Muhammad Hassan
+1-571-***-**** ******************@*****.***
CAREER SUMMARY:
Cybersecurity Analyst/ Apprentice merging a Software QA Engineer and Cybersecurity background. Passion for aligning security architecture plans and processes with security standards and business goals. I protect sensitive information and digital assets, secure and configure networks, and analyze and monitor network traffic. Education:
Master’s in Information Technology
University of the Potomac, Washington DC
Evolve Security Academy
Evolve Security Certified Professional (ESCP) Certification Experience
Evolve Security - Apprentice 01/2020 - Current
Chicago, IL
• Analyze network traffic to identify the source and nature of the malicious activity and write python scripts to extract and analyze data from logs.
• Validate findings from scanning tools and used that information to write reports including evidence and remediation based on industry recommended best practices.
• Perform network packet analysis using wireshark and tcpdump.
• Experience in OpenVAS and Nessus scanning with OWASP.
• Execute penetration testing with Metasploit and Burp suite to find security gaps and generate reports to discuss security risk.
• Learning MD5 hashed password attacks with Hashcat and cewl and digital Forensics with sift and volatility.
• Knowledge of Threat Landscapes, Social Engineering, Cryptography, and Incident Response.
• Exploring Linux and windows server hardening and secure configuration of Nginx server along with Firewall Setup and configuration and also perform real-time traffic analysis and packet logging with snort NIDS.
• Familiar with VMware and other Virtual Machine Applications. Chamberlain Group - Security Analyst 04/2019 - Current Oak Brook, IL
• Experience in many aspects of computer security technologies such as IDS/IPS, port and vulnerability scanners, and network detection used in the performance of daily activities and to perform assessments and audits.
• Research, implement, and administer security infrastructure as required, including intrusion protection, security- related firewall configurations, endpoint solutions, anti-phishing and SIEM tools, including tuning and custom alerts
• Coordinate and conduct event collection, log management, event management, compliance automation, and identity monitoring activities using the SIEM platform.
• Work with QRadar to manage network security by providing real-time information and monitoring, alerts and offenses, and responses to network threats.
• Monitor for security indicators by correlating a variety of application, network, and host-based security logs and provide better remediation actions for each incident.
• Participate in kick-off meetings with System Owner and Management to categorize new information security systems through the collection of required documentation based on Regulatory Compliance FIPS 199 and NIST SP 800-60 criteria.
• Assess the performance of security controls based on NIST 800-53A by testing and examining.
• Investigate emerging technologies to addresses new cybersecurity threats and evaluate these in the context of the organization's technology posture
• Secure customer environments by responding to security alerts, problem management, and security incident management support.
• Support user training activities for the awareness of social engineering to mitigate phishing email risk.
• Perform risk analyses to identify appropriate security countermeasures.
• Use McAfee ePolicy Orchestrator to monitor and identify potential intrusions and attacks for the Security Operations Center (SOC)
• Experience in Intrusion Detection & Prevention (IDS / IPS), SIEM, Data Leakage Prevention (DLP), forensics, sniffers, and malware analysis tools.
• Coordinate with Offshore SOC team on handling Network and Security incident. Chamberlain Group - Software QA Engineer 02/2016 - 04/2019 Oak Brook, IL
• As Software QA Engineer worked on multiple projects and system testing that performs testing on multiple IoT products as part of business requirements.
• Performed testing in production during disaster recovery activities.
• Hands-on experience in Mobile App Testing (iOS, Android, and Web OS).
• Prepared Test cases, procedures, Bug Tracking, Logging, and reporting bugs using JIRA/TestRail.
• Created test suites for different projects in ReayAPI to automate test cases.
• Involved in both the development and regression testing phase of the application.
• Tested front end mobile, middleware, and web application. Bed Bath & Beyond - Software QA Engineer 03/2015 - 01/2016 New Jersey
• Worked on multiple projects, web-based customer facing e-commerce application regarding it's portal development, mobile app for the customers to shop favorite brands and tens of thousands of projects using smartphone and tablets.
• Worked closely with the scrum teams to create test scripts and test cases to ensure coverage of all areas of the product/feature(s).
Tools:
DLP Websense, Symantec & McAfee
End Point Security McAfee Suits (VSE, HIPS & HDLP), McAfee MOVE AV, Symantec IPS/IDS McAfee IPS, Secure Works IDS/IPS, SNORT
SIEM IBM QRadar, Security manager, Splunk
MSS Vulnerability Assessment, IDS/IPS Management
Vulnerability Management
Tools
Nmap, Nexpose, Wireshark,, Nessus
Security Tools IBM QRadar, McAfee Vulnerability management solutions Platforms/Applications Continuous Monitoring Vulnerability Management, Web Application Scanning, Threat Protection, Policy Compliance, Cloud Agents, Asset Management, Governance, Risk Management and Compliance,
PenTest Tools, Metasploit, Burpsuit, NMAP, Wireshark and Kali Networking LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Firewalls/IPS/IDS Protocols TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS, NetBIOS, SNMP, TLS etc. Operating System Windows, Linux, Unix