About
Junior Cybersecurity Analyst with hands-on experience in web application penetration testing, vulnerability assessment, and incident response. Proficient in identifying and exploiting OWASP Top 10 vulnerabilities (SQL Injection, XSS, CSRF, IDOR) using Burp Suite, OWASP ZAP, and Nmap. Experienced in executing the full NIST IR lifecycle — detection, triage, containment, and reporting — with MITRE ATT&CK framework mapping. Reduced remediation turnaround by 25% and validated 90%+ fix rates across 10+ target applications. CEH v13 Certified | Cisco CyberOps Associate.
Skills & Expertise (69)
Work Experience
Junior Cybersecurity Analyst
AK Infosoft Pvt. Ltd
Jul 2025 - Present
Identified and exploited web application vulnerabilities including SQL Injection, XSS, CSRF, and IDOR using both manual techniques and automated tools (Burp Suite, OWASP ZAP, Nikto), reducing remediation turnaround time by 25%. Conducted end-to-end vulnerability assessments aligned with OWASP Top 10, documenting findings with CVSS severity ratings and actionable remediation reports for 10+ target applications. Executed incident response lifecycle (detection, triage, containment, reporting) across real-world and simulated scenarios, consistently following the NIST IR framework. Performed Linux log analysis and system forensic investigation using CLI tools (grep, awk), documenting root cause findings in professional remediation reports. Validated and re-tested remediated vulnerabilities, confirming 90%+ fix rate and tracking remediation progress in structured security reports. Applied MITRE ATT&CK framework to map attack patterns and recommend defensive controls for identified threat vectors.
Cybersecurity Virtual Experience – Security Awareness
Mastercard (Forage)
Jan 2025 - Jan 2025
Analyzed phishing email campaigns; identified 5 social engineering attack patterns and documented findings. Recommended targeted security awareness training improvements; produced a risk-mitigation report for the security team. Applied threat intelligence concepts to classify phishing indicators of compromise (IOCs).
Cybersecurity IAM Developer – Online Internship
Tata Consultancy Services (Forage)
Jan 2025 - Jan 2025
Implemented IAM strategies including RBAC, MFA, and authentication/authorization controls for a hybrid identity scenario. Evaluated IAM risk posture and recommended improvements aligned with zero-trust security principles. Documented IAM architecture and access control policies supporting cloud and on-premise environments.
Website Vulnerability Assessment Intern
AK Infosoft Pvt. Ltd
Apr 2025 - May 2025
Performed web application security testing on DVWA and OWASP Juice Shop. Identified vulnerabilities: SQL Injection, XSS, Command Injection. Used tools: Burp Suite, Nmap. Analyzed HTTP requests and security flaws. Created vulnerability reports with fixes (OWASP Top 10).
Education
B.Tech in Information Technology - SR Group of Institution
2022 - 2025 · Afghanistan
Diploma in Information Technology - Government Polytechnic Lucknow
2019 - 2022 · Afghanistan
Certifications
Cisco CyberOps Associate – SOC Analyst
Cisco Networking Academy · 2025
Intro to Splunk
Splunk · 2025
SOC Analyst & Cybersecurity Training
AK Infosof Pvt. Ltd · 2025
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (69)
Click a skill to find developers with the same skill
