Luke
Kim

Supporting fast-paced IT operations across infrastructure, endpoints, and security — reporting to the IT Manager in a Tysons, VA on-site environment.

• Provide technical support and troubleshooting for hardware, software, and network issues — ensuring business operations remain uninterrupted.
• Manage employee onboarding and offboarding — provisioning and deprovisioning accounts, equipment, and access in a timely and documented manner.
• Oversee IT asset inventory — procuring, tracking, and managing hardware and software across the organization.
• Collaborate with IT staff to conduct regular security audits — identifying vulnerabilities and ensuring compliance with security policies.
• Develop and maintain IT documentation — capturing configurations, procedures, and system changes for operational continuity.
• Support deployment of new applications and technologies — participating in rollout planning, testing, and implementation.

Served as the primary information security resource for a 400+ user enterprise — full security analyst scope alongside IT operations responsibilities.

• Executed vulnerability management cycles against Windows Server assets — CVE analysis, risk prioritization, patch coordination, and NIST SP 800-53-aligned documentation.
• Served as the escalation point for complex and unresolved tickets — triaging issues beyond Tier I scope, coordinating resolution with infrastructure teams, and ensuring SLA adherence.
• Led Windows 11 enterprise upgrade across endpoint fleet — coordinating rollout planning, compatibility assessment, and deployment with minimal operational disruption.
• Led org-wide MFA rollout across 400+ accounts, driving a 30–40% reduction in credential compromise events.
• Authored 20+ security SOPs and incident response playbooks — audit-ready and consistently followed across teams.
• Conducted root-cause analysis on recurring incidents — communicating findings and remediation status to management.

• Investigated security violations and endpoint alerts — documenting findings, coordinating resolution, and tracking items through to closure.
• Designed and deployed RBAC-based onboarding and offboarding workflows — reducing provisioning time by ~25% with fully auditable account lifecycle records.
• Maintained 100% compliant hardware asset inventory with data-safe decommissioning procedures.
• Documented system configurations and security control changes using the ManageEngine suite — maintaining audit-ready records of all security-relevant activity and supporting management visibility into security posture.

• Secured multi-site clinical infrastructure under HIPAA requirements — hardened network and endpoint configurations to protect PHI.
• Administered Salesforce CRM and ZOHO CRM with strict RBAC enforcement and auditable access controls — ensuring patient and organizational data remained accessible only to authorized personnel.
• Managed end-user support and ticket workflows through Zendesk — tracking issues to resolution and maintaining service documentation across distributed clinical sites.
• Deployed and supported TeamViewer for remote technical assistance across multi-site clinical environments — reducing on-site response time and enabling faster issue resolution.
• Delivered phishing, password hygiene, and security awareness training across a distributed clinical workforce.

Participated in live security operations within a production SOC environment.

• Reviewed SIEM alerts in Splunk and Rapid7 InsightIDR — investigating security exceptions, escalating incidents outside runbook guidance, and documenting all actions and outcomes.
• Built and configured a sandbox environment for the security operations team — enabling safe testing of detection rules, attack simulations, and incident response workflows without impacting production systems.
• Participated in live security operations — coordinating incident escalation and managing the full remediation ticket lifecycle in a production SOC environment.
• Monitored honeypots and analyzed attack logs to identify adversarial TTPs — contributing root-cause findings and detection improvement recommendations to the security operations team.

• Evaluated AI-driven threat detection and incident response tools against real-world security scenarios — assessing detection accuracy, identifying gaps, and delivering structured practitioner feedback.
• Feedback directly shaped product iterations across multiple tool assessments.