Subject Matter Expert (SME) in Cybersecurity and Technology: Provided strategic guidance to senior leadership on complex challenges, ensuring cybersecurity programs align with industry best practices and regulatory requirements.
Led key cybersecurity projects, such as XDR, DLP, PAM, Vulnerability Management, and Network Security, to enhance and strengthen the organization's overall security posture.
Conducted comprehensive security reviews of Azure architecture: Implemented industry best practices to establish a robust defense-in-depth security strategy.
Performed security assessments to identify and mitigate threats: Provided actionable insights and recommendations to stakeholders to enhance the organization's security framework.
Collaborated with cross-functional teams to enhance cybersecurity awareness: Developed and implemented training programs to foster a culture of security among employees.
Managed the vulnerability management program (VMDR): Led regular scans and patch management efforts to effectively identify and remediate security vulnerabilities.
Implemented a comprehensive Data Loss Prevention (DLP) strategy: Developed policies, classified data, and conducted content inspection to safeguard sensitive information and ensure regulatory compliance.
Supervised penetration testing activities: Ensured safe and controlled testing to uncover potential weaknesses and improve the organization's security posture.
Facilitated security governance meetings: Addressed security concerns, assessed risks, and ensured compliance with relevant standards.
Established incident response plans and led investigations: Managed security incidents to minimize impact and enhance response capabilities.
Deployed AI-powered threat detection and privileged access management: Enhanced network monitoring and system security through advanced technologies.

Led a team of analysts and investigators, managing daily tasks to enhance security and reduce incident response times.
Developed and implemented cybersecurity processes and procedures in line with company policies, ensuring consistent execution of security tasks.
Configured, maintained, and optimized security tools to ensure proper functionality and seamless integration within the security operations environment.
Defined and phased in endpoint security policies, enhancing protection while minimizing impact on end users.
Handled incidents according to NIST standards, utilizing SIEM, EDR, and established processes for detection, analysis, containment, eradication, recovery, and post-event activities.
Anticipated security events by preparing contingency measures and conducting in-depth analysis of critical logs, abnormal behaviors, and breaches. Documented incidents, findings, and actions in detailed reports for stakeholders.
Conducted threat-hunting exercises to proactively identify potential threats, collaborating with stakeholders to mitigate risks in a timely manner.
Maintained strong security hygiene by promptly addressing threats and working with teams to prioritize and remediate vulnerabilities, ensuring minimal disruption to business operations.
Initiated and led projects to enhance the security posture, such as automating SOC operations and reducing the attack surface through comprehensive gap analysis.
Stayed current with the latest threat intelligence, leveraging insights to refine defenses and inform strategic decisions within the SOC.
Supported the Data Privacy Team in implementing controls for data leakage prevention at multiple levels, enhancing data protection efforts.

Extensive experience with security on Azure and AWS cloud platforms, implementing robust security measures and optimizing technical architecture to enhance infrastructure security and improve operational resilience by 30%.
Skilled in cloud security engineering and designing comprehensive end-to-end security strategies for various projects.
Led strategic cybersecurity programs such as ISO27001, developing policies, controls, standards, and procedures.
Served as Security Lead on Data Science projects for international clients, ensuring secure operations.
Performed IT compliance testing to assess risks, safeguard assets, and evaluate IT controls for operational processes.
Strong understanding of privacy regulations, including HIPAA, and expertise in implementing technical controls to ensure compliance.
Conducted security audits and assessments for the organization and clients to meet industry standards.
Proficient in working with endpoint security, EDR, and SIEM solutions to mitigate potential risks across environments.
Deep knowledge of network security and vulnerability assessment, with experience in designing secure network architectures for on-premises and cloud environments.
Experienced in penetration testing and vulnerability assessment, applying controls to reduce risk for both internal and client projects.
Conducted application pentesting following the OWASP Framework and assisted developers in vulnerability remediation.
Created risk reports for executive management, working with NIST Security and Privacy Controls (SP 800 series).
Participated in pre-sales activities, showcasing the company's security practices and preparing cybersecurity project proposals for ADDO AI.
Continuously updated on emerging security technologies and made recommendations for implementing measures to mitigate cyber risks.

Performed Penetration Testing and Vulnerability Assessment of clients in Pakistan and Africa, and proposed feasible solutions to them.
Conducted 400 hours of cyber-security training of more than 60 professionals. Trained corporate professionals of Nestle and MCB Bank for CEH certification.
Lead the cyber-security program and training in coordination with multiple Gov. initiatives

■ Developed plans to safeguard clients' data against modification, destruction ordisclosure.■ Performed risk analysis to identify appropriate security countermeasures.■ Recommended improvements in security systems and procedures forbusiness continuity.■ Performed network, server and web-application security audit and testing ofclients.