Muhammad Hamza Khan

Washington DC Metropolitan Area 📍 khan.mhamza@gmail.com

Cybersecurity Professional with over 5 years of experience working with a variety of different tools and cloud-based solutions; Experience working with data and application security, blue and red team assignments, real-time intrusion monitoring, user behavior analysis, and investigating incidents utilizing the Incident Response Plan.

Skills

Cybersecurity Tools:

Splunk, Varonis DLP, CrowdStrike Falcon, Tenable Security Center

Programming & Scripting:

PowerShell, Python, Java, HTML, PHP

Cloud Tools & Platforms:

AWS, Carbon Black Cloud, Tenable Cloud Security

Core Competencies:

Cyber Threat Analysis, Vulnerability Management, Data Loss Prevention, Incident Detection and Response

Experience

Senior Federal Information Systems Security Engineer

Oracle
  • ollaborated with internal teams, external vendors, and regulatory stakeholders to analyze, define, and validate system security controls and requirements in compliance with federal and legal mandates.
  • Applied NIST-based security principles, policies, and regulations to architect and engineer system security solutions that meet federal requirements and reduce operational and cybersecurity risk.
  • Led connectivity and integration testing for networked medical devices used across global clinical and hospital environments, ensuring secure interoperability with Electronic Health Record (EHR) systems.
  • Ensured medical device integrations adhered to federal security standards by implementing risk management frameworks and validating security controls throughout the system lifecycle.
  • Served as senior engineer overseeing security validation, compliance testing, and risk mitigation for interconnected healthcare systems supporting mission-critical clinical operations.
Oct 2025 – Present

Cyber Security Analyst

Telos Corporation
  • Monitoring security audit and intrusion detection system logs, web application firewall logs, and other security logs for system and network behavior.
  • Performing incident detection, analysis, and response in accordance with the established Incident Response Plan (IRP), including initial triage, containment, eradication, and recovery procedures.
  • Monitoring SIEM and other tools for detection & identification of security anomalies.
  • Identifying security risks, threats, and vulnerabilities of systems, applications, and new technology initiatives.
  • Analyzing the cyber threat of unknown software and programs on Windows and Linux-based sandboxes using static and dynamic analysis.
Jan 2022 - Oct 2025

Front End Systems Engineer

Navient Solutions, Inc.
  • Designed, installed, configured, maintained, and secured over 75 different payment portals for various clients.
  • Reported attack vectors and resolved bugs for critical services by using user behavioral analytics.
  • Provided support in formulating and designing the security framework for PCI-DSS compliance.
  • Enhanced the software development life cycle by integrating the ServiceNow ticketing system.
May 2021 - Dec 2021

Information Technology Specialist

ICNA CSJ
  • Enhanced system and network performances by proactively adjusting configurations based on IT policies.
  • Collaborated with managers to provide application design, testing, support, and training.
  • Gathered and translated project requirements and collaborative work to define scope and milestones.
  • Managed network security and filtering settings.
Jan 2020 - Sept 2024

Education

George Mason University

Bachelor of Science
Information Technology, Concentrtaion in Cybersecurity
Dean's List

Aug 2018 - May 2021

Northern Virginia Community College

Associate of Science
Computer Science

Aug 2016 - May 2018

Certifications

CompTIA Security+

View Certification

CompTIA CySA+

View Certification

CompTIA Pentest+

Currently in Progress