps teams to embed security into CI/CD pipelines, eliminating 91% of security-related deployment delays

Security Engineer – TechVision Systems | Cambridge, MA | March 2017 – May 2020

• Designed and implemented multi-factor authentication for 300+ corporate applications, preventing credential-based attacks that previously cost ~$175K annually
• Conducted 40+ security assessments and penetration tests, identifying and remediating critical vulnerabilities before production deployment
• Built automated security scanning tools using Python that reduced manual review time by 72%
• Led security incident response for a ransomware attack, successfully containing the threat and restoring operations within 18 hours (vs. industry avg of 3+ days)

Information Security Analyst – Nexus Healthcare | Providence, RI | January 2015 – February 2017

• Managed endpoint security solutions for 2,800+ workstations across 7 hospital locations
• Implemented and maintained security controls to ensure HIPAA compliance and protect PHI
• Performed regular vulnerability scans and worked with IT teams to patch critical systems
• Created security awareness training that improved phishing test pass rates from 61% to 94%
• Documented security policies and procedures to satisfy regulatory audit requirements

Education & Certifications

Bachelor of Science, Computer Science – Northeastern University | Boston, MA | 2014

Certifications:

• Certified Information Systems Security Professional (CISSP) – 2018
• Certified Ethical Hacker (CEH) – 2016, renewed 2022
• AWS Certified Security – Specialty – 2019
• GIAC Security Essentials (GSEC) – 2015

Technical Skills

• Network Security: Firewalls (Palo Alto, Cisco), IDS/IPS, VPNs, Zero Trust Architecture
• Cloud Security: AWS, Azure, GCP security controls and best practices
• Security Tools: Splunk, QRadar, CrowdStrike, Carbon Black, Tenable.io, Qualys
• Compliance Frameworks: NIST, ISO 27001, SOC2, HIPAA, PCI DSS
• Programming/Scripting: Python, Bash, PowerShell
• Container Security: Docker, Kubernetes, Istio service mesh
• Incident Response & Forensics: Timeline analysis, memory forensics, threat hunting
• Authentication & Access Control: OAuth 2.0, SAML, IAM solutions, Privileged Access Management

Additional Experience

• Co-led the Boston OWASP chapter meetups (2019-2021)
• Guest lecturer for “Practical Network Security” course at Northeastern University
• Presented “Building Security Automation that Actually Works” at BSides Boston 2022