Mazin Mirza
Charlotte,North Carolina
Summary
An initiative-taking and experienced individual who is enthusiastic about Information Security and Risk Management with notable success in planning, analysis, and investigating. Played a key part in securing the organizations previously worked at.
Overview
6
6
years of professional experience
Work history
Security Practice Lead
Vanguard
Charlotte
06.2021 - Current
- Led the shortlisting of Third-Party JavaScript Monitoring Solution between the vendors Feroot, PerimeterX and Akamai and conducted a POC to successfully implement Akamai Page Integrity Manager on the test Corporate Website
- Assess and remediate 0-day threat events and communicate enterprise-wide on awareness and impact
- Work with teams on resolving their CloudFleet, NexusIQ, Aqua and CheckMarx violations
- Facilitate Security Architecture Reviews for applications and integrate them with other tools
- Ensure all applications within their area of support are up to date with their assessments
- Conduct security meetings to reduce vulnerabilities
- Report on a monthly and quarterly basis to stakeholders on the security posture of the firm
- Drive the vulnerability management reports based on the applications
- Simulated various attacks with Attack Analysis and Forensics Team and CSOC to protect Vanguard against threats
- Improve the risk of security for Corporate Systems Division
- Provide security advisory for department security champions
- Identify, Classify and Remediate the Vulnerabilities across the division.
Cyber Security Engineer
Bright House Financial
Charlotte
12.2020 - 06.2021
- Responsible for advanced email threat detection & remediation using Microsoft Defender for Identity
- Created rules for AWS WAF to allow specific set of IPs
- Also restricted access to CloudFront IPs
- Created Runbooks for Incident Response, Phishing and Security Operating Procedures
- Administered AWS GuardDuty and managed findings, suppression rules, trusted IP lists and threat lists
- Used AWS CloudTrail logs to monitor user activity and troubleshoot operational issues
- Followed AWS Best Practices to protect the organization against DDoS attacks using AWS Shield
- Administered Symantec DLP to monitor any Data Loss events and perform inventory scans
- Used Microsoft CASB to assess the risk and compliance of Cloud apps
- Created Super User, Domain Admin, Local Admin, Privileged Business user accounts using CyberArk PAM
- Managed Account credentials tracked privileged activity and controlled Privileged User Access to reduce the attack surface and mitigate the risk from malicious insiders
- Created, maintained, and supported Splunk applications, search queries and dashboards
- Monitored Splunk internal logs from the Monitoring Console (MC) to identify and troubleshoot existing or potential issue
- Monitored the health of security tools like using CloudMonix
- Created DLP role-based access controls, and new interns
- Administered Active Directory Domain Services and Implementing Group policy objects.
Sr. Incident Response Analyst
Citibank
Dallas
01.2019 - 11.2020
- Identified shortcomings in our security posture and assist in investigations related to security events
- Lead for the Vulnerability Management Program to ensure timely remediation of vulnerabilities
- Created rules for assigning vulnerabilities to the right endpoints across the organization
- Integrated different feeds to Splunk Environment
- Administered QRadar and investigated on alerts generated from the SIEM
- Responsible for Endpoint hardening across the organization
- Integration of different devices data to Splunk Environment and created dashboards and reports in Splunk
- Recommended and configured daily, weekly, and monthly reports in Qradar and Splunk based on Compliance requirements
- Administered SailPoint Identity IQ and reviewed and approved requests for access
- Provided endpoint security via Symantec Endpoint Protection (SEP)
- Assisted with the development of process and procedures to improve incident response times, analysis of incidents, and overall, SOC functions.
Incident Response Analyst
CVS Health Care
01.2018 - 12.2018
- Executed daily vulnerability assessments, threat assessment, mitigation and reporting activities to safeguard information assets and ensure protection
- On-boarded 8000+ devices to Splunk for monitoring
- Integrated data to Splunk Environment and created dashboards and reports in Splunk
- Monitored enterprise firewalls to ensure that legitimate traffic is passing through the firewalls
- Managed the Phishing Awareness Campaign using Proofpoint
- Used Splunk Security Manager to identify threats and assign them categories
- Configured Azure Identity Access Management (IAM) Group and users for improved login authentication
- Maintained McAfee Endpoint Encryption system to protect computers
- Managed Cyber Security threats through prevention, detection, response, escalation, and reporting in effort to protect Enterprise IT Assets through Computer Security Incident Response Team (CSIRT)
- Investigate DDoS attacks and took necessary steps to block them
- Create and develop correlation and detection rules within SIEM to support alerting capabilities.
Education
Master's - Computer Science and Cybersecurity
Chicago State University
Enter your degree - B. E Mechanical
Osmania University
HyderabadLanguages
English
Fluent
Urdu
Native
Hindi
Fluent
Arabic
Beginner
Timeline
Security Practice Lead
Vanguard
06.2021 - Current
Cyber Security Engineer
Bright House Financial
12.2020 - 06.2021
Sr. Incident Response Analyst
Citibank
01.2019 - 11.2020
Incident Response Analyst
CVS Health Care
01.2018 - 12.2018
Master's - Computer Science and Cybersecurity
Chicago State University
Enter your degree - B. E Mechanical
Osmania University
Work availability
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday
morning
afternoon
evening
swipe to browse