About
Senior Security Engineer with an MS in Cybersecurity and 10+ years of experience in SOC operations, endpoint security, and cloud security. Proven track record in driving organizational resilience through implementing proactive defence architectures, managing SIEM/SOAR platforms, and reducing phishing risk. Committed to neutralizing cyber threats by cultivating a high-performance security culture.
Skills & Expertise (33)
Work Experience
Technical Specialist
Concentrix (Apple)
Oct 2019 - Oct 2020
Resolved, mitigated, and managed technical issues with excellent problem-solving skills in a quick and concise manner. Applied sound knowledge of troubleshooting protocols, accepted processes, and internal regulations while developing and delivering technical solutions. Managed varied workloads with strong organization, multitasking, and prioritization skills while maintaining accurate records and documentation. Promoted a customer-first mindset within the technical support team and fostered effective inter-departmental working relationships.
Senior Security Engineer
Neurealm
Jun 2024 - Present
Architected a global UEM (Blackberry UEM) environment supporting 2,000+ hybrid endpoints (iOS, Android, Windows), ensuring 100% adherence to corporate security policies through automated compliance actions. Deployed Blackberry Dynamics secure containers for all users, ensuring cryptographic separation of corporate data from personal apps and satisfying GDPR/HIPAA requirements for BYOD. Integrated Blackberry UEM with Microsoft Entra ID (Azure AD) to enforce device-posture-based conditional access, preventing non-compliant or jailbroken devices from accessing corporate SaaS applications. Managed a data-driven security awareness program for 4,000+ users, reducing the phish-prone percentage from 18% to a sustained 2.4% over 18 months. Developed monthly Human Risk reports for senior leadership (CIO and CEO) and provided targeted training for high-risk user groups. Designed and managed the SSL/TLS Inspection policy, creating automated bypass lists for sensitive categories (Health, Finance, Legal) to ensure compliance with GDPR and HIPAA. Evaluated weekly threat data using the MITRE ATT&CK framework to map adversary TTPs against internal controls, delivering actionable remediation plans to SOC and Infrastructure teams. Partnered with Infrastructure and Server Engineering teams to enforce patching SLAs, achieving a 99% compliance rate for critical security updates across the global server estate.
Application Support Engineer
CSS Corp.
Jan 2013 - Mar 2016
Guided customers through deployment and optimization of Netgear routers, switches, and extenders. Diagnosed and remediated multifaceted networking issues including DNS conflicts, VLAN misconfigurations, and signal interference for residential and SMB clients. Spearheaded root-cause analysis for emerging hardware defects and documented innovative workarounds that reduced average ticket resolution time. Mentored new technical support engineers through structured technical shadowing and product training. Managed high-priority escalations as liaison between high-value clients and the back-end development team to ensure timely resolution of mission-critical outages. Directed shift operations as Floor Lead, providing real-time technical guidance to a team of 50 engineers and managing workload distribution to meet SLA deadlines.
Senior Security Analyst
Kryptos Technologies (Crayon)
Dec 2023 - Jun 2024
Implemented and managed security measures including Microsoft Defender for Endpoint, Defender for Cloud, firewalls, IDS/IPS, AIP and DLP policies, anti-phishing/anti-spam policies, and encryption protocols. Assessed security risks, developed security policies and procedures, and provided recommendations to improve security posture across multiple projects. Established and maintained enterprise-wide security standards, strategies, and guidelines for secure cloud adoption. Led Cloud Security Posture Management (CSPM) efforts to continuously monitor and resolve multi-cloud misconfigurations and vulnerabilities. Prepared and presented weekly and monthly governance reports to delivery managers and senior stakeholders. Participated in client onboardings and knowledge transfer sessions to define security operations scope. Ensured security measures complied with industry regulations and standards including GDPR, HIPAA, PCI DSS, and ISO 27001. Prepared and presented process and policy documents for newly added controls as per ISO 27001:2022.
Security Analyst
Capgemini (Alstom)
Apr 2022 - Dec 2023
Conducted deep-tier analysis of high-fidelity security alerts using Microsoft Sentinel, QRadar, and Splunk; leveraged Cortex XSOAR to automate response workflows and reduce Mean Time to Respond (MTTR). Managed the full lifecycle of validated security incidents, from initial triage to delivery of comprehensive investigation reports and data-backed remediation guidance. Acted as a technical resource for Incident Response Teams (IRT) and SMEs, providing forensic data and actionable recommendations to accelerate threat containment and recovery. Executed proactive threat hunting within Microsoft Sentinel using custom scripts and KQL (Kusto Query Language) to identify sophisticated anomalies and dormant threats. Orchestrated email security via Microsoft Defender for Office 365, utilizing Threat Explorer to investigate phishing campaigns, analyze IOCs, and execute protective actions including user isolation and malicious URL blocking. Facilitated critical incident escalations to external partners and Microsoft Support, ensuring complex tenant-level issues were resolved within strict SLA timeframes. Researched and synthesized daily vulnerability intelligence reports, providing stakeholders with a prioritized view of the emerging threat landscape. Contributed to weekly SOC strategic reviews and assisted the SOC Lead in delivering executive-level security posture reports to high-value clients.
Senior Analyst
HCL Technologies Ltd (Allied Irish Bank)
Apr 2016 - Jun 2017
Performed user administration in Active Directory, Enterprise SAP, Data Warehouse, and additional platforms including IBM Lotus Notes and Adobe LiveCycle. Worked with ITSM Tool BMC Remedy handling Incident Tickets, Change Requests, Problem Investigation Tickets, Problem Known Errors, Work Orders, and Tasks. Administered Mobility Platform via MDM (MobileIron) and Individual BlackBerry Administration. Awarded APRS Champion for administering the Automated Password Reset System for the complete offshore team of 200 staff. Administered RSA encrypted authentication for approximately 15,000 staff, including user setup, amendment, and license handling with vendor. Managed Share Drive administration and handled mailbox creation, shared mailboxes, distribution lists, and restricted meeting rooms.
Education
Post-Graduate Diploma in Computing - Unitec Institute of Technology
- 2018 · Afghanistan
Bachelor of Information Technology - Anna University
- 2011 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (33)
Click a skill to find developers with the same skill
