Software Development Incident Response
Resume:
Faizani Rasul Iftikhar
Email: *****************@*****.*** Phone: +1-443-***-**** Visa: USC Open for PAN USA
LinkedIn: https://www.linkedin.com/in/faizani-iftikhar-6b3213202/
SUMMARY
Seasoned Application Security and Vulnerability Management Engineer with 8+ years of hands-on experience driving secure software development initiatives across cloud and on-prem environments.
Proficient in SAST, DAST, SCA, IAST, and container image scanning, and skilled in collaborating with developers and application teams to remediate security findings and close gaps efficiently.
Adept in validating scan results, triaging false positives, and integrating security into the DevSecOps pipeline using tools like Jenkins, GitHub Actions, Terraform, and Ansible.
Well-versed in risk acceptance workflows, exception documentation, and compliance with regulatory standards including NIST, ISO 27001, HIPAA, and PCI-DSS.
Technically fluent in Java and JavaScript ecosystems and experienced in integrating security across CI/CD pipelines to protect applications from code to container.
Adept at collaborating with cross-functional engineering teams to validate encryption, authentication, and physical device security controls while maintaining compliance with global healthcare regulations.
Specialized in security monitoring, SOAR integration, incident response, cloud security, vulnerability management, and regulatory compliance (NIST, CJIS).
Skilled in deploying and managing SIEM (Splunk, QRadar) and SOAR platforms, automating security operations, and reducing incident response times.
Skilled in deploying and managing SIEM (Splunk, QRadar), endpoint security (CrowdStrike, Defender ATP), vulnerability scanners (Nessus, Qualys), and next-generation firewalls (Palo Alto, Cisco).
Skilled in handling high-pressure situations, resolving incidents promptly, and ensuring compliance with industry regulations such as HIPAA, GDPR, PCI DSS, and SOX.
Knowledgeable in cloud-native security tools and architectures, ensuring secure management of cloud resources across AWS, Azure, and GCP.
Demonstrated success in designing and implementing robust security solutions that protect critical data and ensure business continuity.
In-depth knowledge of cybersecurity attack vectors, threat intelligence, and remediation techniques to proactively combat new and evolving threats.
Proficient in the integration of security solutions into organizations’ overall risk management strategies to minimize the attack surface and improve security posture.
Proven track record of improving organizational security maturity through the deployment of security automation and advanced monitoring systems.
Expertise in developing and implementing incident response plans, coordinating teams to minimize damage and recover quickly from cyberattacks.
TECHNICAL SKILLS
Application Security Tools: Checkmarx (SAST), Fortify, SonarQube, Veracode, BlackDuck (SCA), OWASP ZAP, Burp Suite (DAST), Contrast Security (IAST), Prisma Cloud, Trivy, Anchore, Clair (Container Image Scanning)
Languages & Frameworks: Java, JavaScript, Python, Bash, PowerShell
CI/CD & DevSecOps: Jenkins, GitHub, GitHub Actions, Terraform, Ansible, Docker
Cloud Platforms: AWS, Azure, GCP
SIEM & EDR: Splunk, QRadar, Phantom SOAR, SentinelOne, CrowdStrike
Compliance & Frameworks: NIST 800-53, ISO 27001, CJIS, PCI-DSS, HIPAA
Databases & Platforms: Oracle, MySQL, PostgreSQL
Certifications: CompTIA Security+
PROFESSIONAL EXPERIENCE
Pfizer – New York NY (Remote)
Sr. Cybersecurity Engineer November 2022 – Present
Responsibilities:
Implementation and integration of security scanning tools (Checkmarx, SonarQube, BlackDuck, Prisma Cloud) into CI/CD pipelines across Java and JavaScript applications.
Performed vulnerability assessments using SAST, DAST, IAST, and SCA tools, and container scanning via Prisma Cloud and Anchore.
Analyzed scan results, triaged false positives, and documented validated vulnerabilities in JIRA while tracking remediation through GitHub Actions.
Partnered with development teams to consult on code-level remediations and secure design patterns; reduced remediation turnaround time by 30%.
