PETTAWAY
S.T.A.R.S. SECURITY NETWORK · RACCOON CITY NODE
INITIALIZING UMBRELLA CORP PROTOCOL
⚠ BIOHAZARD ALERT — UNAUTHORIZED ACCESS DETECTED
SCANNING CREDENTIALS
✔ IDENTITY VERIFIED — PETTAWAY, K.
✔ CLEARANCE LEVEL: ANALYST · IAM & SECURITY OPS
LOADING OPERATIVE DOSSIER
☣ WARNING — ACTIVE THREAT ENVIRONMENT DETECTED
✔ ACCESS GRANTED
THREAT INTEL
CRITICALIvanti Connect Secure RCE (CVE-2025-0282) actively exploited — patch immediately or isolate HIGHAPT29 targeting cloud identity providers via OAuth token theft — T1528 CRITICALMicrosoft Patch Tuesday — 5 zero-days under active exploitation including CLFS driver escalation HIGHMFA fatigue attacks increasing against Entra ID — implement number matching immediately INFOCISA KEV updated — 3 new entries added to Known Exploited Vulnerabilities catalog CRITICALLockBit 3.0 affiliates targeting financial institutions — offline backups critical HIGHCredential stuffing surge against Entra ID — monitor Event ID 4625 spike patterns INFOMITRE ATT&CK v16 released — 14 new techniques across Enterprise and Mobile matrices CRITICALFortiGate SSL-VPN auth bypass under active exploitation — isolate unpatched appliances HIGHInfostealer campaign targeting browser-stored credentials and MFA session tokens INFONIST SP 800-53 Rev 6 public draft — AC-2 and AC-6 controls updated CRITICALActive Directory Kerberoasting surge — audit SPN accounts and enforce strong passwords HIGHPhishing kit impersonating Entra ID portal circulating via compromised domains INFOHoneypot telemetry — SSH brute force averaging 2,400 attempts per day from 47 distinct ASNs CRITICALBusiness Email Compromise up 17% YoY — FBI IC3 advisory issued HIGHNSA advisory — adversary-in-the-middle proxy attacks bypassing MFA at scale INFONIST CSF 2.0 — Govern function added, supply chain risk guidance expanded CRITICALSolarWinds Web Help Desk hardcoded credential CVE exploited in targeted attacks CRITICALIvanti Connect Secure RCE (CVE-2025-0282) actively exploited — patch immediately or isolate HIGHAPT29 targeting cloud identity providers via OAuth token theft — T1528 CRITICALMicrosoft Patch Tuesday — 5 zero-days under active exploitation including CLFS driver escalation HIGHMFA fatigue attacks increasing against Entra ID — implement number matching immediately INFOCISA KEV updated — 3 new entries added to Known Exploited Vulnerabilities catalog CRITICALLockBit 3.0 affiliates targeting financial institutions — offline backups critical HIGHCredential stuffing surge against Entra ID — monitor Event ID 4625 spike patterns INFOMITRE ATT&CK v16 released — 14 new techniques across Enterprise and Mobile matrices CRITICALFortiGate SSL-VPN auth bypass under active exploitation — isolate unpatched appliances HIGHInfostealer campaign targeting browser-stored credentials and MFA session tokens INFONIST SP 800-53 Rev 6 public draft — AC-2 and AC-6 controls updated CRITICALActive Directory Kerberoasting surge — audit SPN accounts and enforce strong passwords HIGHPhishing kit impersonating Entra ID portal circulating via compromised domains INFOHoneypot telemetry — SSH brute force averaging 2,400 attempts per day from 47 distinct ASNs CRITICALBusiness Email Compromise up 17% YoY — FBI IC3 advisory issued HIGHNSA advisory — adversary-in-the-middle proxy attacks bypassing MFA at scale INFONIST CSF 2.0 — Govern function added, supply chain risk guidance expanded CRITICALSolarWinds Web Help Desk hardcoded credential CVE exploited in targeted attacks
OPERATIVE DOSSIER
PETTAWAY, K.  ·  CLEARANCE: ANALYST
⚠ ACTIVE THREAT ENVIRONMENT
Kiarah Pettaway
IAM & Security Operations Analyst
Identity Governance  ·  SIEM & Incident Response  ·  Purple Team  ·  OSINT
SUBJECT FILE · ACTIVE · CLEARANCE LEVEL: ANALYST
96%SLA Resolution
30+Daily Incidents
300+Institutions
$50M+Daily Transactions
ERR_4625: BRUTE_FORCE_DETECTED AC-2_VIOLATION: STALE_ACCOUNTS_FLAGGED T1078: VALID_ACCOUNT_ABUSE_PATTERN SENTINEL_ALERT: IMPOSSIBLE_TRAVEL_T+3H
About
Experience
Skills
Projects
Contact
Profile
ABOUT ME
Finance
SaaS
Supply Chain
Real Estate

I'm Kiarah Pettaway — Kay. IAM and security operations professional operating across Finance, SaaS, Supply Chain, and Real Estate. I specialize in enterprise identity governance, front-line incident response, and SIEM operations in regulated environments.

