About
Cybersecurity graduate with 1 year of experience as a Security Analyst, including exposure to VAPT, Incident Response, and GRC activities. Seeking a Security Analyst/Engineer role where I can apply my technical skills in cybersecurity, networking, and security operations while continuing to learn and contribute to Organizational security.
Skills & Expertise (19)
Work Experience
Junior Cybersecurity Analyst
Yorosis Technologies Inc
Feb 2025 - Jan 2026
Performed web application VAPT aligned with OWASP Top 10, identifying vulnerabilities such as SQL Injection, XSS, IDOR, and authentication flaws, and providing remediation guidance. Conducted manual and automated security testing using tools like Burp Suite, Nmap, and vulnerability scanners to validate vulnerabilities and reduce false positives. Provided risk-based remediation guidance to developers, ensuring secure fixes before production deployment. Generated detailed VAPT reports with severity ratings, PoCs, and actionable remediation steps. Contributed to SOC 2 and ISO 27001 compliance initiatives by maintaining control evidence, assisting in audits, and supporting risk and documentation management. Assisted in internal and external audits, including evidence collection, control walkthroughs, and documentation reviews. Supported risk register management, documenting identified risks, associated controls, and remediation tracking. Participated in security awareness and phishing simulation programs, helping track user behavior and control effectiveness. Performed security monitoring, incident triage, and investigation using Microsoft Defender for Endpoint. Investigated phishing, malware, and endpoint-related security incidents through IOC analysis and root cause investigation. Supported incident response activities including containment, investigation, escalation, and remediation coordination. Conducted threat intelligence and OSINT analysis to identify emerging threats, attacker techniques, and external exposure risks.
Cybersecurity Intern
Innometrix Techub
Mar 2024 - Jul 2024
Contributed to AI security application development by researching security-focused features, validating application behavior, and supporting model testing, helping enhance functionality reliability and strengthen security-focused use cases. Prepared client RFP (Request for Proposal) documentation by gathering technical requirements, aligning proposed cybersecurity solutions, and structuring deliverables clearly, resulting in more accurate and competitive submissions for the sales team. Studied and practiced core SOC workflows, including alert review processes, escalation criteria, and daily monitoring routines, which improved foundational understanding of real-world SOC operations.
Education
B.E in Cybersecurity - Paavai Engineering College
- 2024 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (19)
Click a skill to find developers with the same skill