Developed risk acceptance documentation and exception tracking aligned with NIST and ISO guidelines.
Automated vulnerability reporting using Python scripts that interfaced with API endpoints of scanning tools to generate weekly dashboards.
Standardized Terraform modules to manage scanning rules across environments and ensured IaC templates followed secure baseline configurations.
Conducted quarterly threat modeling and risk assessments for Java-based web applications and APIs hosted on GCP and Azure.
Orchestrated Jenkins pipelines to trigger security scans during every pull request and deployment, enforcing compliance with OWASP Top 10.
Delivered security awareness and secure coding workshops to application teams focusing on DAST/SAST findings, SQLi, and XSS prevention.
Configured alerting and telemetry in GCP Stackdriver and integrated logging into Splunk via Terraform automation.
Mentored junior engineers on security tool usage and policy implementation aligned with ISO and NIST standards.
Provided executive briefings and technical documentation on emerging threats, control gaps, and incident metrics.
Endpoint protection platforms (EPP) and endpoint detection and response (EDR).
Involved in standardizing Splunk Phantom SOAR POV deployment, configuration and maintenance across UNIX and Windows platforms.
Identify risks and vulnerability reported in Azure security center and GCP Security Command Center and remediate them.
Expert for DLP, Firewall, VPN, Archer, Vulnerability Management solutions, IDS/IPS/WIPS, SIEM and EDR.
Integrated the data from SOAR to ServiceNow, and captured that data in Service Now by creating a table.
Validated encryption, authentication, TLS configurations, and endpoint/device hardening controls across hybrid environments.
Answered pre-sales technical and security questionnaires regarding SDLC, ISO 27001, SOC 2/3 audit, FedRamp, PCI, and HIPAA, NIST, PCI and other GRC.
Authored detailed security test documentation, including verification traceability matrices and regulatory compliance artifacts for FDA and IEC 81001-5-1.
Automated testing processes using Python and PowerShell to streamline regression testing and evidence generation.
Partnered with hardware/software/cloud teams to integrate secure design principles into the product lifecycle.
Performed threat modeling and risk assessments, documenting mitigations and supporting regulatory submissions.
Maintained Azure/AWS cloud compliance posture using Defender for Cloud, Security Center, and Sentinel.
Engineered and secured Azure workloads with Azure Security Center, Defender for Cloud, and Sentinel for real-time monitoring and threat detection.
Conducted vulnerability scanning using Nessus and partnered with asset owners to ensure timely remediation.
Implemented and managed endpoint protection platforms (CrowdStrike, Windows Defender ATP) and automated endpoint remediation activities via SOAR.
Oversaw client patching via Intune and server patching via WSUS, enforcing security baseline compliance.
Collaborated with cloud security teams to strengthen AWS and Azure security postures, applying continuous monitoring solutions.
Applied NIST 800-53 and CJIS frameworks to technical and operational controls across hybrid environments.
Delivered proactive threat intelligence reports to leadership, integrating findings into SOAR enrichment processes.
Assisted in developing and automating security controls to align with NIST 800-53 and CJIS standards.
Delivered threat intelligence briefings to leadership based on emerging trends and vulnerabilities.
Implemented and tested disaster recovery and business continuity plans to maintain service availability post-incident.
Led incident response efforts during security breaches, performing root cause analysis and managing the recovery process.
Delivered security awareness training tailored for healthcare staff to identify phishing, ransomware, and other attack vectors.
Worked closely with compliance teams to ensure healthcare data privacy regulations were met in the organization’s security protocols.
Managed the integration of cloud-based security solutions to secure healthcare applications and patient data across cloud environments.
Provided strategic guidance to senior leadership on emerging cybersecurity threats and recommended proactive measures to protect patient data.
Developed disaster recovery and business continuity plans, ensuring the organization could quickly recover from security incidents with minimal disruption.
Led penetration testing and vulnerability assessments on healthcare systems and applications, identifying potential weaknesses and mitigating risks to critical infrastructure.
Configured and monitored security tools such as firewalls, intrusion detection systems (IDS), and endpoint protection, ensuring they adhere to healthcare compliance standards.
