Atif Nazar
Owings Mills,MD
Summary
Accomplished Information Security Team Lead at Afiniti, adept in vulnerability management and fostering cross-functional team collaboration. Spearheaded initiatives to enhance security postures, achieving a 25% increase in team productivity. Expert in Rapid7 Insight VM and excels in strategic risk management, demonstrating a proactive approach to cybersecurity incident analysis and response.
Overview
4
4
years of professional experience
Work History
Information Security Team Lead
Afiniti
09.2023 - 06.2024
- Established and managed procedures to identify, analyze, and communicate information security risks to business executives using Risk Management Framework
- Partnered with compliance team to obtain industry standard certifications for organization including SOC 2, ISO27001, and PCI DSS
- Devised strategies to enhance organizational security posture
- Implemented process improvements that led to reduced turnaround times by 22% for critical tasks without compromising quality
- Teamed up with cross-functional departments to integrate security best practices into software development lifecycle and infrastructure deployment processes
- Conducted regular risk assessments to pinpoint potential security vulnerabilities within the envoirnement and supervise mitigation efforts for on-prem and cloud infrastructure
- Oversaw collaboration between R7 and Afiniti for MSSP services by evaluating monthly reports
- Led incident response for all security-related events for the organization
- Engaged with product teams to define security controls for new products according to industry best practices and security frameworks.
- Promoted a positive work environment by fostering teamwork, open communication, and employee recognition initiatives.
Lead Security Engineer
Afiniti
03.2022 - 09.2023
- Enhanced operational processes through the creation of detailed documentation that defined procedures, leading to a 25% boost in team productivity and a 15% decrease in time allocated to reporting duties
- Oversaw the integration of new systems by collaborating with internal and external teams
- Conducted thorough evaluations of security threats, identified vulnerabilities, and recommended appropriate mitigation strategies resulting in 30% reduction in vulnerabilities
- Orchestrated the deployment and implementation of R7 vulnerability management and IDR (SIEM) for enterprise
- Collaborated with Cybersecurity Senior Leadership and engineers to achieve organizational cybersecurity objectives
- Served as the primary point of contact for all security-related incidents
- Managed relationships with software vendors and Managed Security Service Providers (MSSPs)
- Developed protocols for evaluating network designs based on security and functionality criteria
- Worked in close coordination with development and operational teams to address risks and ensure regulatory compliance
- Supervised detection and triage of security alerts using Rapid7 IDR and IBM QRadar
- Analyzed suspicious emails and malware, delivering evidence-based conclusions
- Ensured adherence to regulatory compliance directives, including PCI security controls and monitoring requirements
- Managed incident response activities and supported security event investigations.
Security Engineer
Afiniti
05.2020 - 03.2022
- Increased operational efficiency by creating comprehensive documentation outlining policies and procedures
- Oversaw the integration of new systems by collaborating with internal staff and external vendors
- Conducted thorough evaluations of security threats, identified vulnerabilities, and recommended appropriate mitigation strategies
- Educated employees on proper procedures to reduce the likelihood of recurring violations
- Orchestrated the deployment of R7 vulnerability management and IDR (SIEM) for both enterprise and clients
- Established streamlined processes for vulnerability management and IDR
- Worked closely with the Cybersecurity Senior Leadership Team and engineers to accomplish company-wide cybersecurity goals
- Served as the primary point of contact for all security-related incidents
- Developed protocols for evaluating firewall rules based on security and functionality criteria
- Worked in close coordination with development and operational teams to address risks and ensure regulatory compliance.
Education
Master of Science - Computing Engineering and Information Sciences
Northumbria University
12.2011
Skills
- IBM QRadar
- Insight IDR
- Rapid7 Insight VM
- Insight CloudSec
- Qualys
- Tanable
- Acunitix
- Sophos EDR
- ThreatCommand
- MetaSploit
- Windows NT
- 10
- Linux RHEL & CentOS
- IDS / IPS
- Proxy Servers
- DNS
- DHCP
- OSI
- TCP/IP
- Network Packet Analysis
- Threat hunting / DTex
- Cyber Security incident analysis and response
- Strong problem solving and analytical skills
Timeline
Information Security Team Lead
Afiniti
09.2023 - 06.2024
Lead Security Engineer
Afiniti
03.2022 - 09.2023
Security Engineer
Afiniti
05.2020 - 03.2022
Master of Science - Computing Engineering and Information Sciences
Northumbria University