About Me
I am driven by a curiosity to understand the complexities of the world. My enduring passion for adventure fuels my joy in identifying and solving challenges, be it in professional milestones or personal pursuits. Collaboration is where I thrive, finding inspiration in diverse teams and unique contributions to meaningful improvements.
Fascinated by cybersecurity since high school, I rediscovered this passion during college and embarked on a continuous journey of knowledge and growth in the field. As a Security Engineer, I've significantly enhanced organizational security through purple teaming activities, identifying critical gaps, boosting infrastructure visibility, and strengthening detection and response capabilities. My expertise extends to implementing advanced security controls, fortifying computer systems with robust system hardening, and crafting detailed incident response processes for swift and effective resolution. In my role as a SOC Analyst, I actively contributed to continuous monitoring and developed innovative detection techniques. Moreover, I have a penchant for automating routine tasks, streamlining workflows for myself and my team.
Outside of work, I am somewhat of a car enthusiast. Exploring human psychology, figuring out why people think and act the way they do, is something I find interesting. I also enjoy physics, especially the concepts of time and space. Unraveling the mysteries of the universe and how it all fits together captivates my imagination.
Career
Ebryx
- Monitoring and detection on security tools.
- Investigations and root cause analysis.
- Incident response and threat remediation for minimal impact.
- Improved detections quality.
- Gap identification and analysis for improved security posture.
- Log ingestion for enhanced threat visibility.
- Formulating comprehensive incident response processes and procedure.
- Automating responses using native automations and other 3rd party integrations
- Advanced security controls for endpoints and cloud environments.
- Developed system hardening guidelines for endpoints, cloud and services.
- Purple Teaming to identify and cover gaps in detections, and response.
- Secure service delegation between the service providers and customers.
- Tranformation of infrastructure to code using Terraform [IAC].
- Automating daily operations for the benefit of the organization and a smooth workflow.
NCSAEL
- Designed and established a secure network perimeter.
- Developed monitoring solutions and effective detection techniques.
- Performed network scanning and in-depth vulnerability analysis.
Education
National University of Sciences & Technology (MCS)
- SEED [Security Events Enumeration & Detection] - my final year project - a proactive log collection, monitoring and security detection solution
- Major subjects included Network Security, Cryptography, Digital Forensics, Computer Networks, Operating Systems, Programming, and Data Structures & Algorithms.
Skills
I find myself proficient and consistent in learning new tools, technologies and skills. My major skills lie around defense against cyber threats - monitoring and analysis of security alerts and incidents, making new detections, formulating incident response and creating processes and procedures along with automations of routine tasks.
-
Security Detection, Monitoring & Incident Management
-
Cloud Security
-
Security Posture Management
-
Identity & Access Management
-
Network Security
-
Programming, Scripting & Automation
Some tools/technologies that I worked on
Azure Sentinel
Utilized Azure Sentinel's capabilities as a SIEM to ingest logs centrally from multiple data sources, setting up detections and response automation using Playbooks/Logic apps.
- SIEM
- SECURITY MONITORING, DETECTIONS & INCIDENT MANAGEMENT
Cloudflare
Utilized Cloudflare's Web Application Firewall (WAF) to shield websites and servers from cyber threats. Additionally, Cloudflare Warp as a zero-trust security tool, establishing a secure and private network environment, ensuring only authorized access to critical resources and DLP monitoring.
- Cloudflare
- WAF
- WARP
- Zero Trust
Microsoft Azure
Making use of Azure services such as key vaults and automations for a secure and improved cloud infrastructure, and IAM through Active Directory
- Azure
- Cloud
- Vault
Amazon Web Services
Using the azure infrastructure services as a platform as well as for native security using services like Cloudtrail, GuardDuty, CloudWatch etc.
- AWS
- Cloudtrail
- GuardDuty
- Cloud Security
ELK
Centralization and management of logs for enhanced detection of anomalies and cyber threats with the help of Kibana's friendly UI, and Elasticsearch's searching capabilities
- Elasticsearch
- Logstack
- Kibana
Wazuh
Integration of endpoints and other network devices to a central EDR for better visibility and endpoint protection hence providing real-time monitoring and efficient incident response, strengthening the overall security posture.
- IDS
- EDR
- SIEM
Crowdstrike Falcon
Real-time threat detection and incident response with the help of Falcon EDR's solutions for a proactive and effective cybersecurity strategy.
- CS
- Falcon
- EDR
- Endpoint protection
Okta
Identity and access management with Okta's functionality to work as an SSO and IDP for several other softwares and applications, along with user provisioning.
- SSO
- IAM
- IDP
Wiz
Integration of cloud with Wiz to continuously scan and discover vulnerabilities and misconfigurations and patch them for a secure cloud infrastructure.
- CSPM
Terraform
Enabling seamless provisioning, managing, and scaling of cloud resources with the help of Infrastructure as code (IAC) for enhanced redundancy and efficiency in the infrastructure.
- IAC
- Hashicorp
- Terraform
Automation & Scripting
Streamlining daily operations by automating repetitive tasks through scripts crafted in Bash, CMD, and Python, enhancing overall workflow efficiency.
- Bash
- Batch
- CMD
- Python