Worked with cloud security teams to ensure secure handling and compliance of healthcare data in cloud environments, applying best practices for data privacy.
Conducted quarterly security audits, reviewed security controls, and led efforts to identify gaps, ensuring continuous compliance with healthcare regulatory requirements.
Exelon - Baltimore, MD
Cybersecurity Engineer July 2020 – October 2022
Responsibilities:
Operationalized SAST and DAST across legacy and cloud-native JavaScript and Java apps; improved vulnerability detection by 40%.
Introduced and maintained Contrast Security for IAST and integrated SCA (BlackDuck) to catch third-party library issues early in the SDLC.
Deployed container image scanners (Trivy, Clair) into CI/CD pipelines managed with Jenkins and GitHub Actions.
Worked directly with developers and application teams to guide remediation efforts, validate security fixes, and retest vulnerabilities.
Designed and maintained dashboards and reports for executives on vulnerability metrics, risk posture, and remediation SLAs.
Created automated workflows in ServiceNow to record exceptions, document accepted risk, and enable auditable tracking.
Assisted in security policy development and baselining for Java microservices and API-based applications.
Applied Terraform and Ansible to configure cloud-native security controls and enforce least-privilege access in AWS and Azure environments.
Co-led the implementation of secure code review guidelines and introduced pre-commit hooks to catch high-risk patterns in JavaScript apps.
Collaborated with audit and GRC teams to prepare documentation for PCI-DSS and SOX compliance.
Collaborated with compliance teams to ensure alignment with PCI-DSS, SOX, and internal audit requirements.
Communicated threat intelligence findings and risk prioritization to non-technical stakeholders and leadership.
Implemented and monitored Google Cloud (GCP) Secret Management using KMS.
Deployed SentinelOne EDR tool to over 1500 workstations, VMware, Hyper-V machines via GPO.
Led real-time security monitoring using SIEM platforms, integrated with SOAR for event correlation and triage prioritization.
Built the Security Orchestration, Automation and Response (SOAR) program centered on ServiceNow, Swimlanes, Qualys Vulnerability Scanner, Carbon Black, Symantec DLP, and Splunk.
Led vulnerability management lifecycle and conducted regular penetration testing on embedded infrastructure.
Collaborated with development and IT teams to remediate findings and ensure secure software configurations.
Designed SOAR-based workflows to automate security validation and triage of identified threats.
Maintained test documentation and control evidence to meet compliance with ISO 27001 and internal audit standards.
Performed root cause analysis on device-related security incidents and developed mitigations.
Authored and maintained incident response playbooks aligned to NIST and CIS frameworks.
Led penetration testing efforts to assess resilience against evolving cyber threats.
Collaborated with compliance teams ensuring strict adherence to PCI DSS, SOX, and other financial regulatory standards.
Monitored, analyzed, and triaged security events via Splunk and other SIEM platforms.
Implemented MFA solutions and secured critical systems against phishing and credential theft attacks.
Conducted regular vulnerability assessments and worked with teams to prioritize and remediate findings.
Led penetration testing efforts, simulating real-world attack scenarios to identify weaknesses in infrastructure.
Developed and maintained incident response and forensics playbooks, improving the organization's MTTD and MTTR metrics.
Ensured compliance with PCI DSS, SOX, and other financial regulatory standards.
Automated security reports and daily operational tasks using Python and PowerShell.
Collaborated with compliance teams to ensure the firm remained compliant with industry regulations like PCI DSS, SOX, and other financial standards.
Managed the day-to-day operations of the SIEM system, monitoring logs and alerts to detect abnormal activities and potential threats.
Spearheaded the deployment of multi-factor authentication (MFA) systems across the organization to enhance access controls and secure sensitive financial data.
Led comprehensive risk assessments and vulnerability scanning for financial systems, ensuring compliance with regulations such as PCI DSS, SOX, and other industry standards.
Implemented end-to-end encryption for data protection during storage and transmission, safeguarding sensitive financial transactions.
Led penetration tests to identify vulnerabilities within the organization’s network, systems, and applications, proactively defending against external and internal threats.
