Snir Amira

• Led cloud migration and Microsoft tenant separation projects for enterprise clients, managing projects from planning and pricing through implementation and delivery.
• Acted as both Technical Project Manager and Hands-on Engineer, performing cloud deployments, infrastructure configuration, troubleshooting, and operational support.
• Prepared project estimations, pricing proposals, task breakdowns, and delivery timelines based on customer and technical requirements.
• Managed security monitoring operations using SentinelOne and Wazuh, including incident investigation, threat analysis, and endpoint monitoring.
• Installed and maintained EDR/XDR agents across customer environments while performing remote administration, monitoring, and security validation activities.
• Collaborated with customers and internal technical teams to deliver secure, stable, and scalable cloud and cybersecurity solutions.

• Designed and secured cloud environments across AWS and GCP, including IAM, network segmentation, firewall management, and secure connectivity.

• Built and maintained CI/CD pipelines using GitHub Actions, Jenkins, and Terraform, supporting secure and automated cloud deployments.

• Strengthened cloud security posture using Wiz, Nessus, and Pentera through vulnerability management, hardening, remediation, and continuous monitoring.

• Automated operational and security workflows using PowerShell, improving efficiency, monitoring visibility, and incident response capabilities.

• Implemented DevSecOps best practices including pipeline hardening, secrets management, access control, and SDLC security integration.

• Led technical projects end-to-end, coordinating cross-functional teams, managing delivery timelines, and supporting secure cloud architecture initiatives.

• Supported hybrid identity and access management solutions using Azure AD Connect, MFA, and Conditional Access policies.

• Led DFIR and incident response activities across classified on-premise, OT/SCADA, and cloud environments.

• Conducted malware analysis, memory forensics, and investigation of suspicious files to support containment, eradication, and post-incident response activities.

• Led SIEM integration projects for SCADA/ICS environments, enabling centralized log collection, monitoring, and security visibility across industrial networks.

• Performed incident investigations, log analysis, and evidence collection across hybrid cloud and on-premise infrastructures, including AWS environments.

• Operated and integrated enterprise security platforms including QRadar, Palo Alto Demisto, Check Point, Forcepoint, and SafeEnd to support threat detection and incident response operations.

• Conducted vulnerability assessments, threat analysis, and security evaluations using Maltego, CVE databases, and threat intelligence sources.

• Collaborated with OT engineers, infrastructure teams, and stakeholders to support secure deployment, operational readiness, and security-focused project delivery.

• Delivered advanced DFIR, Incident Response, and Red Team training for SOC and cybersecurity teams across enterprise, government, and critical infrastructure environments.

• Designed and led realistic APT attack simulations across IT and OT/SCADA environments, simulating real-world attack scenarios and adversary techniques.

• Conducted Red Team exercises including initial access, lateral movement, privilege escalation, data exfiltration, and ransomware simulation activities within isolated lab environments.

• Simulated malware and C2 frameworks such as NJRat, LimeRat, Quasar, and DarkComet, training teams on detection, containment, eradication, and recovery procedures.

• Guided SOC and DFIR teams during live incident simulations, improving threat analysis, attacker mindset, incident handling, and response decision-making capabilities.

• Conducted hands-on malware analysis, infected system remediation, log analysis, and incident investigation workshops within dedicated virtual training environments.

• Worked with international organizations across utilities, healthcare, law enforcement, and cybersecurity sectors to improve operational DFIR readiness and incident response capabilities.