Syed Ali Turab, CISSP
Mississauga,ON
Summary
Proactive Cyber Security professional ready to stand between businesses and threat actors. Lifelong student of developments in threat detection and mitigation.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Security Specialist
IBM
9 2022 - Current
- Led secure deployment of client endpoint, network, and web security solutions, driving client satisfaction and contract renewals, leading to revenue growth and profit.
- Managed steady-state operations of various client cloud and on-premises security infrastructure and solutions, achieving a consistent 100% utilization rate.
- Attained Level 2 Secret Clearance and provided diligent managed Cyber Security services for Canadian government clients.
- Evaluated business needs to establish control goals, translating client requests into policies and rules, and deploying them to managed appliances/systems with meticulous adherence to processes and procedures.
- Implemented security measures for clients while maintaining a balance between enabling and safeguarding, considering organizational culture and environment.
- Managed Network Access Control (NAC) project , overseeing the creation of design documentation and ensuring the proper configuration of NAC appliances and switches. Conducted ARP data collection and client device detection using the designated tool, promptly alerting and investigating any unidentified or malicious devices via SIEM (Qradar).
- Spearheaded Forescout NAC (Network Access Control) administration for clients, ensuring optimal network security and access control.
- Implemented Forescout NAC solutions to enhance client network visibility and enforce security policies effectively.
- Utilized classification models, risk analysis evaluations, and information security guidelines to achieve client objectives.
- Managed capacity assessment, problem resolution, and urgent client scenarios, ensuring timely resolutions within SLAs.
- Leveraged bash scripting to establish a cron job, ensuring the scheduled backup of client firewalls to an NFS server in compliance with client retention policies.
- Implemented and configured Fortinet WAF policies to safeguard critical client web applications and prevent attacks such as SQL injection and cross-site scripting (XSS).
- Provided expertise in troubleshooting and resolving issues related to Fortinet WAF deployment and functionality, ensuring continuous protection of client critical web applications.
- Stayed updated on product announcements and advisories, creating remediation plans to mitigate associated risks.
- Led troubleshooting sessions, identifying root causes of issues and providing quick workarounds.
- Maintained effective operational and technical documentation, contributing to continuous improvement of Cyber Security managed services.
- Proactively identified risks and opportunities, escalating them to management.
- Automated tools like Trello and Monday.com to enhance consulting team efficiency.
- Investigated reported incidents thoroughly, implementing corrective actions to prevent recurrence.
- Served as Subject Matter Expert in Network & Perimeter Security (Firewalls, WAF, NAC), Content & Endpoint Security (DLP, EDR), and Web Security (IDS, IPS).
- Coordinated with external consultants and audit teams to validate the effectiveness of implemented security controls, identifying areas for improvement during periodic assessments.
Professor - Cyber Security
Seneca Polytechnic
05.2024 - Current
- Delivered lectures for CYT215 - IT Security Forensics, Summer 2024 Semester
- Assessed students' progress and provided feedback to enhance learning.
- Facilitated cross-disciplinary learning opportunities for students by collaborating with colleagues from other departments.
- Expanded program offerings by proposing new courses based on current trends within Information Security.
- Taught students various facets of hacking including hacker types, motivations, techniques, and attitudes.
- Educated students in computer forensics, imparting skills to conduct investigations, uncover and quantify attacks, and identify vulnerabilities.
- Emphasized ethical considerations in cybersecurity and computer forensics during instruction.
- Developed innovative teaching methods tailored to diverse learning styles, enhancing student comprehension and success rates.
- Researched and selected course texts and supplemental learning materials.
- Ensured curriculum alignment with academic standards through regular course review and updates.
- Boosted student satisfaction rates by implementing feedback mechanisms and making data-driven improvements to course delivery
- Improved learning outcomes for students with diverse learning needs by designing and applying differentiated instruction techniques
- Increased course relevance by incorporating real-world examples and case studies into lesson plans
- Expanded program offerings by proposing new courses based on current trends within the field of study
- Promoted culture of continuous learning among students by integrating current industry trends and technologies into lectures and assignments
- Applied innovative teaching methods to encourage student learning objectives
- Guided students in researching, structuring and presenting debate case
- Taught diverse student population by employing various learning styles and abilities
- Encouraged class discussions by building discussions into lessons, actively soliciting input, asking open-ended questions and using techniques to track student participation.
