Experience

• 

  Orum rayan sepehr

  Oct 2010 - Mar 2013

  Network administrator

  • Administered network equipment by provisions ports, vlans, switching and routing services.• Implemented Microsoft Active Directory, DNS, Exchange and various other enterprise technologies to support the enterprise.• Managed Network Access Control system to only allow access to network resources by authenticated and authorized users.• Active Directory user accounts and file share permissions for user enterprise.• Implemented and maintained FTP, SFTP, and Web based file transfer technologies ensuring least privilege to user access.• Assisted users with trouble tickets by analyzing and determining issues with network, host and printers. • Implementation & Maintenance of routing and switching infrastructure.• Responsible for Windows server administration, Citrix and enterprise backups.• Responsible for telecommunications project planning, logistics and installation.• Maintain user access administration• Apply OS patches and updates on a regular basis, and upgrade administrative tools and utilities.• System Backups• Access Control (Active Directory Administration)• System Audit Logging• Maintain minimum security standards for systems• Install new / rebuild existing workstations and servers, configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with standards and project/operational requirements. Show less

• 

  Undisclosed

  Oct 2013 - Mar 2017

  Penetration tester
• 

  Dade pardazan meraat co

  Apr 2015 - Apr 2018

  • Performing Ethical Hacking of both web applications (e.g., J2EE, .Net, Apache, IIS, Websphere, etc.) and infrastructure elements (e.g., Windows/Linux operating systems, Oracle/SQL servers, firewalls, routers, switches, etc.)• Routinely conduct investigations into security data analytics use case findings; provide feedback to and work with data engineer and data scientists in order to develop and harden models• tuning and development of security information and event monitoring systems (SIEM) use cases and other security control configurations to enhance threat detection capabilities• threat modeling, development of attack plans, performing manual & automated Ethical Hacking, & develop proof of concept exploits• Create scripts to automate and improve manual processes• Perform risk analysis, attack simulation, application-level automated & manual Ethical Hacking and develop proof-of-concept exploits• Proactively 'hunt' for potential malicious activity and incidents Show less • Conduct proactive monitoring, investigation, and mitigation of security incidents• Analyze security event data from the network (IDS, SIEM).• Perform static malware analysis on isolated virtual servers• Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.• Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.• Research new and evolving threats and vulnerabilities with potential to impact the monitored environment• Conduct log analysis using Splunk• Identify suspicious/malicious activities or codes.• Monitoring and analysis of security events to determine intrusion and malicious events.• Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts.• Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analysis. Show less

  • Threat Hunting & Cyber Threat Intelligence

    Jun 2017 - Apr 2018

  • SOC Analyst

    Apr 2015 - Jun 2017
• 

  P.d.g. sadid

  Jan 2018 - now

  • Architected and Implemented Splunk SIEM for security monitoring and event analysis.• Configured and deployed correlation rules to detect and notify on security events.• Analyzed vulnerabilities of software and hardware platforms and produced technical risk assessments to inform the business stakeholders of risk and threats to the organization.• Conducted breach investigations including network traffic analysis, Unix/Windows host forensic analysis, and malware analysis. Responsibilities included managing direction of the investigation, communication with executive management, auditors and pubic relations.• Technical escalation engineer with security leadership, approving forensic analysis results, and generating interim and final investigative reporting.• Responsible for establishing and governing the security incident response processes, investigations and security operational processes.At a glance: Design, implement, and operate Cyber Security Operations Center responsible for monitoring and responding to security threats and incidents for enterprises. Show less

  • Security Architect and Senior Technical Director

    Jul 2020 - now

  • Security Operations Center Architect

    Feb 2019 - Jul 2020

  • Red Team Principal

    Jan 2018 - Feb 2019