Mohammed Imran Ali Khan Email and Phone Number

• Enhanced security measures by implementing access control systems and surveillance equipment.• Reviewed incident reports thoroughly, taking corrective actions where necessary to improve overall security performance.• Reduced security incidents by conducting thorough risk assessments and recommending appropriate action plans.• Lead team of SOC Analyst/Operation team. Experience in implementing Security Solutions:• Web Application Firewall• Vulnerability Management Endpoint Protection• Mobile Device Management Data Loss Protection• Patch Management• Multi-Factor Authentication (MFA)• Created security architecture design documentation and standard operating procedures.• Utilized security metrics to analyze historical threats, address risks, and implement enhanced protocols.• Evaluated and recommended new security solutions and best practices. Conducted architecture assessments of systems and networks.• Established an enterprise-wide definition of security and maintained security-related infrastructure, applications, and processes.• Managed security risk software vendor relationships to enhance the use of automated security risk assessment tools.• Contributed to the development of a global security management strategy and framework.• Handled Change Management, Configurations, Design, and Implementation of Security Products & Systems.• Conducted Onsite Risk Assessments according to process documents. Monitored and analyzed security events for suspicious traffic.• Managed security device administration and configuration tasks. Oversaw day-to-day operations of the security operations team.• Reviewed reports to ensure compliance with security policies and SLAs.• Analyzed events and logs to detect malicious applications, network activity, and system vulnerabilities, and improve incident response processes.• Collaborated with resolver groups to resolve major security incidents.

Responsible for the cybersecurity of a program, organization, system, or enclave. Reviews breach notification rule policies and procedures. Reviews policies and procedures related to physical, administrative, and technical safeguards. Provides compliance reports and participates in regular compliance meetings to discuss issues and mitigation strategies. Assesses and audits security requirements by studying business requirements; conducts system security and vulnerability analyses and risk assessments. Stays up to date with all governmental regulations regarding information protections and security system protections.● Implemented SOC as a service. ● Onboarded WAF, VAPT, ITSM, Patch Management Solutions.● Authored security architecture design documentation and standard operating procedures.● Leading the implementation of Security Framework (ISO 27K & NCA). ● Introduced use of security metrics to mitigate the vulnerability by analyzing historical threats, addressing risks/gaps/violations, and implementing improved protocols.● Serving as technical lead in responding to information security events and performance of initial diagnostics.● Evaluate and recommends new and emerging security solutions and best practices.● Lead the project of implementation of Multi-Factor Authentication (MFA)● Performs architecture assessments of systems and networks.● Implements an enterprise-wide definition of security, establishes and maintains data, network, and system security-related infrastructure, and applications and processes.● Manage security risk software vendor relationships to improve the use of automated security risk assessment tools.● Contribute to the definition, development, and oversight of a global security management strategy and framework.● Perform Change Management, Configurations, Design, and Implementation of Security products & Systems.● Perform and manage Onsite Risk Assessments as per process documents.

● Leading team of SOC Analyst/Operation team.● Monitor & Analyze security events for suspicious traffic.● Security device management (administration and configuration tasks)● Keeping track of day-to-day security operations team.● Review reports and ensures compliance to security policies and SLAs as applicable.● Perform in-depth analysis of events and logs for Detecting malicious applications and network activity, Common attack techniques that compromise hosts, Detecting and analyzing the system and network vulnerabilities, and Continuous process improvement by discovering the root causes of incidents.● Work to resolve major security incidents in conjunction with respective resolver groups. Experience configuring security information and event management (SIEM) tools including creating event filtering and correlation rules and reports.● Ability to work with customer and product specialists to weed out false positives and improve the efficiency of the Security operations.● Creation of knowledge base which will be used by SOC analysts for performing their roles.● Development of customized use cases based on the applicable threats to client infrastructure.● Creation of ad-hoc reports and Dashboards as per customer requirements.

● Maintain and monitor different IT Security systems (Proxy, ACS, AV…)● Defend the network against malware, viruses, and all threats that negatively impact confidentiality, integrity, and availability.● Managing Endpoint Security technologies for DC/Campus.● Performing Vulnerability Assessment on Servers & Network devices. ● Executing Patch management system from a Security perspective.● Providing daily reports and working on day-to-day activities/ issues for the Security domain.● Managing Mail Gateway and Mail Security and implementing best practices as per customer requirements.● Maintaining and implementing best practices in Web Proxy. ● Worked with various vendors for implementing multiple products & POC setups.● Handle all assigned customer requests within the agreed service level agreement.