**Omar Chaudhry**  
Cybersecurity Specialist  
Email: omar@cancanomar.net | Website: cancanomar.net | Location: Nairobi, Kenya (Open to Remote / Relocation)

### Professional Summary
Results-oriented cybersecurity professional with a Master’s degree in Cybersecurity, CompTIA Security+ and CySA+ certifications, and federal government experience in IT audits, risk management, and controls assessment. Proven ability to identify security weaknesses, implement process improvements, and support compliance initiatives. Actively building hands-on defensive security capabilities through home lab projects focused on SIEM, vulnerability management, and incident response.

### Consulting & Publications

**Digital Wellness Consultant & Author**  
*Independent Consulting*  
2024 – Present  
- Provide core consulting services focused on digital wellness, analyzing how technology platforms exploit human behavior and building policies to protect human attention and security.  
- Authored the book *Generation Cooked: How We Lost Tech Literacy in a Simplified World*, examining declining tech literacy among younger generations and its direct impact on cybersecurity awareness and social engineering vulnerabilities.  
- Conduct independent research and analysis bridging the gap between digital ethics, data privacy, and practical security education.

### Professional Experience

**U.S. Environmental Protection Agency (EPA)**  
*IT Security & Compliance Analyst*  
December 2022 – June 2024  
- Executed comprehensive IT security audits and assessed contractor compliance against federal Service Level Agreements (SLAs) and strict data protection requirements.  
- Leveraged the Risk Management Framework (RMF) to evaluate and implement NIST 800-53 security controls across federal information systems and network endpoints.  
- Conducted risk assessments for new software and AI-powered assistive technologies to ensure secure integration within the federal environment.  
- Engineered a secure Problem Management lifecycle that mitigated recurring vulnerabilities, reduced exposure windows, and streamlined incident triage.  
- Drafted and disseminated critical security advisories and system update documentation to a distributed workforce of over 17,000 federal employees and contractors.

**National Association of Counties (NACo)**  
*Identity & Access Administrator*  
August 2022 – December 2022  
- Administered Identity and Access Management (IAM) protocols across on-premises Active Directory and Microsoft Azure cloud environments.  
- Enforced Mobile Device Management (MDM) and endpoint security policies using Microsoft Intune to secure corporate data and remote assets.  
- Audited hardware inventory and enforced principle-of-least-privilege access controls to prevent unauthorized data exposure and streamline offboarding procedures.

**The Consortium of School Networking (CoSN)**  
*Blaschke Fund Research Fellow*  
May 2022 – August 2022  
- Researched and reported on cybersecurity, data privacy practices, and IT staffing challenges in K-12 school districts.  
- Conducted interviews with CTOs, Directors of Technology, and security professionals; presented findings to trustees and leadership.  
- Authored blog posts and analysis on cybersecurity awareness, data governance, and emerging threats in educational environments.

### Technical Projects

**Defensive Security Environment (Home Lab)**  
*Continuous Development*  
- Building and managing a virtual enterprise environment using Wazuh SIEM, vulnerable target machines, and Kali Linux to execute threat detection and incident response workflows.  
- Implementing continuous vulnerability scanning, network traffic monitoring, and custom detection rule creation to validate and strengthen practical CySA+ methodologies.  
- Documenting configurations, attack simulations, and automated response playbooks on GitHub to demonstrate hands-on defensive capabilities.

### Education & Certifications

**M.S. in Cybersecurity**  
Old Dominion University, June 2022

**CompTIA CySA+ (CS0-003)**  
November 2025

**CompTIA Security+ (SY0-701)**  
November 2024

### Skills

**Security & Compliance**  
- Risk Management Framework (RMF)  
- NIST 800-53 Controls  
- ISO 27001  
- ITIL  
- Vulnerability Assessment  
- Security Awareness & Training

**Technical**  
- Microsoft Azure / Intune / Active Directory  
- SIEM (Wazuh – lab)  
- Vulnerability Scanners (OpenVAS/Nessus)  
- Wireshark / Network Monitoring  
- SharePoint, PowerBI, ServiceNow

**Emerging Areas**  
- Responsible AI & Ethical Technology Practices  
- Data Privacy & Governance  
- Generative AI Tools (ChatGPT, Copilot, Ollama)

**Languages**  
- English (Native)  
- Spanish (Professional C1)  
- Arabic (Elementary A1)