Sr. Cyber Security Engineer with proven expertise in implementing cyber security measures, secure infrastructures on cloud/premises and auditing effectiveness of security controls. A respectable record that includes recommending security improvements, evaluating and identifying vulnerabilities and improving overall system efficiencies for the diverse nature of clients. Adept at leading Information Security Management Programs and staying ahead of current risks.
• Keeping the company security hygiene at good levels by mitigating threats.• Managing and working closely with the security team at a certain level to achieve the critical KPIs.
Participated in and conducted security audits and security assessments of the organization and its client projects to meet industry standards.
Experience with security on public clouds like Azure and AWS for infrastructure, security operations and Identity.
Experience in cloud security engineering, and designing complete end-to-end security strategies for projects.
Developed and lead strategic cybersecurity programs like ISO27k1, its policies, controls, standards and procedures.
Worked as a Security lead in Data Science Projects for multiple international clients.
Performed IT compliance testing to assess risk, safeguard assets, and evaluate IT controls supporting operational processes.
Understanding of the laws and regulations associated with privacy, HIPAA and the use of technical controls to meet these requirements.
Experience in working with Endpoint security, EDR and SIEM solutions across boundaries and assets to mitigate the potential risks.
Managed Endpoint security to mitigate the potential risks related to the assets.
Practical knowledge of network security, network vulnerability assessment and experience in designing secure network architectures on-premises and in the cloud to minimize the attack surface.
Experience in Penetration Testing and Vulnerability Assessment of on-premises infrastructure, client and company projects; and applied controls to minimize the risk.
Performed Application pentesting as per the OWASP Framework and provided support to application developers during vulnerability remediation.
Created risk reports for executive management; worked on NIST Security and Privacy Controls and SP 800 series.
Participated in pre-sales activities to broadcast company security hygiene to clients and prepared Cyber Security project proposals for ADDO AI.
Updating myself with emerging security technologies, making appropriate recommendations to implement security measures to mitigate cyber risks.
Performed Penetration Testing and Vulnerability Assessment of clients in Pakistan and Africa, and proposed feasible solutions to them.
Conducted 400 hours of cyber-security training of more than 60 professionals. Trained corporate professionals of Nestle and MCB Bank for CEH certification.
Lead the cyber-security program and training in coordination with multiple Gov. initiatives
Did a penetration testing and vulnerability assessment project for the University of Management and Technology (UMT).
Outsourced my services of vulnerability analysis and management to Hunerkada and Chandbagh College.
Worked with National University of Sciences and Technology (NUST) and found bugs in their portals and servers.
Identified and reported a critical bug to “Daewoo” in their android application.
■ Developed plans to safeguard clients\' data against modification, destruction ordisclosure.■ Performed risk analysis to identify appropriate security countermeasures.■ Recommended improvements in security systems and procedures forbusiness continuity.■ Performed network, server and web-application security audit and testing ofclients.