Incident Response Specialist, Cyber Security Engineer
Resume:
NA
EDUCATION
M.S. Cyber Security and
Information Assurance -
Western Governors
University
B.S. Business
Administration IT
Management – Western
Governors University
CERTIFICATIONS
Security+
CYSA+
ECIH
CEH
NAHEEM AHMAD
*************@*****.***
PROFESSIONAL WORK EXPERIENCE
Accenture Federal Services – Incident Response
Specialist
Nov 2020 – Present
Member of Cyber Incident Response Team (CIRT) responsible for investigating and responding to cyber security related incidents.
Utilized Security applications including Windows Defender, Advanced Threat Protection, Cloud App
Security, Azure Advanced Threat Protection and Splunk for daily operations.
Investigated and responded to incidents involving user and endpoint activities by conducting analysis with Microsoft Security Suite, Splunk, along with other open- source resources
Responded to wide variety of incidents including machine compromise, insider threats, phishing and data
exfiltration/DLP
Performed eDiscovery using tools in Microsoft Protection Center to search and export data from Microsoft
Exchange/SharePoint/OneDrive.
Worked alongside Legal and Insider Threat teams
requiring CIRT assistance on possible data exfiltration incidents
Finalized technical incident reports summarizing incident events and remediation steps for leadership.
PROFESSIONAL WORK EXPERIENCE CONT.
Cybraics – Security Engineer
Oct 2018 – Nov 2020
Security Engineer that assumed various roles within Security Operation Center ranging from security analyst, customer support and platform integration and optimization.
Conducted analysis and investigations on network and host behavioral based activities
Performed threat hunt activities within client environments for intrusions, vulnerabilities and opportunities for detection improvement
Investigated security incidents utilizing a variety of log sources with internal SIEM built on Elastic Search
Provided content for detection rules involving TTP’s and IOC’s based on OSR
Researched and presented data to team on cyber-attacks and related malicious activity to enhance analytic development
Categorized alert severity and response priority based on MITRE ATTACK framework methodology
Met with clients for security incident and service reviews
Suggested UI updates of company tool for improving efficiency and user compatibility
Worked closely with Data Scientists to better ingest data sources while retaining security visibility
Performed QA testing of updates and patches performed upon company product The Media Trust – Malware Analyst
Oct 2016 – Mar 2017
Junior level malware analyst that provided historical, behavioral, and forensic analysis for malware detections as a first responder for clients.
Monitored and responded to security events/incidents for clients in a 24/7 environment
Created rule-based alerts triggered from malware strings, malicious URL’s, IP addresses, subdomains and malicious creatives
Notified clients of alerts & incidents when malware was found on client sites
Flagged malware strings within malicious content and created rules for detection
Blacklisted domains & IP addresses that were hosting malicious ad code
Monitored and flagged malware in forms of malvertisement, trojans, worms, and adware
Analyzed/flagged hosts and IP addresses carrying possible malicious content
Suggested UI updates of company tool to improve efficiency and quicker incident response techniques for clients
Improved team efficiency by creating shift coverage plan for better coverage during overnight and weekend shifts
CACI – Systems Analyst Nov 2014 – Oct 2016
Support for CACI’s internal and external business clients. Assisted in primary system administration duties while implementing baseline Standard Operating Procedure practices.
Pushed security updates/patches/anti-virus agents utilizing SCCM on user workstations.
Reviewed/monitored spam/phishing emails.
Managed groups, users and policies in Active Directory.
Provided over the phone support and troubleshot VPN/network issues for remote users
Contact this candidate