Cybersecurity Engineer Cyber Security

Nasanbuyan Otgonbaatar Cybersecurity Engineer

425-***-**** ****.***********@*****.*** linkedin.com/in/nasanbuyan-otgonbaatar Summary

A cybersecurity engineer with over six years of experience, specializing in advanced penetration testing, vulnerability assessments, threat hunting, incident response, and deploying defense mechanisms. I am eager to leverage my extensive skills in cloud security and offensive operations to enhance a company’s cybersecurity posture by applying a proactive and strategic approach. Technical Skills

Penetration testing tools: Nmap, Nessus, Burp Suite, Frida, Metasploit Framework, Hydra, Jadx, Drozer, MobSF Forensic tools: FTK Imager, Volatility, Memoryze, SIFT Workstation, ExifTool, PsTools, Plaso(log2timeline), Redline Security solutions: FireEye ETP Cloud, DefensePro DDoS Protection, Cisco Firepower IPS/IDS, Imperva WAF, NAC, Arc- sight SIEM, Splunk ES, Mandiant EDR, SASE, Palo Alto NGWF, Zscaler CASB, Okta IAM, Proofpoint DLP, SAST/DAST Security Framework: NIST Cyber Security Framework (CSF), OWASP, CIS Controls, MITRE ATT&CK, ISO 27001 Cloud service provider: Amazon Web Services(AWS), Microsoft Azure DevOps tools: Docker, Kubernetes, ELK Stack, Postman, Jenkins, Ansible, Terraform, CloudFormation Coding: Java, Python, Bash

SOAR: Splunk SOAR, XSOAR

Certifications

CompTIA Pentest+ Issued Apr 2023 - Expires Apr 2026 Experience

Cybersecurity Engineer Jun 2022 – Jul 2023

Khan Bank

• Conducted a Red team operation, resulting in fixing of two critical vulnerabilities that had the potential to compromise the organization’s external systems

• Implemented the Splunk Enterprise Security solution, substantially enhancing real-time insights into security threats and reducing the manual hours required for threat monitoring and response

• Conducted threat hunting that uncovered a hidden backdoor created by Advanced Persistent Threat(APT) group and mitigated a critical vulnerability exploited to establish the backdoor

• Developed a Python script that automated firewall policy tasks, reducing manual workload by 80 hours each month Penetration Tester Dec 2021 - Jun 2023

Check Point Part-time

• Executed penetration testing on multiple client websites and mobile applications, identifying critical vulnerabilities with the potential to compromise application systems, and provided an actionable remediation plan

• Remediated a vulnerability that led to the loss of cryptocurrency from our client’s customer’s wallets. This was due to attackers stealing passwords from the database via a compromised web application Cybersecurity Analyst Jan 2021 - Jun 2022

M Bank

• Detected a Business Email Compromise (BEC) incident by implementing Microsoft 365 security best practices and setting up alerting mechanisms for suspicious activities

• Implemented mobile application protection software for our mobile banking application used by 2M+ users, enhancing its resilience against reverse engineering, MITM, SSL Pinning bypass and tampering

• Managed incident response, attacker had compromised over 10 production server via web shell that detected on ap- plication server. Identified vulnerability of the application server and eradicated the web shell, preventing further unauthorized access.

Cybersecurity Engineer Aug 2017 - Jan 2021

MobiCom Corporation

• Deployed Endpoint Detection and Response (EDR) solution across the organization, enhancing endpoint security by 90% and substantially enhancing the detection and response capabilities against advanced threats

• Detected and mitigated cyber attacks by developing a SIEM (Security Information and Event Management) rule specially designed to identify indicators of previous attacks

• Deployed proxy system to enhance network security and internet usage control, resulting in a 25% improvement in web traffic filtering and a significant reduction in access to malicious websites. Education

Mongolian University of Science and Technology Mongolia Bachelor of Computer Science in Computer system security 2013 - 2017

Contact this candidate