I grew up taking things apart. MySpace and Tumblr pages built from raw HTML. Consoles modified to understand what existed beyond factory settings. Phones jailbroken and rooted to see how permission layers worked. Router configurations adjusted just to understand how devices communicated. When something broke, I traced it. That instinct was systems thinking in its earliest form — and it never left.
"You can't defend what you don't understand. I study the attack to build the defense."
Today that same curiosity operates in environments where the stakes are real. I've worked inside the operational backbone of regulated financial infrastructure where a missed alert or a failed job affects hundreds of institutions and millions in daily transactions. I've operated SIEM dashboards during night shifts at peak attack windows. I've responded to compromised accounts, phishing campaigns, and social engineering attempts — not as a simulation, but as daily operational reality.
Before security: founded Killiunaire, a real estate venture across 15+ closings. Conducted structured risk and due diligence assessments on 100+ properties using OSINT methodology — aggregating public records, MLS data, and open sources to evaluate exposure. Applied risk management. Same discipline, different domain.
Currently in progress: PenTest+ certification actively studying. IAM Access Review Automation in Python against Microsoft Graph API. Raspberry Pi 2W honeypot mapping real attacker TTPs to MITRE ATT&CK. IR playbook library against NIST 800-61. KQL detection rule library for Microsoft Sentinel. M.S. Cybersecurity planned. WGU Systems Thinking Award 2024.
WGU Cyber Club — Active Member
Women in CyberSecurity (WiCyS) — Member & Community Moderator
Women in Technology (WIT) — Member
Status
Open to Opportunities
Targeting
IAM Analyst  ·  SOC Analyst  ·  Security Operations Analyst  ·  IAM EngineerRemote & Relocation Considered
Education
B.S. Cybersecurity & IAWGU · Jul 2023 – Apr 2026
Award
WGU Systems Thinking Award2024
Links
github.com/l8zydaz
linkedin.com/in/kiarah-pettaway
[email protected]
↓   Download Resume
Work History
EXPERIENCE
VERIFIED RECORD  ·  6 ENTRIES
IT Analyst
SpartanNash  ·  Byron Center, MI
October 2025 — March 2026
96% SLA30+ incidents/dayEnterprise IAMMilitary Access
  • Supported thousands of users across a nationally distributed enterprise spanning corporate, retail, warehouse, and military environments — resolving complex technical issues across identity platforms, mainframe systems, POS infrastructure, and military access systems with independent judgment on triage and escalation
  • Performed high-volume access management and identity restoration operations — credential resets, account unlocks, MFA enrollment, BitLocker recovery, and permission grants including InfoSec-escalated account compromise events requiring secure access remediation
  • Triaged and managed 30+ incidents daily within Cherwell ITSM — maintaining a personal SLA resolution rate of 96% across a geographically dispersed enterprise
  • Investigated endpoint devices for malfunctions, abnormal behavior, and connectivity issues across Windows, macOS, and Linux
IT & Security Analyst (Internship)
Bindplane  ·  Grand Rapids, MI
May 2025 — August 2025
ISO 27001FedRAMP500+ artifactsPython automation
  • Spearheaded consolidation of 500+ cross-functional artifacts into a centralized GitHub/GitBook docs-as-code system, strengthening control traceability and audit readiness for ISO 27001 and FedRAMP
  • Conducted IAM and access control reviews across SaaS platforms and evaluated vendor security posture prior to contract renewal — identifying over-permissioned roles and delivering findings that directly informed procurement decisions
  • Contributed to the buildout of the senior security engineering function — attack surface mapping, access reviews, Grafana Labs telemetry pipeline configuration, and early-stage centralized monitoring
  • Developed and deployed a Python automation script generating YAML configuration structures across 100+ documentation files
Data Center Operations Specialist
CU*Answers  ·  Kentwood, MI
April 2024 — January 2025
$50M+ daily300+ institutionsFederal ReserveNight shift SIEM
  • Monitored 24/7 IBM iSeries (AS400) environments supporting 300+ financial institutions — investigating job failures, system integrity alerts, and user session anomalies across QSYSOPR, ROBOT, and CU*BASE, operating a live SIEM during peak attack windows