- Shifted between informal and formal methods of teaching to create multi-layered web of learning incorporating experiments, practical activities, discussions, and projects into lessons.
Detection Engineer
Canadian Imperial Bank of Commerce
11.2020 - 09.2022
- Implemented comprehensive security log management procedures, onboarded all security log sources, and conducted user acceptance testing of the Centralized Log Management System, enhancing accessibility and visibility of security logs for SOC, Security Engineering, and Threat Hunting teams.
- Developed, tested, and deployed detection rules for ArcSight SIEM, reducing the risk and impact of malicious security activities. Actively tuned detection rules to minimize false positives and authored Alerting and Detection Strategy Framework (ADS) to ensure comprehensive documentation for SOC and Detection Engineers.
- Managed Endpoint Detection and Response (EDR) rules on Tanium and Microsoft Defender, providing proactive advice on health, performance, and ongoing planning while deploying protection mechanisms for email gateways with Proofpoint Targeted Attack Protection (TAP) and Threat Response Auto Pull (TRAP).
- Deployed malware protection detection rules for enterprise containers and images using Aqua Security, and continuously analyzed Red Team activity to create new detection rules and use cases. Led weekly Tactics, Threat, and Procedure (TTP) meetings with enterprise information security teams.
- Acted swiftly on emerging Zero-day threats by creating urgent detection rules and collaborating with patching teams. Authored detection rules and hunts using a universal language (SIGMA) to ensure compatibility and interchangeability of security products and technologies.
- Managed change management tickets and participated in Agile projects, recommending improvements in security systems and procedures. Developed cybersecurity best practice communications to educate staff against known threats and potential attack vectors.
- Performed on-call rotations and provided incident management outside normal shift hours.
- Served as a Subject Matter Expert in SIEM, EDR, SOAR, Central Log Management, NIDS, HIDS, Container Security, and Detection use cases & rules, utilizing query languages such as ArcSight logger, LINQ, Sigma, Tanium, Defender/KQL, and YARA.
Senior Information Security Analyst
Canadian Imperial Bank of Commerce
01.2020 - 10.2020
- Implemented Data Loss/Leak Prevention (DLP) strategies, monitoring outbound email traffic to safeguard sensitive information.
- Utilized User and Entity Behavior Analytics (UEBA) to enhance DLP alert analysis and triage, resulting in a 20% reduction in false positives.
- Performed first-level triage of employee activity alerts, analyzing and assigning them based on predefined workflow, leading to a 30% improvement in response time.
- Collaborated with LOB, Privacy Office, and Corporate Security to ensure swift and appropriate response to alerts, maintaining compliance and minimizing risk exposure.
- Assisted in evaluating the quality, relevance, and validity of gathered information, contributing to more accurate threat assessment and mitigation strategies.
- Managed alerts on a priority basis, documenting trends and anomalies, facilitating proactive threat detection and response.
- Contributed to the definition of DLP internal processes, optimizing alert management and improving incident response efficiency.
- Provided recommendations to enhance the effectiveness of monitoring rules, resulting in a 25% increase in threat detection capabilities.
- Drafted and updated procedures for email searches and DLP, ensuring alignment with industry best practices and regulatory requirements.
Information Security Coordinator
Canadian Imperial Bank of Commerce
05.2019 - 12.2019
- Completed an 8-month internship in Data Loss Prevention (DLP) and Digital Forensic services, gaining hands-on experience in threat detection and incident response.
- Participated in red team exercises, deepening understanding of offensive tactics and techniques to enhance defensive capabilities.
- Proposed an innovative cloud solution to streamline bank workflow processes, reducing operational costs of the SOC lab by nearly 80%.
- Demonstrated ability to thrive under pressure and meet tight deadlines in a fast-paced environment.
