Cyber Security Expert at Telenor, Oslo/Islamabad (2022-04 – Present)
- Designing and implementing security architecture for cloud-based infrastructure, including AWS, Azure, and GCP environments.
- Privacy Champion for the squad for compliance of GDPR among assets.
- Owner of vulnerability management program for design and implementation in multi-cloud environment.
- Ensuring security requirements in cloud adoption process and migration of On-premises applications to public cloud.
- Conducting bi-annual audits for applications to ensure SOC 2 type 2 compliance.
- Lead Security coordinator for change management process.
- Responsible for End User Computing security. Lead Security architect for Microsoft Azure cloud and M365.
Telenor Accomplishments
- Implemented end to end Vulnerability management program in multi-cloud environment.
- Made bi-critical assets GDPR compliant and their documentations. (GCP, Azure and Workplace etc)
- Member of Change architecture board for all Security strategy decisions.
- Deployment of Microsoft Sentinel and SOC team.
Cloud & Data Centre Security Architect at Telenor Pakistan (2021-11 – 2022-04)
- Lead Security Architect for Telenor Pakistan for deploying security tools at multi-cloud environment.
- Conducting security architecture reviews and suggesting plans for cloud environment's security.
- Designed, developed, and implemented vulnerability management program for hybrid cloud.
- Deployed and maintain SIEM and Endpoint security tools in cloud environments.
- Conducted change request reviews to ensure security compliance as per guidelines of Telenor's defend-able architecture.
- Maintained effectiveness of Identity Access Management (PAM) solution, network firewalls and monitoring tools.
- Provided security subject matter expertise in operating systems, network devices. Future capacity expansion and strategy planning.
- Worked with technical teams to architect and deliver projects on expected timelines.
- Vendor management and defining Key performance indicators to improve overall security posture.
Security Engineering Lead at Noytel (2019-11 – 2021-11)
- Conducted Web Application, Systems and Networks Penetration Testing. Systems/Servers/Applications/Network Vulnerability Assessment and management.
- Investigate, Analyze, and review security events, malware, and network/endpoint/edge anomalies to determine response/mitigation actions.
- Administration, Deployment and Management and of security solutions.
- Administration of security Audits on monthly basis within organization to assure IT infrastructure is adequately protected.
- Compliance of international Standards such as NIST, ISO 27001, ISO 27005, CIS benchmarks.
- Administration and implementation of defense policies on anti-DDoS solution to ensure service availability.
- Administration, Deployment and Management end of security solutions which includes: SIEM Solutions (Splunk, ELK Stack), Endpoint protection Antivirus (Kaspersky, Cisco Endpoint Protection), Anti-DDoS solutions (Arbor Network), Grade Network level NG Firewall ( Cisco Firepower).
Accomplishments at Noytel
- Managed and trained team of four professionals.
- Maintained 99% uptime of Company's cyber defense for 2 years.
- Saved 20+ USD to company by deploying opensource security tools.
- Member of Steering committee for leading cyber security initiatives within the organization.
- Reporting to Vice President of operations for leading cyber security initiatives.
Cyber Security Researcher at National Radio & Telecom Corp (2018-08 – 2019-08)
Attached with a team of R&D Engineers working on Offensive Security. Developed and provided team with various scripts and solutions for opensource platforms. Completed requirements of Industrial thesis.