  • Authenticated into Federal Reserve infrastructure via Fedline Advantage using FED token and multi-factor passphrase — processing ACH transactions and delivering PGP-encrypted FTP/SFTP transmissions to PSCU, FIS BASE2000, TMG, and Certegy daily
  • Restored production stability within SLA across 300+ institutions handling $50M+ in daily transactions — analyzing job logs, collaborating with programmers, rerunning failed jobs
Chief Executive Officer
Killiunaire  ·  Remote
January 2021 — April 2024
15+ closings100+ assessedOSINT methodology20% efficiency gain
  • Conducted structured risk and due diligence assessments on 100+ properties using OSINT methodology — aggregating public records, MLS, and open sources to evaluate liens, zoning, comps, rehab costs, and title risk across 15+ closings
  • Managed full deal lifecycle independently — cold outreach, contract drafting, title coordination, buyer negotiation, and inspection oversight across legal, financial, and operational risk
  • Built and automated operational infrastructure using Podio, PropStream, and DealMachine — custom Notion databases, automated follow-up workflows, and repeatable documentation systems improving efficiency by 20%
Operations & Inventory Analyst
Amazon  ·  Caledonia, MI
March 2020 — January 2021
Promoted in 1 month99%+ accuracySQL inventory
  • Promoted from inbound receiving operations to Inbound Problem Solver (IBPS) within one month — selected based on performance, systems aptitude, and cross-path training, a role internally recognized as the most analytically demanding T1 position and a direct pipeline to Process Assistant
  • Acted as the floor’s first responder for inbound inventory anomalies — triaging Andons across stow, receive, and decant paths, investigating root causes through FC Research and Amazon’s internal systems, and resolving label failures, virtual/physical mismatches, title verification errors, and ASIN discrepancies
  • Investigated and escalated discrepancies beyond FC-level resolution — creating ISS tickets, performing cycle count verifications (SBC, SRC, CC), correcting FNSKU/X00 label failures, processing hazmat flags, and reconciling PO discrepancies routed to backend teams
  • Operated as the only Tier 1 associate authorized to open and inspect packages — making independent disposition calls under time pressure to route items for stow, damage processing, or shipment
Capabilities
SKILLS & CERTS
THREAT LEVEL
CONTAINED
CySA+
CompTIA · Earned
SSCP
Associate (ISC)² · Earned
Security+
CompTIA · Earned
Network+
CompTIA · Earned
A+
CompTIA · Earned
ITIL
Axelos · Earned
Google IT Support
Google · Earned
PenTest+
CompTIA · Pending
Security Operations
Suspicious Activity ResponseIncident Response (NIST 800-61)Alert Monitoring & TriageCompromised Account TriageEndpoint InvestigationAuth & Access Anomaly InvestigationPhishing & Social Engineering Response
Identity & Access Management
Active DirectoryAzure Entra IDMFA Enrollment & ReregistrationBitLocker RecoveryLeast Privilege ReviewSailPointPermission ManagementAccess Control Validation
SIEM & Monitoring
Microsoft SentinelGrafanaIBM iSeries (AS400)QSYSOPRROBOT SchedulerWindows Event LogsReal-Time Session Monitoring
Enterprise & Financial Systems
CU*BASEFedline Advantage (Federal Reserve)Cherwell ITSMCitrixGoAnywhere (PGP/FTP/SFTP)ACH ProcessingDSS (Military Access)RDP · PuTTY
Automation & Investigation
PythonBashSQLYAMLGit / GitHubNmap / ZenmapWiresharkAutopsyOSINT
Governance & Frameworks
MITRE ATT&CKNIST 800-61NIST 800-30/37/53NIST CSFISO 27001FedRAMPFFIEC / NCUASOC 2ITIL
Active Work
PROJECTS
Completed
✔ Complete
2026
Operation Nox — Purple Team Security Assessment
Personal · Purple Team · MITRE ATT&CK
End-to-end purple team exercise against a self-built Wazuh 4.14.4 SIEM. Executed SSH brute force, backdoor account creation, and cron persistence — each mapped to MITRE ATT&CK, detected in real time, and remediated with documented mitigation guidance. Build the defense. Break it. Prove it works.
WazuhMITRE ATT&CKHydraDockerPurple TeamLinuxNIST 800-61
↗ View Report
✔ Complete
2024
Digital Forensics Investigation
WGU D431 · Insider Threat Scenario
Digital forensics investigation using Autopsy — recovering deleted artifacts, analyzing file system activity, documenting user behavior for a simulated insider threat. Evidence acquisition methodology, chain of custody, attack timeline, and layered remediation recommendations.
