MINHAL ZAIDI
Summary
· A growth-driven professional offering about 8+ years of experience in IT Security & Software Developer.
· Profound knowledge of Ethical Hacking, Incident Response, SIEM, EDR Tools, DLP Solutions & Firewalls.
· Knowledge on Vulnerability Assessment on the Infrastructure Devices viz. Servers, Web Applications & Network. (Nessus, Burp suite, Wireshark, Nmap, Metasploit). Hands on experience on Kali Linux and Metasploit framework.
· Understanding of OWASP and MITRE testing methodology.
· Excellence in end-to-end Endpoint Security, Email security and Identity and Access Management (IAM) activities including the development of workflows, system configuration, documentation, optimization, and support related to access, while working with application teams to deploy new applications and functionality.
· Skilled in analyzing ecosystems to identify & evaluate risks pertaining to IT operations, business continuity readiness & process flow; ensuring compliance to IT standards & designing secure solutions that support organizational objectives.
· Proficiency with IDS/IPS technologies, such as Snort, SourceFire, Proventia.
· Decisive Engineering highly effective at operating in dynamic, high-pressure environments. Successfully handle multiple responsibilities simultaneous while exceeding objectives and satisfying tough clients. Managing multiple clients & team members simultaneously with deliverable excel results.
· Extensive experience of designing and developing software applications with .NET Framework (4.0/3.5/3.0/2), ASP.NET, ADO.NET, AJAX, LINQ, Silverlight, CSS, Web Services, HTTPS, SQL 2008 R2 & Python.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Senior Threat Analyst
SecurityHQ
12.2023 - Current
- Conduct threat intelligence ingestion, threat hunting, and integration of security reports for all clients.
- Working closely with security groups to capture high-fidelity Indicators of Compromise (IOCs) for detecting malicious activity that enhances cyber security operations as well as profiling and tracking of cyber threats
- Review security-related events and assess their risk and validity based on available telemetry from network, endpoint, and global threat intelligence information in order to provide clients with concise, detailed, and well-written incident reports, root causes identification, and remediation recommendations
- Provide customers with understandable context around their security environment and threats
- Interface with clients to address their issues, concerns, and questions, and drive to satisfactory closure any issues that impact the service and its value
- Provide mentorship to team members and clients on security strategy, tactics, techniques, and procedures
- Identifying and pursuing strategic and complex areas of security research in collaboration with internal and external stakeholders at all levels
- Collaborate closely with Endpoint Security Platform Architect, Platform Owner & Service Managers to implement, manage, and enhance Endpoint Detection and Response (EDR) solution, and also work for incident management processes
- Manage a threat intelligence platform, optimize its integration with other cyber security systems, optimize cyber threat intelligence models, and develop/maintain strategic cyber intelligence-related partnerships
- Manage and orient internal and external sources of intelligence, review threat reports/feeds, and digest threat information into cyber threat intelligence
- Processing, Organizing, and Analyzing incident indicators retrieved from the client environment, as well as correlating said indicators to various intelligence holdings
- Responsible for assisting in the coordination with internal teams and creating engagement deliverables
- Part of the Business Operations Protection team responsible for deploying, operating, and maintaining the global EDR platform
- Communicate with the Security Operations and Incident Response teams to identify adjustments and modifications to be made to the EDR toolset
- Ability to communicate well, contribute to cross functional and individual contributor teams, participate in response and defensive actions over a variety of security disciplines, and disseminate technical information as appropriate in support of Client's critical business, go to market, and operational infrastructure needs.
Senior CyberSecurity Analyst
Security HQ
08.2021 - 12.2023
- Perform security SIEM Operational tasks- Analysis, Filters, Active Channels, Reports, Suggestions of fine tuning
- Utilize technologies such as Endpoint Detection & Response tools, log analysis and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data & conduct periodic audits
- Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response
- Identification of incidents and subsequent analysis and investigation to determine their severity and response required
- Ensuring that incidents are correctly reported and documented in accordance with government policy and procedures
- Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes
- Perform research, testing, evaluation, and deployment of security technology and procedures via scripting, powershell & bash
- Define protocols for communication/communicate with the organization and with law enforcement should a security incident occur
- Document all activities during an incident and response while provide support with status updates during the life cycle of the incident
- Develop and deliver security awareness and compliance training programs
- Conduct knowledge transfer training sessions to security team upon technology implementation.
