About
Results-driven cybersecurity professional with 6+ years of experience in security consultation, risk assessment, threat analysis, and implementation of robust security protocols. Proven track record of driving impactful results in high-stakes environments through analytical thinking, strategic planning, and effective communication. Skilled in cybersecurity, physical security measures, and compliance with industry standards, with a strong focus on team collaboration and seamless integration with existing systems.
Skills & Expertise (139)
Work Experience
Cyber Security Consultant
AMAZON
Feb 2019 - Present
Successfully executed security incident response and continuous monitoring activities while meeting defined SLAs. Maintained 24x7 on-call availability during high-severity incidents, collaborating with clients, internal teams, and third-party vendors for containment and recovery. Supported the SOC team by monitoring alerts and system logs, ensuring accurate detection, escalation, and resolution of security events. Conducted event correlation across host logs, firewall logs, IDS logs, and network traffic using SIEM tools and utilities like Nmap, Nessus, Wireshark, and TCPdump. Investigated phishing emails, malicious domains, and IPs using OSINT tools and recommended blocking or mitigation actions based on detailed analysis. Applied the MITRE ATT&CK framework for threat hunting and incident investigations to improve threat detection capabilities. Researched attack patterns, social engineering tactics, and fraud techniques to enhance the security team’s readiness. Demonstrated expertise in Active Directory, Kerberos, and PKI, and provided remediation strategies for IAM-related incidents. Utilized knowledge in authentication, endpoint security, firewalls, DAM, DLP, and IAM tools to secure enterprise systems. Conducted penetration tests using OWASP Top 10 methodology and tools such as Burp Suite and Metasploit to identify XSS, SQLi, CSRF, and other vulnerabilities. Identified and prioritized vulnerabilities based on SANS 25, client policies, and compliance needs. Performed vulnerability scans with Nessus and Qualys, led remediation efforts, and scheduled recurring assessments. Mentored new hires and aligned them with SOC protocols, boosting team capability and performance. Led a team of junior analysts in identifying, triaging, and responding to cybersecurity threats. Proactively detected and neutralized threats, ensuring high preparedness in live environments. Managed global accounts and security environments to maintain a strong security posture. Integrated new application security technologies to enhance threat prevention and detection. Assessed and improved cybersecurity policies based on industry standards and stakeholder expectations. Advised leadership on emerging threats and security technologies to support strategic planning. Applied knowledge of ISO 27001 and privacy regulations to guide compliance and risk decisions. Conducted research to identify risks and implemented infrastructure security solutions. Delivered in-depth security assessments and enforced ethical practices to protect client networks. Performed risk assessments and updated SSPs in line with NIST 800-18 guidelines. Optimized cybersecurity resource utilization, improving operational cost-effectiveness. Strengthened client engagement through accurate, consistent threat reports and remediation updates. Analyzed security incidents post-resolution and recommended improvements to technical and procedural controls. Reduced cyberattack risk through ongoing vulnerability management and penetration testing. Conducted periodic reviews of user access rights to reduce insider threat risk. Performed detailed risk analyses and implemented security controls to minimize attack surfaces. Automated threat detection with real-time tools, improving efficiency in monitoring operations. Developed and maintained playbooks for common attack scenarios to reduce incident response time. Recommended architectural improvements to enhance security posture across systems and processes. Created technical plans to safeguard sensitive data from unauthorized access or modification. Led tabletop exercises simulating cyberattacks to improve team readiness and incident handling. Built and implemented an enterprise-wide Incident Response Plan to streamline major event handling. Ensured audit readiness and regulatory compliance through internal reviews and remediation efforts. Deployed advanced threat prevention and detection technologies to reinforce IT infrastructure. Worked with cross-functional teams to implement standardized information security procedures. Applied CIS benchmarks to evaluate and improve the security of systems and configurations.
Education
BSC (Statistics and Mathematics) - Sree Chaitanya Degree
- 2019 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