AutopsyDigital ForensicsChain of CustodyInsider ThreatIncident Reporting
↗ Autopsy Lab Report
✔ Complete
2024
Network Vulnerability Assessment
WGU C844 · Emerging Technologies in Cybersecurity
Active reconnaissance using Nmap and Zenmap to enumerate open ports and misconfigurations. Wireshark packet analysis to correlate anomalies with scan findings. Remediation report with CVSS-aligned severity ratings. Security awareness training program covering AI-driven threats and social engineering.
NmapZenmapWiresharkVulnerability AssessmentSecurity Awareness
↗ Network Assessment↗ Training Plan
✔ Complete
2024
Legal & Compliance Framework Analysis
WGU C841 · Legal Issues in Information Security
Regulatory analysis of a fictional startup against HIPAA, SOX, and ECPA. Risk-prioritized remediation roadmap. Ethical guidance framework and SATE training plan translating regulatory requirements into actionable policy.
HIPAASOXECPACompliance AnalysisRisk Remediation
↗ Legal Analysis↗ SATE Framework
★ Award Winner
2024
Systems Thinking & Risk Analysis
WGU D372 · WGU Systems Thinking Award Recipient
Iceberg Tool, Behavior Over Time graphs, Limits to Growth, and Shifting the Burden archetypes across three complex risk scenarios. WGU Systems Thinking Award recipient. Root cause identification, feedback loop mapping — directly transferable to security risk assessment and incident response.
Systems ModelingRoot Cause AnalysisRisk FrameworksCausal Loop Diagrams
↗ Task 1↗ Task 2↗ Task 3↗ Award
Active Work
PROJECTS
Completed
✔ Complete
2026
Operation Nox — Purple Team Security Assessment
Personal · Purple Team · MITRE ATT&CK
End-to-end purple team exercise against a self-built Wazuh 4.14.4 SIEM. Executed SSH brute force, backdoor account creation, and cron persistence — each mapped to MITRE ATT&CK, detected in real time, and remediated with documented mitigation guidance. Build the defense. Break it. Prove it works.
WazuhMITRE ATT&CKHydraDockerPurple TeamLinuxNIST 800-61
↗ View Report
✔ Complete
2024
Digital Forensics Investigation
WGU D431 · Insider Threat Scenario
Digital forensics investigation using Autopsy — recovering deleted artifacts, analyzing file system activity, documenting user behavior for a simulated insider threat. Evidence acquisition, chain of custody, attack timeline, and remediation recommendations.
AutopsyDigital ForensicsChain of CustodyInsider ThreatIncident Reporting
↗ Autopsy Lab Report
✔ Complete
2024
Network Vulnerability Assessment
WGU C844 · Emerging Technologies in Cybersecurity
Active reconnaissance using Nmap and Zenmap to enumerate open ports and misconfigurations. Wireshark packet analysis correlated with scan findings. Remediation report with CVSS-aligned severity ratings. Security awareness training program covering AI-driven threats and social engineering.
NmapZenmapWiresharkVulnerability AssessmentSecurity Awareness
↗ Network Assessment↗ Training Plan
✔ Complete
2024
Legal & Compliance Framework Analysis
WGU C841 · Legal Issues in Information Security
Regulatory analysis of a fictional startup against HIPAA, SOX, and ECPA. Risk-prioritized remediation roadmap. Ethical guidance framework and SATE training plan translating regulatory requirements into actionable policy.
HIPAASOXECPACompliance AnalysisRisk Remediation
↗ Legal Analysis↗ SATE Framework
★ Award Winner
2024
Systems Thinking & Risk Analysis
WGU D372 · WGU Systems Thinking Award Recipient
Iceberg Tool, Behavior Over Time graphs, Limits to Growth, and Shifting the Burden archetypes across three complex risk scenarios. WGU Systems Thinking Award recipient. Root cause identification and feedback loop mapping translatable to security risk assessment and incident response.
Systems ModelingRoot Cause AnalysisRisk FrameworksCausal Loop Diagrams
↗ Task 1↗ Task 2↗ Task 3↗ Award
Get in Touch
CONTACT

Whether you have an opportunity, want to connect professionally, or are interested in collaborating — your message reaches me directly.

// Message sent. Email client opened.
// Direct: [email protected]
Direct Contact
Email
[email protected]
LinkedIn
linkedin.com/in/kiarah-pettaway
GitHub
github.com/l8zydaz
Availability
Open to new opportunities
Remote & Relocation considered
IAM Analyst  ·  SOC Analyst
↓   Download Resume