IT Security Analyst
Alpha Data
10.2019 - 08.2021
- Observe security solutions; SIEMs, firewall appliances, intrusion prevention systems, data loss prevention systems, analysis tools, log aggregation tools using IBM QRadar
- Creates and develops correlation and detection rules, & implement within SIEM to support alerting capabilities within the Threat Management Center
- Perform incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts keeping vision in mind
- Document all activities during an incident and provide support with status updates during the life cycle of the incident
- Investigate malicious phishing emails, domains and IPs using Open Source tools and recommend proper blocking based on analytics & logging reports.
Junior Security Analyst
Alpha Data
01.2018 - 10.2019
- Prepare assessment templates for review by Information Security Specialists, includes data entry
- Gather and verify documentation surrounding each assessment type including, but not limited to Information Security, Cybersecurity, SOC reports, Business Continuity and Disaster Recovery, Regulatory Compliance and Operations, and related disciplines in alignment with established practices
- Monitor tickets daily to ensure prompt attention is given to assigned assessments
- Create and maintain operational reports for Key Performance Indicators on weekly and Monthly Metrics
- Work with team in Continuity of Operations (COOP) and Disaster Recovery (DR) operations and conduct evaluation of COOP and DR during annual incident response training.
System Administrator
Omnix International
10.2015 - 12.2017
- Responsible to manage the MDT server for Operating Systems deployments on the System & Cloud server.
- Diagnosed and resolved complex technical issues through in-depth analysis, facilitating uninterrupted business operations.
- Managing Enterprise services such as Active Directory(AD), Exchange, SCCM, MBAM, DNS, DHCP and related services to ensure SLA compliance.
- Managed user access rights to maintain a high level of information security while ensuring appropriate levels of accessibility for authorized personnel.
- Administer servers, desktop computers, printers, routers, switches, firewalls, phones, personal digital assistants, smartphones, software deployment, security updates and patches.
- Produced, maintained, and improved documentation on various internal processes, OS standards, and refresh cycle schedules
Software Developer
White Feather Technologies
06.2014 - 10.2015
- Design, Develop and Customization using HTML, CSS, ASP.NET with C#, JavaScript, Jquery, XML & MS-SQL Server 2008 R2.
- Complete software life cycle involving Analysis, software development life cycle, design, development, testing, packaging and deploying of Web Applications and Client/Server Applications on Microsoft platform.
- Working on panel & FTP for uploading database, web pages, making sub domain, separate admin panel for different users & many more. Develop software, architecture, specifications and technical interfaces.
- Optimized application performance by conducting regular code reviews and refactoring when necessary.
Education
Bachelor of Science - Computer Science Engineering
A.P.J Abdul Kalam Technical University
Uttar Pradesh, India 01.2014
Skills
- Incident Response
- Information Security
- EDR
- IT Security Operations
- Cyber Threat Intelligence
- SIEM
- SOC
- Cyber Threat Analyst
- Security Audit
- Reporting/Monitoring
- Network Security Firewall
- Penetration Testing
- Root Cause Analysis
- Query Builder
- Intrusion Detection
- Team Collaboration and Leadership
- Analytical and Critical Thinking
- Flexible and Adaptable
Certification
- ISO 27001:2013 Lead Implementer (LI) (LA)
- CompTIA : Security+
- ITIL : Information Technology Infrastructure Library V3
- CEH : Certified Ethical Hacking (v10)
- Splunk : Analyst
- MCSA : Microsoft Certified Solutions Associate (Windows Server 2012)
Languages
English
Hindi
Urdu
Timeline
Senior Threat Analyst
SecurityHQ
12.2023 - Current
Senior CyberSecurity Analyst
Security HQ
08.2021 - 12.2023
IT Security Analyst
Alpha Data
10.2019 - 08.2021
Junior Security Analyst
Alpha Data
01.2018 - 10.2019
System Administrator
Omnix International
10.2015 - 12.2017
Software Developer
White Feather Technologies
06.2014 - 10.2015
Bachelor of Science - Computer Science Engineering
A.P.J Abdul Kalam Technical University
Similar Profiles
VARAD MARATHEVARAD MARATHE
SOC Analyst - Incident Handler at SecurityHQSOC Analyst - Incident Handler at SecurityHQ
Amy Elizabeth JaggardAmy Elizabeth Jaggard
Reporting and Analytics Accountant at SecurityHQReporting and Analytics Accountant at SecurityHQ
Parmeshwar MoreParmeshwar More
Lead, Business Intelligence at SecurityHQLead, Business Intelligence at SecurityHQ
Darshan ThakkarDarshan Thakkar
Subject Matter Expert: AWS at SecurityHQSubject Matter Expert: AWS at SecurityHQ
Christopher GrundyChristopher Grundy
Senior Threat Analyst at Motorola Solutions IncSenior Threat Analyst at Motorola Solutions Inc