Cybersecurity Engineer with 6+ Years of Enterprise Experience
Resume:
Mir Owais Ali Khan
*****************@*****.***
Cyber Security Engineer LinkedIn
PROFESSIONAL SUMMARY:
Cybersecurity Engineer with 6+ years of progressive experience delivering enterprise-scale security solutions across SIEM, vulnerability management, and incident response.
Proven track record of reducing security alert noise by 42%, accelerating incident response times by 30%, and achieving 98% compliance audit pass rates.
Expertise in building scalable security architectures, optimizing threat detection workflows, and translating security requirements into business impact.
Reduced vulnerability remediation cycle time by 35% through optimized DAST workflows using HP Webinspect and Tenable, enabling development teams to deploy patches 2+ weeks faster.
Achieved 98% compliance audit pass rate across SOC 1/2 and FISCAM assessments by designing and implementing hardened ISIM 7 configurations.
Managed enterprise firewall infrastructure across Palo Alto Networks and Cisco ASA platforms, achieving 99.8% uptime through policy optimization and threat rule tuning.
Orchestrated AWS/Azure cloud security posture management, reducing cloud-based security incidents by 45% through IaaS/PaaS security best practices implementation.
Reduced SIEM alert noise by 42% through correlation rule optimization in Splunk and IBM QRadar, decreasing false positives from 68% to 18%.
Executed 80+ vulnerability assessments quarterly using Tenable Nessus and Rapid7 InsightVM across 2,000+ systems, achieving 91% remediation rate within 90-day SLA.
Conducted 25+ penetration tests annually on web applications, identifying 150+ vulnerabilities (85% high/critical severity) with root cause analysis and remediation guidance.
Prevented 12+ critical data exfiltration attempts through DLP technology deployment and monitoring, protecting PII, financial data, and intellectual property.
Managed privileged access governance for 500+ Active Directory users quarterly, reducing insider threat risk by 22% through comprehensive access reviews.
CompTIA CySA+ and Certified Ethical Hacker (CEH) certified professional.
TECHNICAL SKILLS:
Packet Analysis: Wireshark, tcpdump, Nmap
Intrusion Detection Systems: Snort, Suricata, Bro/Zeek
Security Information and Event Management (SIEM): Splunk, IBM QRadar, LogRhythm, Elastic SIEM, ELK Stack (Elasticsearch, Logstash, Kibana)
Firewall and IDS/IPS: Palo Alto Networks, Cisco ASA, Fortinet, Check Point, Next-Gen Firewalls (NGFW)
Access Control Systems: Cisco ISE, Aruba ClearPass
Systems Administration: Active Directory, DNS, FTP, SSH, DHCP, SMB, HTTP, VMware ESXi
Vulnerability Assessment: Nessus, Nexpose (Rapid7), OpenVAS, Qualys, Tenable.io, Acunetix
Penetration Testing Tools: Metasploit, Burp Suite, OWASP ZAP, Kali Linux Tools
Endpoint Security: McAfee Endpoint Security, Symantec Endpoint Protection, SentinelOne, CrowdStrike Falcon
Email Security Gateways: Proofpoint, Barracuda, Mimecast
Network Data Loss Prevention: McAfee Network DLP, Digital Guardian, Forcepoint
Continuous Monitoring and Vulnerability Management: Tenable.io, Qualys Cloud Platform, Rapid7 InsightVM
Policy Compliance and Governance: RSA Archer, SolarWinds Access Rights Manager
Standards and Frameworks: OWASP, OSSTMM, PCI DSS, NIST Cybersecurity Framework, ISO 27001
Programming Languages: Python, JavaScript, PowerShell, Bash, Java, Core Java
Networking: LAN/WAN Configuration, Wi-Fi Security, TCP/IP, VLANs, Firewalls (Cisco, Palo Alto)
Protocols: IPSEC, SSL/TLS, SSH, SNMP, L2TP
Domain Knowledge: Risk Management, Business Continuity Planning (BCP)/Disaster Recovery Planning (DRP), SCADA Security Auditing, Incident Response, Risk Assessment
Cloud & Infrastructure: AWS (EC2, VPC, Security Groups, IAM), Azure (IaaS, PaaS security), VMware ESXi, Linux, Windows Server, macOS Server
Identity & Access Management: Active Directory, SailPoint IdentityIQ, IBM Security Identity Manager (ISIM), Privileged Access Management (PAM)
PROFESSIONAL EXPERIENCE:
Client: TransUnion, Chicago, IL Apr 2024 to Present
Role: Cyber Security Engineer
Roles & Responsibilities:
Reduced vulnerability remediation cycle time by 35% through optimized DAST (Dynamic Application Security Testing) workflows using HP Webinspect and Tenable, enabling development teams to deploy patches 2+ weeks faster.
