Doniyor Khushvaktov
Sherman Oaks,CA
Summary
Cybersecurity professional with 3+ years experience in deep understanding of security concepts and best practices. Experienced in network security, incident response, penetration testing, identifying, and mitigating security vulnerabilities .Implemented security controls to improve organizational security posture and managed security incidents. Responded to 40+ high-severity incidents by containing, investigating, and remediating. Aiming to make a measurable impact and enhance the security of organizations served through skills and expertise.
Overview
4
4
years of professional experience
1
1
Certification
Work History
Red Teamer
Cyberoit Inc
11.2023 - Current
- Leveraged tools such as Metasploit, Burp Suite, and Cobalt Strike to conduct penetration testing on web applications, identifying and exploiting vulnerabilities for heightened security measures.
- Utilized new techniques to identify and exploit vulnerabilities in 5+ customer networks using advanced penetration tools.
- Executed network and system penetration testing, successfully identifying and exploiting vulnerabilities to assess security controls.
- Presented 10+ detailed reports and debriefings to stakeholders, outlining findings and recommending remediation strategies.
Security Engineer
Cyber-Bro Security LLC
01.2023 - 11.2023
- Executed regular vulnerability assessments and reported on remediation efforts, achieving an 80% reduction in critical vulnerabilities within the first year of implementation
- Monitored network traffic, log files and system events using advanced tools and technologies like ElasticSearch, TheHive, QRadar detected and mitigated potential security incidents, reducing response time 40% and minimizing impact on company data
- Vendor and Third -Party Risk Management: Evaluate the security posture of third-party vendors and service providers, ensuring they meet the company's security standards and requirements
- Developed and maintained a comprehensive security metrics dashboard, providing monthly executive reports showcasing key performance indicators. These reports contributed to a 15% increase in executive awareness and resulted in more effective resource allocation and strategic decision-making.
- Performing Threat Intelligence on the Reports that Provided by daily follow up with the latest security Trends and feeds from trusted sources
Information Security Analyst
ITF Group
04.2022 - 12.2022
- Monitored 200 devices, systems, and applications for breaches and intrusion attempts using SIEM tools like Splunk, maintaining a 15 minute incident detection time and resolving 68% of incidents within the first hour.
- Configured and managed firewalls, intrusion detection/prevention systems, and other network security tools to safeguard systems and data for over 50 clients, utilizing industry-leading vendor tools such as Cisco, Palo Alto, and Juniper.
- Respond to security incidents by isolating affected systems, gathering forensic evidence, determining root cause, and implementing fixes.
- Conducted quarterly security briefings for executive management, delivering detailed insights into the organization's security posture, risk trends, and mitigation strategies. This practice led to a 40% decrease in response time to critical security incidents, enhancing overall security resilience.
- Analyze malware, phishing emails, and other threats. Contain impacted systems.
Intern Cyber Security Analyst ( Remote )
Yandex Go
05.2021 - 11.2021
- Conducted threat hunting and forensic investigations using industry-leading tools such as FTK and Splunk, resulting in a 10% reduction in mean-time-to-detection of incidents and minimizing threat actor dwell time.
- Analyzed comprehensive security assessments and vulnerabilities scans to identify potential threat and risks
and recommended and implemented security solutions that led to 60% reduction in security incidents in the
first quarter. - Coached 5+ junior team members on the security best practices via weekly sessions, reducing security
vulnerabilities by 35% and saving the company $ 70k in costs. - Orchestrated the implementation of advanced network security controls, including antivirus and firewalls,
across 5 systems, reduced the number of cyber threats by 50% and prevented data breaches in teams of 6. - Assessed comprehensive security scans and penetration testing on.
- Analyze the weekly Security Posture Report, provide to CISO Record, and catalog any lessons learned from
any critical incident or new threat.
IT Support Specialist
PDP Academy
01.2020 - 06.2020
- Delivered Tier 1 IT support, effectively resolving over 800 IT issues for non-technical internal users through phone, chat, and in-person visits
- Streamlined and automated the employee onboarding and offboarding processes, reducing setup time by 70% and ensuring consistent configuration of accounts, permissions, and equipment for approximately 300 employees
- Diagnose and debug hardware, software, network connectivity, audio/video issues using proactive troubleshooting techniques
- Managed the seamless backup and recovery of 5 terabytes of critical data assets, ensuring uninterrupted system availability."
Education
Global Humanities and Arts -
Sapienza University
05.2022
Cyber Security And Ethical Hacking Course -
PDP Academy ( Online )
12.2020
Foundation Year in Finance and Accounting -
Westminster University
06.2020
Skills
- SIEM
- Endpoint Security
- Vulnerability Management
- Threat Intelligence
- Malware Analysis
- Digital Forensics
- Phishing Analysis
- Incident Response
- Penetration Testing
- Red Teaming
- Networking Analysis
- Python
- Django
- HTML5
- PostgreSQL
- Effective Problem Solving
- Critical Thinking
- Lifelong Learning
- Concise interpersonal communication
- Communication
- Teamwork
- Adaptability
- Firewall Configuration
- Social Engineering
Certification
- Certified Red Team Professional ( CRTP ) - Enumeration, Domain Privileges Escalation, Cross Trust Attack, Defense Monitoring
- Junior Penetration Tester ( eJPT ) - OSINT, Host and Networking Testing, Web Application Testing
- Certified Blue Team Level 1 ( BTL1 ) - Phishing Analysis, Threat Intelligence, Digital Forensics, SIEM, Incident Response
- TryHackMe Professional Certificates - Red Teaming, Jr.Pentester, SOC Level 1\2, CompTia Pentest+, Cyber Defense, Offensive Pentesting
Timeline
Red Teamer
Cyberoit Inc
11.2023 - Current
Security Engineer
Cyber-Bro Security LLC
01.2023 - 11.2023
Information Security Analyst
ITF Group
04.2022 - 12.2022
Intern Cyber Security Analyst ( Remote )
Yandex Go
05.2021 - 11.2021
IT Support Specialist
PDP Academy
01.2020 - 06.2020
Global Humanities and Arts -
Sapienza University
Cyber Security And Ethical Hacking Course -
PDP Academy ( Online )
Foundation Year in Finance and Accounting -
Westminster University