Sr. Security Analyst
Telecom
Skills
I'm Sajid Kiani and I've more than 8 years of experience in different domains of Cyber Security.
My Skills:
Threat Hunting & Threat Intelligence
Digital Forensics
DFIR
Incident Handling in SOC
Malware Analysis
Web Application Penetration Testing
FireEye (AX, NX, EX, FX)
My Skills:
Threat Hunting & Threat Intelligence
Digital Forensics
DFIR
Incident Handling in SOC
Malware Analysis
Web Application Penetration Testing
FireEye (AX, NX, EX, FX)
Project history
03/2020
-
Present
Responsible for working in a 24/7 Security Operation Centre SOC and cyber defense center environment. Monitor and Analyze network security events by using SIEM.
• Responsible for incident response work including analyzing security events, identifying false positives vs. real threats, identifying host involvement, comparing scan results, analyzing Splunk logs, and prioritizing incidents/events.
• Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
• Working directly with SOC L1/L2 analysts for incident response and improving existing procedures & processes.
• Responsible for incident response work including analyzing security events, identifying false positives vs. real threats, identifying host involvement, comparing scan results, analyzing Splunk logs, and prioritizing incidents/events.
• Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
• Working directly with SOC L1/L2 analysts for incident response and improving existing procedures & processes.
09/2018
-
01/2020
Assistant Manager of Cyber Security
First Microfinance Bank
* Identified Business Logic Vulnerabilities and risks in existing infrastructure.
* Provided vulnerability remediation/recommendations and directly interacted with the
development/infrastructure teams and conduct retesting phase after patching.
* Developed security Incident Response Plan and Threat response plan.
* Developed the use cases library to monitor the logs from various controls.
* Lead the planning and design of enterprise security architecture of FMFB.
* Implemented, Managed, and Monitored centralized security solutions including hostbased
firewall, antivirus/antimalware solution, data loss prevention, application
whitelisting, and host-based IPS/IDS solution to ensure the security of endpoints, and
enhance defense in depth against new types of attacks.
* Mapping of MITRE ATT&CK (Adversarial Tactics, Techniques & Common Knowledge)
framework to current infrastructure.
* Wrote Policies, Procedures & Cyber Security strategies to comply with Essential
Cybersecurity Controls
* Provided vulnerability remediation/recommendations and directly interacted with the
development/infrastructure teams and conduct retesting phase after patching.
* Developed security Incident Response Plan and Threat response plan.
* Developed the use cases library to monitor the logs from various controls.
* Lead the planning and design of enterprise security architecture of FMFB.
* Implemented, Managed, and Monitored centralized security solutions including hostbased
firewall, antivirus/antimalware solution, data loss prevention, application
whitelisting, and host-based IPS/IDS solution to ensure the security of endpoints, and
enhance defense in depth against new types of attacks.
* Mapping of MITRE ATT&CK (Adversarial Tactics, Techniques & Common Knowledge)
framework to current infrastructure.
* Wrote Policies, Procedures & Cyber Security strategies to comply with Essential
Cybersecurity Controls
11/2017
-
06/2018
Information Security Executive
Telenor Telecom
* Implemented, Managed, and Monitored centralized security solutions including host-based
firewall, antivirus/antimalware solution, and host-based IPS/IDS solution to ensure the
security of endpoints.
* Developed and designed a complete solution for OS-level protection with CIS control.
* Developed use cases and correlated these with existing use cases
firewall, antivirus/antimalware solution, and host-based IPS/IDS solution to ensure the
security of endpoints.
* Developed and designed a complete solution for OS-level protection with CIS control.
* Developed use cases and correlated these with existing use cases
04/2015
-
11/2017
Sr. Malware Researcher
Ebryx Privat Ltd
* Identified and used tools and techniques to conduct static and dynamic analysis of malware,
including building a lab environment
* Undertook research and develop methods of tracking and detecting malicious activity within a
network
* Conducted advanced computer and network tests relating to various forms of malware
analysis, computer intrusion, theft of information, denial of service, multi-national organized
criminal groups, and Advanced Persistent Threats (APT)
* Researched for new malware on public sources including Virus Total
including building a lab environment
* Undertook research and develop methods of tracking and detecting malicious activity within a
network
* Conducted advanced computer and network tests relating to various forms of malware
analysis, computer intrusion, theft of information, denial of service, multi-national organized
criminal groups, and Advanced Persistent Threats (APT)
* Researched for new malware on public sources including Virus Total
03/2013
-
01/2015
Independent Security Researcher
* Performed wabbit hunting with BugCrowd, HackerOne, and Independent
* In 2014 listed in the top hundred out of five thousand Researchers in BugCrowd.
* Awarded 17 Hall of Fame in BugCrowd from different companies.
* Performed Penetration testing of Web Applications, Mobile Applications and identified Risk in
Infrastructure.
* In 2014 listed in the top hundred out of five thousand Researchers in BugCrowd.
* Awarded 17 Hall of Fame in BugCrowd from different companies.
* Performed Penetration testing of Web Applications, Mobile Applications and identified Risk in
Infrastructure.
Local Availability
Only available in these countries:
Saudi Arabia