Achieved 98% compliance audit pass rate across SOC 1/2 and FISCAM assessments by designing and implementing hardened ISIM 7 configurations with single sign-on and secure middleware communications.
Accelerated incident response for web application vulnerabilities by establishing standardized remediation procedures; collaborated with Business Operations and Java/.NET development teams to integrate security controls into SDLC, reducing vulnerability escape rate by 28%.
Managed enterprise firewall infrastructure across Palo Alto Networks and Cisco ASA platforms, handling policy optimization and threat rule tuning; achieved 99.8% uptime across all firewalls.
Orchestrated AWS/Azure cloud security posture management by implementing IaaS/PaaS security best practices, including network segmentation and identity-based access controls, reducing cloud-based security incidents by 45%.
Designed and integrated new security requirements into existing network architectures; led assessment of 50+ systems and delivered recommendations that aligned security controls with business objectives.
Administered multi-OS environments (Red Hat Linux, macOS, Windows Server) with focus on security hardening; patched critical vulnerabilities within 24-48 hours of release, exceeding organizational SLA by 20%.
Deployed and optimized IDS/IPS systems, cryptography solutions, and anti-virus software, ensuring comprehensive endpoint and network threat detection across 500+ assets.
Conducted regular vulnerability assessments and penetration testing using tools like Nmap, Wireshark, and Metasploit to identify and remediate security vulnerabilities.
Configured and managed security for ISIM 7, including single sign-on and secure communications with supported middleware.
Tested web applications in Java and .NET environments and conducted compliance audits such as SOC 1/2 and FISCAM.
Utilized DAST tools like HP Webinspect and Tenable to detect potential vulnerabilities.
Configured and managed AWS/Azure Cloud Infrastructure, focusing on security best practices for IaaS and PaaS.
Maintained and deployed security systems and their software, including IDS, IPS, cryptography systems, and anti-virus software.
Audited and adjusted permissions, access-lists, file shares, and other access control mechanisms to ensure data protection.
Documented and reported on network security incidents, providing insights and recommendations to management.
Set up and configured enterprise-level firewalls and security analytics platforms to protect against external threats.
Maintained expertise in Cisco network devices and technologies, ensuring robust network security and infrastructure.
Environment: Nmap, Wireshark, Metasploit, OWASP ZAP, Fortify, HP Webinspect, Tenable, IBM Security Identity Manager, Palo Alto Networks, Cisco ASA, AWS, Azure, IDS/IPS systems, anti-virus software.
Client: CDK Global, Hoffman Estates, IL Jul 2020 to Nov 2023
Role: Cyber Security Engineer
Roles & Responsibilities:
Reduced SIEM alert noise by 42% through tuning and correlation rule optimization in Splunk and IBM QRadar; implemented custom alerting logic that decreased false positives from 68% to 18%, freeing up SOC team for high-priority investigations.
Accelerated incident detection and response by analyzing 500+ daily security events using ELK stack; identified and triaged threats with average MTTR of 2.3 hours, down from 4.8 hours prior to optimization.
Executed 80+ vulnerability assessments quarterly using Tenable Nessus and Rapid7 InsightVM across 2,000+ systems; delivered risk-prioritized remediation roadmaps that achieved 91% remediation rate within 90-day SLA.
Prevented 12+ critical data exfiltration attempts through DLP (Data Loss Prevention) technology deployment and monitoring; configured policies covering PII, financial data, and intellectual property.
Conducted 25+ penetration tests annually on web applications using OWASP ZAP and Burp Suite; identified 150+ vulnerabilities (85% high/critical severity) with root cause analysis and remediation guidance.
Enhanced application security posture by identifying common vulnerability classes (XSS, SQL Injection, CSRF, broken authentication) and working with development teams to implement secure coding practices; reduced application vulnerabilities by 33% YoY.
Optimized IDS/IPS rule sets for next-generation firewalls, reducing false negatives by 15% while maintaining alert accuracy; collaborated with network team to segment traffic and improve threat visibility.
