Sepideh Naghdi

Experience

• 

  APA Center in Sharif University of Technology

  Sept 2013 - Aug 2016

  Researcher and C Programmer

  ● Researched and Integrated the transparent data encryption (TDE) feature into PostgreSQL (using C Programming) to enhance data-in-rest security.● Analyzed database logs to identify security issues during forensic operations and produced guides for database forensic investigators for two clients.● Developed interactive scripts for hardening four kinds of DBMSs (Oracle, PostgreSQL, MySQL, and MSSQL) in two different customer companies.

• 

  PayamPardaz

  Aug 2016 - Apr 2018

  Python and Django Developer

  ● Created a secure bidding and auction system using secure multi-party computation (MPC) techniques, aiming to bring the number of collusions and frauds to zero.● Collaborated with a professional team on the research, design, and development of Next-Generation Firewall (NGFW) solutions to compete with two other competitors.

• 

  IRISA

  Apr 2018 - now

  ● Founded an MSSP and identified approximately 75% of attacks before actual malicious activity occurred for three different customers.● Designed SOC processes (incident response, use-case development, and threat hunting) resulting in an approximately 60% improvement in operational efficiency.● Engaged in business and management meetings to advocate for the implementation of SOC solutions in organizations for three distinct clients. ● Responded to over 10 cybersecurity incidents, analyzed three different malwares, and offered recommendations to enhance the incident response process.● Generated and tuned use-cases, rules, reports, and dashboards in Splunk (ES), detecting over 20 security threats through the implementation of use-cases.● Introduced playbooks for four different types of incidents, fostering teamwork and coaching analysts during incident response. ● Led a 6-member team in implementing the Scrum framework, achieving a 70% improvement in performance and increased customer satisfaction.● Conducted research on advanced capabilities and features in SIEM and NGSIEM, planning the transition to NGSIEM within approximately one year. ● Redesigned and enhanced the indexer module in the native SIEM product (SITRA) using Elasticsearch, resulting in a performance improvement of over 70%.● Discovered an efficient solution to integrate cyber threat intelligence (CTI) data with logs in SITRA, enhancing the detection of attacks by 30%.● Promoted a 60% improvement in the syntax of correlation rules, enabling the creation of diverse rule types in the native SIEM.

  • Security Operations Center (SOC) Manager | MSSP Leader, Designing SOC processes, Malware Analysis

    Dec 2021 - now

  • Security Operations Center Analyst | Investigating Threats, Incident Response, Digital Forensics

    Sept 2020 - now

  • Product Owner (Native SIEM Product) | Scrum, Researching

    Sept 2020 - Sept 2022

  • Java and Python Developer

    Apr 2018 - Sept 2020