- Hired back as Senior Security Analyst after the internship to perform a full-time role while completing undergraduate studies, showcasing dedication and versatility in managing work and academic commitments.
Education
Bachelor of Science - Information Sciences (Cyber Security)
Sheridan College
Oakville, ON09.2020
Skills
- Cybersecurity
- Threat Management
- Vulnerability Assessment
- Risk Management
- Incident Response
- Data protection
- Application security
- Network Security
- Intrusion Detection
- Digital Forensics
- Information Governance
- Access Control
Soft Skills
- Team Player
- Leadership
- Verbal Communication
- Written Communication
- Presentation Skills
- Problem-Solving
- Attention to Detail
- Critical Thinking
- Flexibility
- Learning Agility
- Resilience
Technologies
- Firewall - Fortinet, Palo Alto, AlgoSec
- WAF - Fortinet
- NAC - ForeScout
- Firewall, WAF and NAC Administration
- SIEM - Arcsight, Sentinel, QRadar
- Endpoint Protection - Trend Micro Deep Security, Symantec
- Detection Engineering and Threat Hunting - Sigma Rules, Alerting and Detection Strategy Framework, Yara
- Central Log Management (CLM) - Devo, LINQ, Splunk
- Endpoint Detection and Response (EDR) - Tanium, Microsoft Defender
- Data Loss Prevention (DLP) - Proofpoint, Symantec
- Secure Email Gateway - Proofpoint
- Agile Frame Work - Jira, Confluence
- Change Management - ServiceNow, Remedy, ICD
- AI Tools - Proficient with ChatGPT prompt engineering - Preprexlity and Burstiness
- Protect Planning - Monday[.]com, Trello
- Cyber Security Teaching and Education
Certification
Certified Information Systems Security Professional - CISSP
Certified Blockchain Security Professional
Azure Security Engineer - AZ 500
Azure Fundamentals - AZ 900
Volunteer Work
- Durham College - Part of the Cybersecurity Program advisory committee team.
- ISC2 Toronto Chapter - As an (ISC)² Toronto Chapter member, I actively contribute to the cybersecurity community through volunteer work on LinkedIn. I share insights, engage in discussions, and promote knowledge sharing to foster a collaborative and informed cybersecurity environment.
- Trace Labs - OSINT CTF Volunteer and Senior OSINT Coach
- ISC2 Standards & Practice Unified Body of Knowledge Technical Advisory Panel - A Technical Advisory Panel member discovers, selects, organizes, and shares valuable and relevant Cybersecurity content in the creation of a Unified Body of Knowledge (UBK). Content curators work with ISC2’s bodies of knowledge to create a single corpus free of duplication, confliction, and redundancy, while ensuring content remains relevant and accurately sourced.
Timeline
Professor - Cyber Security
Seneca Polytechnic
05.2024 - Current
Detection Engineer
Canadian Imperial Bank of Commerce
11.2020 - 09.2022
Senior Information Security Analyst
Canadian Imperial Bank of Commerce
01.2020 - 10.2020
Information Security Coordinator
Canadian Imperial Bank of Commerce
05.2019 - 12.2019
Security Specialist
IBM
9 2022 - Current
Bachelor of Science - Information Sciences (Cyber Security)
Sheridan College
Similar Profiles
RAJKUMAR PRAJKUMAR P
Azure Devops Engineer at IBMAzure Devops Engineer at IBM
PARIKSHITH UPADHYAYAPARIKSHITH UPADHYAYA
Onshore Lead & Business Analyst, Oracle CC&B at IBMOnshore Lead & Business Analyst, Oracle CC&B at IBM
MOHD YASIRMOHD YASIR
Senior Application Developer at IBMSenior Application Developer at IBM
Prakhar MishraPrakhar Mishra
AI/ML Intern at IBMAI/ML Intern at IBM
Cassandra MandapCassandra Mandap
Nursing Clinical Student Practical Nurse at Humber River Hospital- Inpatient Surgery UnitNursing Clinical Student Practical Nurse at Humber River Hospital- Inpatient Surgery Unit