خلاصہ

As a security enthusiast I have 2+ year of experience in web application pentesting, network & system pentesting and logs analysis and threat hunting. My area of interest includes web applications and network penetration testing but can also work with defensive security very well

تجربہ

کمپنی کا لوگو
Ethical Hacker
Programmers Force
ستمبر ۲۰۲۰ - موجودہ | Lahore, Pakistan


Assessing the current state of security posture, envision the future state, and provide remediation roadmap to our clients in security engagements.
24/7 Security monitoring with SIEM analysis, reporting and incident response.
Cloud SOC monitoring for AWS (CloudWatch, GuardDuty, Security Hub) and GCP (Security Command Center).
Cloud SOC deployment and integrations with multiple SIEM technologies for AWS and GCP.
Conduct vulnerability assessment, penetration testing and OS/Device hardening checks, application security assessments with commercial and open-source tools. • Deployment and integration of various HIDS and NIDS tools like Suricata, Snort, Zeek OSSEC and syslogs monitoring for unix based systems.
Playbook creation for implemented security solutions both SIEM and EDR.
Conduct and compile findings on new threats and false-positive removal.
Troubleshooting security problems at both on-prem and cloud.
Responding to all system and/or network security breaches at both on-prem and cloud.
Ensuring that the organization data and infrastructure are protected by enabling the appropriate security controls at both onprem and cloud.
Reporting findings to management.
Educating staff members on information security through training and awareness

کمپنی کا لوگو
Security Engineer
Corvit Networks
اگست ۲۰۱۹ - ستمبر ۲۰۲۰ | Lahore, Pakistan


Web App Pentesting using different automated tools & manual testing, exploiting client side & server side vulnerabilities, logic flaws and DOS & DDOS attacks etc.
Source code review & suggesting mitigations for the discovered vulnerabilities.  Conducting network penetration testing includes MITM attacks, audit of internal network for open ports & vulnerabilities related to versions, routers, camera & printers having default passwords, weak passwords, exploiting unpatched machines and using automated tools like Nessus, hydra, NMAP etc.
Risk assessment and Red teaming includes performing phishing attacks & social engineering attacks etc.
Writing scripts for different kinds of monitoring alert like SSH login attempts, blocking USB and Bluetooth ports and services for staff.
Implementing server side mitigations on Nginx servers.
Conducting security awareness sessions for company staff.
De-obfuscation and Obfuscation of code.
Collaboration with other teams for solving issues.
Making new policies to implement security as required.
Policies review, Reporting & Technical documentation

کمپنی کا لوگو
Network Support Engineer
Idea94
جون ۲۰۱۹ - دسمبر ۲۰۱۹ | Lahore, Pakistan

کمپنی کا لوگو
Network Security Expert
Lahore Development Authority
مئی ۲۰۱۷ - ستمبر ۲۰۱۷ | Lahore, Pakistan

تعلیم

University of Sargodha
ماسٹرز, بیچلرز ان ٹیکنالوجی, BS IT‎
Human Resource Development, Information Security and Network Administration
CGPA 3.0/4
2019
FARAN COLLEGE JHANG
انٹرمیڈیٹ / اے لیول, , F.Sc Pre-Engineering‎
فی صد 76%
2013
Toor Public School jhang
نان میٹرک, Matric in Science‎
مکمل
2011

پیشہ ورانہ مہارتیں

متوسط Amazon Web Services (
متوسط API Testing
متوسط Azure Sentinel & Defender 365
ماہر Bash Scripting
ماہر Burpsuite
متوسط Digital Forensics & Malware Analysis
متوسط Docker
متوسط Google Cloud Security
ماہر Linux
متوسط Logs Correlation
ماہر Network Penetration Testing
متوسط Python Knowledge
متوسط Threat Hunting
متوسط Web App Pentesting

زبانیں

ماہر اردو
ماہر انگریزی

آپ کن کمپنیز کی پیروی کر رہے ہیں