Experience

• 

  Kpmg

  Jul 2021 - Jul 2021

  Data analyst internee
• 

  Onestepbetter

  Aug 2021 - Oct 2021

  Web application developer
• 

  National cyber security auditing and evaluation lab (ncsael)

  Sept 2021 - Nov 2021

  Research intern
• 

  Thincscorp

  Jul 2022 - Aug 2022

  Intern
• 

  Virtually testing foundation

  Aug 2022 - Jul 2023

  - Spearheaded Red Team in executing penetration tests, vulnerability assessments, and security reviews to proactively identify exploitable weaknesses within organization's network, applications, and systems.- Interviewed and evaluated applicants for the Offensive Security Engineer internship role, providing key input on optimal candidate selection.- Led daily scrum meetings, monitored progress across multiple concurrent information security projects, and delegated tasks across subordinate team members based on individual capabilities and bandwidth.- Created and delivered customized training guides and learning pathways on tools like Burp Suite, Metasploit, and Kali Linux to onboard and cross-skill junior interns.- Reviewed Proof of Concept reports detailing the tangible risks associated with identified security vulnerabilities; provided constructive feedback to improve contextual alignment and recommendations relevance. Show less • Skillfully established controlled attack environments by configuring both offensive (attacker) and defensive (victim) systems, creating realistic settings for comprehensive penetration tests.• Proficiently replicated various cyberattack scenarios to uncover vulnerabilities, assess the effectiveness of security controls, and provide actionable insights for mitigation.• Acquired an in-depth understanding of the OWASP Top 10 vulnerabilities, enabling meticulous assessment, exploitation, and recommendation of countermeasures for these critical security risks.• Successfully executed all stages of the MITRE ATT&CK framework on Windows environments. These encompassed Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Exfiltration, and Impact. This hands-on experience provided a deep understanding of the intricacies of each attack stage. Show less

  • Red Team Lead

    Nov 2022 - Jul 2023

  • Red Team Engineer

    Aug 2022 - Nov 2022
• 

  Google developer student clubs - mcs, nust

  Aug 2022 - Jul 2023

  Gdsc lead

  - Founded the GDSC Chapter at MCS, NUST, laying the foundation for its growth and impact within the university's tech community.- Managed four technical teams (Cyber Security, Web Development, Flutter Development and Data Science) and three creative teams (Graphics & Media, Content Writing and Event Management) fostering a diverse skill set and collaborative atmosphere among team members.- Under my guidance, the chapter successfully organized nearly a dozen technical events, encompassing both on-site and online formats, enriching the technological learning experiences for participants.- Actively sought and established collaborations with other GDSC chapters, amplifying the reach and influence of our initiatives beyond the confines of our campus.- Through strategic leadership, event organization, and cross-chapter partnerships, I contributed significantly to nurturing technical prowess, creativity, and collaborative learning within the GDSC community at MCS, NUST. Show less

• 

  Ebryx (pvt.) ltd.

  Feb 2023 - Sept 2024

  • Analysis of system logs, network packets, security events, and alerts by using SIEM (IBM QRadar, ELK), SOAR (Azure Sentinel), and EDR (CrowdStrike, MS Defender) solutions to identify and quickly mitigate security incidents.• Streamlining security operations through automation scripts and searches for cloud security.• Developing alerting rules and dashboards for threat hunting.• Perform purple team exercises to find critical system vulnerabilities and patch them.• Integration of platforms like JIRA, Lacework, Confluence, AWS, Azure etc. for smooth operations. Show less

  • Security Engineer

    Jun 2023 - Sept 2024

  • Associate Security Engineer

    Feb 2023 - May 2023