About
Detail-oriented Cyber Security professional with a Computer Science Engineering background, specializing in SOC Operations and Vulnerability Assessment & Penetration Testing (VAPT). EC-Council Certified Ethical Hacker (CEH v13 AI) with proven expertise in technical analysis of security logs (SIEM), identifying OWASP Top 10 vulnerabilities, and conducting platform-specific security research for Android and APIs. Proven ability to build and manage security labs using Splunk to detect threats and map them to the MITRE ATT&CK framework. Committed to delivering high-quality vulnerability reports with clear remediation steps to enhance organizational security posture and mitigate risks.
Skills & Expertise (39)
Work Experience
Security Engineering Project
SOC Home Lab
Present - Present
Engineered a centralized log monitoring platform using Splunk Enterprise on a local machine. Enabled ingestion of Windows Event Logs and Sysmon data to track process creation and network connections. Created correlation rules to detect brute-force attacks and suspicious PowerShell command execution patterns. Developed customized SOC Dashboards to provide real-time visibility into security events and performance. Mapped detection capabilities to the MITRE ATT&CK matrix to identify gaps in telemetry coverage.
VAPT Specialist
Web Application & API Penetration Testing
Present - Present
Discovered and validated critical flaws like SQL Injection, XSS, and IDOR in controlled environments. Analyzed REST APIs using Postman to identify Broken Object Level Authorization (BOLA) and insecure endpoints. Utilized Burp Suite Professional for advanced session manipulation and vulnerability validation. Generated comprehensive Security Assessment Reports with CVSS scoring and developer remediation guidance.
Security Researcher
Android Mobile Application Security Assessment
Present - Present
Conducted Static Analysis (SAST) on APKs using JADX and MobSF to identify hardcoded secrets and permissions issues. Performed Dynamic Analysis (DAST) with Frida to bypass SSL pinning and perform traffic analysis on encrypted streams. Evaluated local storage mechanisms for Sensitive Data Exposure according to OWASP Mobile standards. Identified 5+ mobile security flaws and provided remediation steps to secure client-side data storage.
DFIR Analyst
Digital Forensics
Present - Present
Analyzed malicious email headers and phishing payloads to identify origin and intent. Extracted and documented Indicators of Compromise (IOCs) for ingestion into threat blocking lists. Leveraged OSINT tools (VirusTotal, Any.Run) for real-time threat enrichment and actor attribution. Prepared forensic reports detailing the investigation process and suggested hardening measures.
CTI Analyst
Cyber Threat Intelligence
Present - Present
Performed detailed mapping of adversary tactics and techniques using the MITRE ATT&CK Framework to develop a proactive defense strategy. Utilized the ATT&CK Navigator to visualize detection coverage and prioritize security control enhancements. Applied the Cyber Kill Chain model to analyze active threat campaigns and identify critical intervention points. Leveraged OSINT platforms and CTI tools to collect and analyze indicators of compromise (IOCs) for actor attribution.
Education
Bachelor of Engineering – Computer Science & Engineering - Sant Gadge Baba Amravati University (SGBAU)
2021 - 2025 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (39)
Click a skill to find developers with the same skill
