Hassan Chaudhry
Syosset,NY
Summary
Dedicated and detail-oriented Security Analyst conducting security assessments, implementing robust security controls, and responding to incidents. Seeking a challenging role to contribute expertise in safeguarding organizations against cyber threats and ensuring the integrity and confidentiality of sensitive information.
Overview
3
3
years of professional experience
Work History
Security Analyst
NEA Solutions
10.2021 - Current
- Successfully implemented robust security controls, fortifying the organization's cybersecurity posture against potential threats and vulnerabilities, and ensuring compliance with industry standards and regulatory requirements
- Successfully implemented LogicGate solutions, ensuring alignment with the organization's GRC program
- Played a pivotal role in achieving successful completion of a SOC 2 Audit with no deficiencies on issued report by working with Control Owners and auditors
- Gathered and validated evidence to be submitted for ISO27001 and SOC 2 audits
- Used GRC tools LogicGate, Apptega, and AuditBoard to manage risk management program by validating compliance of organization security controls
- Worked with external auditors to communicate the organization's security postures and controls were in place
- Conducted internal assessments throughout the year to ensure security best practices were adhered to
- Worked within the AWS environment to ensure proper security controls were in place for the organization
- Configured rules for SIEM such as Splunk and Cloudwatch to ensure proper audit logging was set up
- Monitored and responded to alerts from monitoring tools such as Splunk and O365 alerts
- Played a major role within the organizations IAM program to ensure users are granted access appropriately and are reviewed on a frequent cadence
- Administered O365 environment to secure IT environment with tools such as Purview and Defender
- Conducted access review for users to ensure proper access was provisioned
- Leveraged and configured DLP solutions to ensure the organization’s data is adequately protected from exfiltration
- Reviewed IT policies to ensure alignment with security best practices and frameworks such as NIST CSF and NIST 800-53
- Prepared and presented reports to senior management and stakeholders, outlining key risks and compliance initiatives
- Effectively reduced infrastructure vulnerabilities by leveraging Nessus, to create reports for IT and leadership in order to ensure timely remediation of vulnerabilities
- Managed CMDB to ensure machines were properly accounted for and tracked by the organization
- Leveraged NetSparker tool to help identify mitigate vulnerabilities for Web Applications
- Completed Third-Party Risk Questionnaires for vendors, providing detailed and accurate responses to assess and communicate the organization's security posture, ensuring transparency and compliance with external partners' risk management expectations
- Managed Mobile Device Management Solution Intune to ensure compliance for organizational policies for user machines
- Maintained the organization’s POAM to ensure proper documentation of IT Risk within the corporate environment
- Key role in Security Awareness training initiative, to ensure organizational compliance with Security Awareness training policy.
E-Commerce Operations Assistant
Focus Camera
01.2021 - 09.2021
- Performed diverse tasks essential for bolstering e-commerce operations, contributing to the seamless functioning and growth of the business
- Utilized Microsoft Excel proficiently to produce vendor reports to facilitate strategic business decision-making processes
- Coordinated with the IT department to ensure completion of KnowBe4 Security Awareness Training for hundreds of users within the organization
- Acted as a liaison between the sales department and IT to ensure issues with critical E-Commerce software were resolved quickly and efficiently.
Education
Bachelor of Science (B.S.) Biology -
City College of New York
Bachelor of Science (B.S.) Computer Science -
Queens College
Skills
- Security
- GRC Tools (LogicGate, Auditboard, Apptega)
- SOC2, ISO27001, NIST CSF
- Vulnerability Management/Nessus
- Risk Assessment and Mitigation
- AWS
- Data Analysis and Reporting
- Asset Management
- Project Management
- O365 Suite
- IAM
Timeline
Security Analyst
NEA Solutions
10.2021 - Current
E-Commerce Operations Assistant
Focus Camera
01.2021 - 09.2021
Bachelor of Science (B.S.) Biology -
City College of New York
Bachelor of Science (B.S.) Computer Science -
Queens College