Managed the daily operations of the SIEM system, analyzing logs and alerts to detect abnormal activity and mitigate potential threats in real-time.
Worked with IT teams to optimize the firewalls, intrusion prevention systems (IPS), and endpoint protection solutions across the organization’s infrastructure.
Played a key role in incident response efforts, leading investigations and managing the recovery process after security breaches.
Created and maintained disaster recovery plans and incident response procedures, ensuring the organization could quickly recover from security incidents with minimal impact on financial systems.
Educated employees on cybersecurity best practices and spearheaded security awareness initiatives to mitigate human error and enhance the organization’s overall security posture.
Provided real-time threat intelligence to senior leadership, advising on proactive measures and preparing the organization for emerging cyber risks.
Worked with IT teams to configure and optimize firewalls, endpoint security solutions, and intrusion prevention systems (IPS) across the organization.
Led efforts to improve endpoint security by deploying advanced endpoint protection software across the entire organization.
Provided real-time threat intelligence to senior leadership, ensuring that appropriate actions were taken in response to emerging cyber threats.
Developed security procedures to ensure the secure configuration of new devices and systems, minimizing the risk of future vulnerabilities.
Conducted vulnerability assessments and risk evaluations for new applications and systems being introduced into the organization.
Educated employees about cybersecurity best practices and spearheaded security awareness initiatives to minimize human error and improve overall organizational security.
Marriott International - Bethesda, MD
Cybersecurity Analyst February 2017 – June 2020
Responsibilities:
Performed web application vulnerability assessments using Burp Suite, OWASP ZAP, and manual testing techniques.
Integrated SonarQube for static analysis and ZAP for DAST into Jenkins-based pipelines, automating vulnerability detection for e-commerce platforms.
Conducted regular scans of Oracle databases for misconfigurations and supported remediation with DB teams.
Provided remediation guidance to dev teams on resolving XSS, CSRF, SQLi, and other OWASP Top 10 vulnerabilities.
Maintained application risk registry and collaborated with GRC to document risk acceptance and control deficiencies.
Worked closely with developers to embed security into the Agile SDLC process and helped them interpret scan reports.
Coordinated quarterly threat assessments and penetration testing on public-facing web apps.
Authored secure development guidelines and trained teams on secure coding practices in Java and JavaScript.
Provided forensics support and performed root cause analysis during incident investigations.
Led training sessions and awareness campaigns for staff to identify phishing, ransomware, and social engineering tactics.
Created baseline configurations and tested them against security benchmarks to ensure consistent posture across platforms.
Developed detailed reports and dashboards for SOC performance metrics and incident tracking.
Configured Pub/Sub to send logs from Google Cloud (GCP) to IMB QRADAR and Splunk using Terraform.
Configure and deploy SentinelOne EDR tool to over 2500 Windows and Linux devices Via GPO.
Worked on Splunk products such as Splunk ES and SOAR and developed and operationalized target network architecture to have successful interaction with event sources to design, develop, and implement the solution.
Supported vulnerability management lifecycle using Qualys and performed remediation coordination.
Assisted in the development of security policies aligned with NIST and CIS frameworks.
Conducted manual and automated vulnerability assessments on web apps and internal systems.
Developed baseline security configurations for devices and verified effectiveness via testing.
Supported forensic analysis and incident investigation on compromised systems.
Implemented firewall rules, secure access protocols (TLS, VPN), and monitored endpoint compliance.
Monitored security events and logs using SIEM tools to detect and respond to potential security incidents in real-time.
Performed regular vulnerability scans and assessments to identify weaknesses in the e-commerce platform, including systems and databases.
Assisted in the development of risk management strategies, evaluating and mitigating potential risks to the company’s digital assets.
Provided detailed reports on security incidents, vulnerabilities, and threat analysis to management, ensuring that necessary improvements were made.
Collaborated with IT teams to apply patches and security updates to servers, applications, and other critical infrastructure to protect against known vulnerabilities.
Configured and maintained firewalls and intrusion detection/prevention systems (IDS/IPS) to safeguard the company’s network perimeter.
Education details: NJIT bachelor’s in computer science in 2017
Contact this candidate