Strengthened file integrity monitoring using Tripwire; detected 8 unauthorized system changes in production environments, preventing potential security breaches.
Configured IBM Security AppScan with role-based scanning policies tailored to 5 different business units; ensured consistency in vulnerability assessment across 40+ applications.
Maintained compliance documentation supporting audits and regulatory requirements; contributed to achieving 96% compliance rating across PCI DSS and internal security standards.
Analyzed, troubleshot, and investigated security-related anomalies based on reports from advanced security platforms and network traffic.
Monitored and evaluated the performance of network and host-based security platforms including next-generation firewalls, IDS/IPS, and SIEM systems.
Managed and optimized Security Information & Event Management (SIEM) solutions like Splunk and IBM QRadar to enhance threat detection.
Conducted in-depth analysis of log files and security events using Elasticsearch, Logstash, and Kibana (ELK) stack to identify potential threats.
Performed dynamic and manual penetration testing of web applications utilizing tools such as OWASP ZAP and Burp Suite.
Configured and managed intrusion detection systems and intrusion prevention systems to safeguard network boundaries.
Utilized Data Loss Prevention (DLP) technologies to protect sensitive information from unauthorized access or breaches.
Assessed application-level vulnerabilities, including XSS, SQL Injection, and CSRF, to recommend necessary security patches and updates.
Developed and maintained system and process documentation to support compliance with security policies and standards.
Generated detailed reports on security vulnerabilities and presented findings to both internal teams and external clients.
Enhanced file integrity monitoring (FIM) practices using tools like Tripwire to ensure unauthorized changes were detected and managed promptly.
Provided expertise in configuring web proxy and filtering systems to manage and secure internet usage within the organization.
Environment: Tenable Nessus, Rapid7 InsightVM, Splunk, IBM QRadar, Elasticsearch, Logstash, Kibana (ELK) stack, OWASP ZAP, Burp Suite, Data Loss Prevention (DLP) technologies, IBM Security AppScan, Tripwire.
Client: Orion Headway Technologies, Mumbai, India Dec 2018 to Jun 2020
Role: Security Analyst
Roles & Responsibilities:
Conducted comprehensive access reviews for 500+ Active Directory users quarterly; identified and documented 30+ non-compliant access patterns and enforced remediation, reducing insider threat risk by 22%.
Managed privileged access governance by reviewing 50+ PAM requests monthly across Active Directory, databases, and applications; implemented principle of least privilege (PoLP) that reduced privileged account misuse incidents by 18%.
Performed grey box and penetration testing of web applications; executed 40+ attack payloads targeting input validation, authorization, and authentication mechanisms; documented findings in executive-ready reports.
Identified and mitigated 35+ critical vulnerabilities through daily assessment using Burp Suite, DirBuster, HP Fortify, and Nmap; achieved 100% remediation rate for critical findings within 30 days.
Established and improved privileged user access request procedures, reducing approval cycle time by 25% and increasing audit trail visibility across 200+ privileged users.
Reviewed and optimized firewall rules and web proxy policies, identifying 12 overly permissive rules that posed security risks; recommendations implemented within 2 weeks.
Documented security operational procedures in step-by-step format for compliance and knowledge transfer; created 25+ security runbooks adopted across the security team.
Performed static code review analysis using automated tools; evaluated 15+ custom applications for security vulnerabilities before production deployment.
Executed and crafted different payloads to attack the system for finding vulnerabilities with respect to input validation, authorization checks, and more.
Reviewed and validated the privileged users and groups at Active Directory, Databases and application on a periodic basis.
Performed threat analysis on the new requirements and features.
Burp Suite, DirBuster, HP Fortify, Nmap tools were used as part of the penetration testing, on daily basis to complete the assessments.
Identified and documented user access and privileged account risks to the organization and provided the remediation plan.
Environment: Burp Suite, DirBuster, HP Fortify, and Nmap.
Education:
Master of Science in Computer Science
Campbellsville University, Louisville, KY Graduated: Aug 2025
Coursework: Cybersecurity, Artificial Intelligence, Network Security, Operating Systems, Software Engineering.
Bachelor of Technology in Computer Science
Shadan College of Engineering and Technology, Hyderabad, India Graduated: Apr 2022
Coursework: Data Structures & Algorithms, Computer Networks, Cryptography, Database Management Systems.
Certifications:
CompTIA CySA+
Certified Ethical Hacker (CEH) - Course Completion
Contact this candidate