Faiza Syed
Walnut Creek,CA
Summary
Dynamic Cyber Security Engineer with over 8 years of specialized experience in web application security, certificate management, vulnerability assessments, and incident response. Professional with strong background in cybersecurity, ready to protect and enhance digital infrastructures. Dependable team player focused on delivering impactful results. Adept at collaborating with cross-functional teams and mentoring junior engineers to foster knowledge sharing. Proven ability to enhance security posture, streamlining compliance with frameworks such as PCI-DSS and HIPPA, promising to bring significant value to your organization.
Overview
11
11
years of professional experience
1
1
Certification
Work History
Cyber Security Engineer
Dreamcast
Dubai, UAE
10.2024 - 07.2025
- Reviewed security plans and policies to improve security environment.
- Maintained operational playbooks, diagrams, and documentation for security monitoring and response activities.
- Identified, Assessed, and reported vulnerabilities within an organization’s IT infrastructure using Qualys cloud platform.
- 9 months Contract
Cyber Security Analyst
ACI Worldwide
Atlanta, GA
10.2021 - 09.2024
- Team Lead – Web Application Firewall Security (Akamai and F5)
- Led a security team in designing, deploying, and maintaining WAF policies for both existing and new web applications.
- Oversaw the monitoring and analysis of web traffic logs to detect malicious activity, reduce false positives, and identify indicators of compromise (IOCs).
- Directed WAF tuning efforts, including rule customization, signature adjustments, and performance optimization to enhance protection while minimizing disruption.
- Managed blacklisting and whitelisting processes to enforce granular access control and mitigate false positives.
- Collaborated closely with application developers and infrastructure teams to remediate vulnerabilities and implement security countermeasures.
- Conducted application risk assessments and effectively communicated security findings to both technical teams and executive stakeholders.
- Coordinated team operations, developed security documentation and policies, and delivered regular reports on threat metrics, policy performance, and remediation status.
- Provided expert-level analysis of web protocol traffic to determine the intent, source, and severity of potential threats.
- Led operational support efforts for WAF infrastructure, including incident response, troubleshooting, and root cause analysis.
- Team Lead – SSL Certificates
- Led a team responsible for the lifecycle management of SSL/TLS certificates across enterprise environments, ensuring secure communication and compliance with industry standards.
- Designed and implemented scalable certificate management processes, including issuance, renewal, revocation, inventory tracking, and automation using Certificate Authorities like DigiCert, Let’s Encrypt, Entrust, and Sectigo.
- Collaborated with application owners, DevOps, and security teams to ensure proper certificate deployment and key storage.
- Conducted audits of certificate usage to identify and mitigate risks from weak ciphers, expired/expiring certificates, and misconfigurations.
- Developed and enforced policies on certificate standards (e.g., key length, expiration periods, trusted CAs), contributing to improved security posture.
- Mentored junior engineers, led knowledge-sharing sessions, and acted as the primary escalation point for certificate-related incidents and outages.
- Spearheaded the transition to automated certificate management using Venafi, reducing human error and downtime.
- Coordinated with internal compliance, risk, and audit teams to maintain adherence to frameworks like PCI-DSS, HIPAA, and ISO 27001.
- Reduced certificate-related outages by 95% through automation and proactive monitoring.
- Led a cross-functional initiative to standardize SSL certificate policies across all business units, resulting in improved compliance and operational consistency.
Cyber Security Assessment Analyst
ASYS Technology
Lahore, Pakistan
05.2019 - 09.2021
- Conducted vulnerability assessments using Nessus and Nmap scans.
- Managed employee access process through Active Directory.
- Wrote Information Security Policies, Business Continuity Plan, and Incident Response Plan.
- Conducted Internal and external security risk audits, and risk assessments.
- Provided guidance related to Information Security and Compliance issues.
Information Security Analyst
IDology
Atlanta, GA
01.2016 - 05.2018
- Conducted periodic internal security audits, vulnerability scans, and penetration tests.
- Patched applications for known security vulnerabilities.
- Participated in annual SSAE-16 SOC2 certification and security audits conducted by customers.
- Performed detailed analysis on security related events and provided reporting to management.
- Created and updated security diagrams and documentation.
- Provided recommendations on latest information technology security trends.
- Created, changed, and deleted user accounts upon request.
- Configured new workstations or servers with security related application or tools.
- Routinely provided security awareness training to colleagues.
Information Security Administration Team, CO-OP
Shaw Industries
Dalton, GA
01.2015 - 05.2015
- Controlled the security access process for transferred and terminated associates.
- Developed methods to monitor access management to ensure proper management of resources.
- Performed a review of existing Security Policies and Procedures, updated when appropriate.
- Updated Wireless Certificates remotely on CV 30’s and MC 9000’s.
- Conducted vulnerability assessments using Nessus and Nmap scans.
Education
MASTER OF SCIENCE - CYBERSECURITY
Georgia Institute of Technology
Atlanta, GA05.2021
BACHELOR - INFORMATION SECURITY AND ASSURANCE
Kennesaw State University
Kennesaw, GA12.2015
Skills
- Unix/Linux/Windows
- Firewalls (Akamai and F5)
- SSL/TLS, Public key infrastructure
- IDS/IPS
- Splunk, SIEM
- Wireshark
- Data Loss Prevention
- Symantec and CrowdStrike End point Protection
- Shavlik (Ivanti) patch management
- Cisco VPN
- Microsoft Office Suites
- Ruby Script Language, Python/Shell/Bash in Unix/Linux environment
- Virtual Box
- VMWare
- Vulnerability Management and Penetration Testing using Nessus, Nmap, Qualys, Burp Suit
- Risk Assessments and Security Auditing
- ServiceNow and Jira ticketing system
- HIPPA, SOC2, NIST, ISO 27001, ISO 27002
- System security management
- Cloud Security
- Identity management, Active Directory
- Two-factor authentication
- Access control
- Security information and event management
- Security awareness training
- DDoS prevention
- Threat analysis
- Teamwork and collaboration
- Problem-solving
- Time management
- Excellent communication and writing skills
- Organizational skills
Certification
- NSA/DHS Cyber Defense Education Certificate – Policy and Compliance
- Microsoft Certified: Security, Compliance, and Identity Fundamentals
- Akamai: Web Performance Foundations
- Akamai: Kona Site Defender
FOREIGN LANGUAGE
Fluent in Urdu/Hindi
Awards
ACI Top Performer Award (2022), President’s List (4.0 GPA), Dean’s List, Golden Key International Honor Society, Beta Gamma Sigma International Society, Association of Information Technology Professionals
Timeline
Cyber Security Engineer
Dreamcast
10.2024 - 07.2025
Cyber Security Analyst
ACI Worldwide
10.2021 - 09.2024
Cyber Security Assessment Analyst
ASYS Technology
05.2019 - 09.2021
Information Security Analyst
IDology
01.2016 - 05.2018
Information Security Administration Team, CO-OP
Shaw Industries
01.2015 - 05.2015
BACHELOR - INFORMATION SECURITY AND ASSURANCE
Kennesaw State University
MASTER OF SCIENCE - CYBERSECURITY
Georgia Institute of Technology