Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Work Availability
Timeline
Hi, I’m

Sidrat Mehreen

Cybersecurity Analyst
Milton,Ontario
I can’t understand why people are frightened of new ideas. I’m frightened of the old ones.
John Cage

Summary

Cyber Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for cloud-based software. Versed in robust network defense strategies. Detail-oriented team player with strong organizational skills. Ability to handle multiple projects simultaneously with a high degree of accuracy.

Overview

10
years of professional experience
1
Certification

Work History

ACET Solutions LLC

Senior Cybersecurity Analyst
10.2019 - 10.2022

Job overview

  • Performing vulnerability assessment, risk assessment and documenting compliance reports based on international standards and legislations such as IEC/ISA 62443, NIST CSF, NIST SP 800-82, NIST SP 800-53, PCI DSS, SOC I and II, ISO 27001 and ISO 27002 and COBIT 5.
  • Successfully delivered security services projects to different clients (ICS/SCADA and IT) while incorporating project management and security engineer skills
  • Developed technology roadmaps for key technology assets in terms of system upgrades, migrations, and security
  • Developed network security design, testing and implementation of security architectures and solutions with Cloud infrastructure integration
  • Developed Security Incident Response Plans while documenting Policies and Procedures for cybersecurity compliance requirements
  • Performed Business Impact Analysis (BIA) and develop Business continuity plans and disaster recovery strategies
  • Conducted security awareness sessions among employees and clients
  • Conducted cybersecurity risk assessments and compliance in accordance with international standards i.e ISO 27001, NIST CSF and NIST SP 800-53 for different sector clients of North America, KSA, UAE and Pakistan
  • Performed cyber risk assessments for 5 well known organizations to evaluate their existing risks and documented the process and risk registers
  • Developed network security design, testing and implementation of security architectures and solutions with Cloud infrastructure integration based on industry best practices and standards
  • Developed Cybersecurity Incident Response, Business continuity plans and disaster recoveries while performing Business Impact Analysis (BIA) for the organizations
  • Solely developed dashboards using Power BI for North American client for the supervision of on going projects within the organization
  • Individual achievement of documenting and producing security policies and procedures for the client while gathering information from interviewing individuals and teams
  • Provided trainings on Cybersecurity Maturity Model (C2M2) for UAE client for IT and OT departments and evaluated C2M2 scores based on the responses.
  • Quickly learned new skills and applied them to daily tasks, improving efficiency and productivity.
  • Carried out day-day-day duties accurately and efficiently.
  • Worked flexible hours; night, weekend, and holiday shifts.
  • Performed duties in accordance with applicable standards, policies and regulatory guidelines to promote safe working environment.
  • Used critical thinking to break down problems, evaluate solutions and make decisions.
  • Identified issues, analyzed information and provided solutions to problems.
  • Exceeded goals through effective task prioritization and great work ethic.
  • Participated in team-building activities to enhance working relationships.
  • Used coordination and planning skills to achieve results according to schedule.
  • Actively listened to customers, handled concerns quickly and escalated major issues to supervisor.

Appatrix Pvt

MIS and Security Manager
07.2015 - 09.2019

Job overview

  • Developed computer information resources, providing for data security control, strategic computing, and disaster recovery keeping in view latest industry trends and emerging threats
  • Provided users with technical support for system problems and analyze, integrate and recommend solutions in keeping with processes or projects that may draw on or contribute to the IT environment
  • Scheduled, planned, and supervised the installation and testing of new products and improvements to systems, such as the installation of new servers, systems, solutions and upgrades to the landscapes
  • Performed compliance and audit activities with reference to IT security standards in organization as well as other clients.

InSolotech LLC

Security Analyst
05.2014 - 06.2015

Job overview

  • Worked as an Auditor and an Analyst Compliance and Security policy documentation work related to PCI DSS, COBIT 5, ISO27001 and SOC standards
  • Worked with Vulnerability Assessment tools in the process of penetration testing of the client’s network during audits

Techscon technologies Pvt

Digital forensic analyst
02.2013 - 04.2014

Job overview

  • Organized workshops and seminars on Cyber threats and tools used in Digital forensics analysis
  • Listed as: XRY- complete mobile forensic tool workshop, training of NTFS file system forensics Interacted with mentors and representatives of the CSP in the performance of day-to-day operations
  • Developed an understanding of the overall function of the law enforcement security and the applications
  • Participated as a volunteer for conferences such as Cyber Secure Pakistan

Education

National University of Sciences and Technology, NUST

Master’s from Information Security
08.2015

Skills

  • QRadar,
  • Splunk,
  • Nessus/ Nexpose,
  • Kali Linux,
  • Nozomi Guardian,
  • Fortinet firewalls,
  • Cybersecurity Compliance
  • Cybersecurity Frameworks
  • Cybersecurity Analysis
  • Cybersecurity Protocols
  • Cybersecurity Policy Development
  • NIST Cybersecurity Framework
  • Operation and Information Security
  • Regulatory Compliance and Documentation
  • Security Infrastructure Architecture
  • Security Regulations Compliance
  • Password Management
  • Security Logging
  • Infrastructure Change
  • Risk Mitigation Strategies
  • Security Vulnerability Assessment
  • Managing Security Breaches
  • Security Consultation
  • Training Materials
  • Preventative Maintenance
  • Threat Research
  • System Administration
  • Network Security Management
  • Local Area Network (LAN)
  • Server Systems
  • File Servers
  • Penetration Testing
  • Final Design Delivery
  • Splunk SIEM
  • Root Cause Analysis
  • Multi-Factor Authentication
  • Training Junior Team Members
  • Architecture Review
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Network Performance Analysis
  • Malware Analysis
  • Design Improvements
  • Antivirus Management
  • System Documentation
  • Industry Trends
  • Virtual Local Area Networks
  • Computer Forensics
  • Policy Standards and Guidelines
  • Technical Leadership
  • Auditing Standards
  • Security Recommendations
  • Tools Configuration
  • Patching

Accomplishments

  • Collaborated with team of 10 in the development of Cyber Security Management System.
  • Supervised team of 5 staff members.
  • Documented and resolved cyber security gaps which led to secured environments.
  • Performed comprehensive investigations of security breaches and implemented appropriate solutions.
  • Made recommendations to management on new security software to improve SCADA/ICS and IT environment.
  • Implemented system recovery procedures to minimize loss of Data or information in the event of attack.
  • Trained end users on proper security protocol to minimize cybersecurity attacks.
  • Developed and implemented security procedures to achieve compliance.
  • Updated security manuals to prevent security threats such as malware, denial of service.
  • Educated management on how to minimize risk of cybersecurity attacks.
  • Created daily database reports to identify and mediate potential vulnerabilities.

Certification

  • CISSP Training - enrolled
  • Fortinet Network Engineer- NSE 3
  • Nozomi Gaurdian- Sales Associate
  • ISA/IEC 62443 - Implementation Associate
Availability
See my work availability
Not Available
Available
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Timeline

Senior Cybersecurity Analyst

ACET Solutions LLC
10.2019 - 10.2022

MIS and Security Manager

Appatrix Pvt
07.2015 - 09.2019

Security Analyst

InSolotech LLC
05.2014 - 06.2015

Digital forensic analyst

Techscon technologies Pvt
02.2013 - 04.2014

National University of Sciences and Technology, NUST

Master’s from Information Security

Similar Profiles

CREATE PROFILE
Sidrat MehreenCybersecurity Analyst