MDR Analyst · AWS Cloud Security · Bilingual EN/FR
From enterprise operations to the front lines of cybersecurity, now building toward cloud security engineering. A deliberate career built on precision, structure, and an unrelenting drive to go deeper.
My career did not start in cybersecurity. It started in people and operations. As a Bilingual HR Coordinator at Pratt & Whitney supporting a workforce of 10,000+ employees, and as an Order Administrator managing cross-functional workflows under strict compliance requirements, I built a foundation in data integrity, process discipline, and working within high-stakes environments where errors have real consequences.
That foundation carried me into cybersecurity. I completed the Level Effect Cyber Defense Analyst programme, earned the CDCP certification through a live one-week SOC assessment, and moved into active security operations. Most recently I worked as an MDR Analyst at an MSSP, investigating and triaging security events across endpoint, identity, email, and network telemetry for multiple enterprise clients using CrowdStrike, Microsoft Sentinel, Proofpoint, and Palo Alto.
The next move is deliberate. I am transitioning into cloud security engineering, enrolled in the Digital Cloud Training Cloud Security Engineer pathway building toward AWS Solutions Architect Associate, AWS Security Specialty, and Terraform certifications. My goal is to move from monitoring cloud environments to designing and securing them from the ground up, combining active threat detection experience with deep cloud architecture knowledge.
Investigating and triaging 10+ security event types daily across endpoint, identity, email, and network telemetry for multiple enterprise clients using CrowdStrike, Microsoft Sentinel, Proofpoint, and Palo Alto. Analysing phishing emails, conducting threat intel enrichment using IPAbuse, Flare, and VPN Detect, performing post-compromise threat hunting, and producing structured client-facing escalation reports with findings and recommendations per investigation.
Worked as a SOC analyst performing hands-on detection, investigation, and response across endpoint, network, and cloud telemetry. Investigated 9+ attack scenarios including malware infection, lateral movement, credential abuse, persistence mechanisms, and network intrusion. Performed memory forensics, malware analysis, and network traffic analysis using Wireshark, Sysinternals, Velociraptor, and CyberChef. Passed the CDCP certification via live one-week SOC assessment requiring full intrusion investigation and formal report submission.
Resolved 50+ daily bilingual technical support cases via phone, live chat, and messaging, diagnosing hardware and software issues across Mac OS, iPhone, iPad, and Apple ecosystem products. Escalated complex cases to engineering and specialist teams with structured problem summaries, and maintained full audit trails in ticketing systems within SLA standards.
Processed 20–30 daily orders coordinating across finance, sales, and warehouse under strict SLA pressure, maintaining accurate ERP data entry and compliance. Proposed and implemented process improvements that reduced cross-departmental delays and improved order fulfilment efficiency.
Supported HR operations for a workforce of 10,000+ employees, managing onboarding, employee records, compensation data, and access provisioning with strong attention to data integrity and compliance. Maintained accurate records across HR systems and coordinated cross-functional workflows under strict data handling requirements.
Designed and deployed a secure static website on AWS using S3, CloudFront, ACM, and Route 53. Implemented Origin Access Control to restrict direct S3 access, enforced HTTPS via ACM certificate provisioned in us-east-1, and configured CloudFront edge caching for global performance. S3 bucket policy allows CloudFront OAC only, blocking all direct public access.
Multi-tier VPC deployment with public and private subnets across multiple availability zones, NAT Gateway for private subnet internet access, Security Groups and NACLs following least privilege, and Session Manager for secure instance access without SSH exposure.
Centralised security monitoring using CloudTrail, GuardDuty, Security Hub, and CloudWatch. Real-time alerting on critical security events including IAM changes, root account usage, and security group modifications, with logs shipped to OpenSearch for investigation.
Event-driven security response pipeline using Lambda, EventBridge, and Step Functions. Automatically detects misconfigurations, isolates compromised resources, revokes credentials, and notifies the security team. Built with Python and Boto3.
Open to cloud security engineering roles, contract work, and meaningful conversations about securing cloud infrastructure. Based in Toronto, available for remote and hybrid opportunities.
Send a Message →