Samad Khawaja
Ashburn
Summary
Blue-team professional and security enthusiast having 10+ years of cyber related experiences in operations and related verticals such as incident response, threat hunting, and detection engineering.
DOD TS/SCI Active.
Overview
11
11
years of professional experience
1
1
Certification
Work History
SOC Analyst
Army Research Laboratory Devcom C5ISR via Prime Technical Inc.
Adelphi
01.2022 - Current
- Investigated advanced persistent threats in order to understand their behavior patterns.
- Collaborated with internal teams to improve system performance and enhance overall security posture of the organization's infrastructure.
- Assisted in designing effective risk mitigation plans based on identified risks.
Sr. Network Security Engineer Tier III (Lead)
AT&T
Oakton
04.2019 - 07.2024
- Hunted & wrote detections in Splunk to identify NSA red/purple team engagement with metadata generated from network taps using Zeek, Suricata, & Wireshark
- Hunted endpoint threats using SentinelOne Deep Visibility
- Wrote cloud detections and investigated suspicious logins using Microsoft Azure Sign-In logs
- Operationalized detection environment using Ericsson Security Manager and Splunk to support Navy 5G Warehouse customer environment
- Operationalized network/endpoint detection, threat hunt, tuning, and metrics processes
- Develop alert content for DoD environment to support NIST/FISMA compliance & requirements using telemetry from network edge devices
Senior Information Security Specialist - SOC
NASA AMES RESEARCH CENTER via asrc federal holding company
Moffett Field
06.2017 - 04.2019
- Used network/host analysis to gain TTPs of potential advanced threats to systems and targets of attack
- Leveraged Splunk to extract threat indicators from Proofpoint device to enrich connection logs, guiding proactive hunting efforts
- Hunted L3/L4 session traffic to identify C2 activity by stacking network metadata such as IPs, port numbers, and session length/duration
Security SOC Analyst Tier 2
NASA AMES RESEARCH CENTER via asrc federal holding company
Moffett Field
04.2016 - 06.2017
- Investigated signature and behavioral detections to support mission of NASA's Security Operation Center
- Analyzed encrypted network traffic at a high level and used Fireeye HX ETDR solution to provide corresponding low-level contextual information to support investigations
- Monitored Distributed Denial of Service attacks against E-Root DNS.
SOC Analyst (Endpoint SME)
JM FAMILY ENTERPRISES via teksystems
Deerfield Beach
01.2016 - 04.2016
- Configured detection & response capabilities for Cloud and On-Premise Data Loss Prevention
- Administered and hardened Symantec Endpoint Protection across client base
Incident Response Analyst
UNITED STATES DEPARTMENT OF DEFENSE via cgi federal
Arlington
12.2014 - 12.2015
- Performed Tier 2 CNDSP network traffic analysis to detect/respond to intrusions, and data spillage against Pentagon’s network using various log sources
- Used netflow and PCAP to aid in investigations
- Verify and respond to incidents occurring on client networks using logs sourced from firewalls, IDS, and web content filters
- Reversed engineered malware using static and dynamic tools to identify C2 beacons, dropped files, and registry manipulation
Security SOC Analyst (Forensic Team Lead)
LUNARLINE
Arlington
03.2014 - 11.2014
- Contributed in providing course content for malware analysis/forensics course
- Developed use-case sales strategy to push forensic/IR capability as part of MSSP offering
- Recorded packet loss metrics for on-prem network capture system to validate testing
Education
Master of Science - Applied Information Technology
George Mason University
Fairfax08-2014
Bachelor of Science - Applied Information Technology
George Mason University
Fairfax08-2012
Skills
- Threat hunting
- Cloud security
- Incident response
- Network analysis
- Security monitoring
- Risk assessment
- SIEM
Certification
- CISSP
- Security BTL1
- GCIH
- GMON
- GCTI
- Splunk Power User
- CEH
Timeline
SOC Analyst
Army Research Laboratory Devcom C5ISR via Prime Technical Inc.
01.2022 - Current
Sr. Network Security Engineer Tier III (Lead)
AT&T
04.2019 - 07.2024
Senior Information Security Specialist - SOC
NASA AMES RESEARCH CENTER via asrc federal holding company
06.2017 - 04.2019
Security SOC Analyst Tier 2
NASA AMES RESEARCH CENTER via asrc federal holding company
04.2016 - 06.2017
SOC Analyst (Endpoint SME)
JM FAMILY ENTERPRISES via teksystems
01.2016 - 04.2016
Incident Response Analyst
UNITED STATES DEPARTMENT OF DEFENSE via cgi federal
12.2014 - 12.2015
Security SOC Analyst (Forensic Team Lead)
LUNARLINE
03.2014 - 11.2014
Master of Science - Applied Information Technology
George Mason University
Bachelor of Science - Applied Information Technology
George Mason University
Similar Profiles
Diosha MillerDiosha Miller
Information Technology Technician at U.S. Army Futures Command Combat Capabilities Development Command (DEVCOM) C5ISR CenterInformation Technology Technician at U.S. Army Futures Command Combat Capabilities Development Command (DEVCOM) C5ISR Center
Biao YinBiao Yin
Research Mentor (Founding Research Assistant) at WPI Data Science & DEVCOM Army Research LabResearch Mentor (Founding Research Assistant) at WPI Data Science & DEVCOM Army Research Lab
Elkana Gamaliel KonateElkana Gamaliel Konate
Designer and Structural Analyst at Robotics Automation Control Research and Development Laboratory (RACLAB), Konya Technical UniversityDesigner and Structural Analyst at Robotics Automation Control Research and Development Laboratory (RACLAB), Konya Technical University
Tyler F. SmithTyler F. Smith
Cypress Developer at ICF International, Inc.Cypress Developer at ICF International, Inc.
Alaq HameedAlaq Hameed
Dental Assistant at Ashburn Pediatric Dental CenterDental Assistant at Ashburn Pediatric Dental Center