← Back to list
Registration: 03.03.2025

Muhammad Naveed Khan

Specialization: System / Security Specialist
— With 15 years of experience in the Systems and cybersecurity field and a dedication to continuous learning, I possess the strong leadership qualities, technical expertise, and certifications necessary to significantly contribute to your team. — I am passionate about staying at the forefront of cybersecurity best practices and hold several security certifications. — Security plus: SY0-501, GSLC -GIAC Security Leadership, where CISSP, CEH and CISM are completed under my organization SABIC(Saudi Basic Industries) online skills. Soft learning system called Percipio, it helped with demonstrating my deep understanding of: — Information security and risk management frameworks. — Secure architecture and design principles. — Incident response and threat mitigation strategies. My recent technical achievements include: — Proactively identified and mitigated a zero-day vulnerability, preventing a potential data breach and saving the company. — Developed and implemented a comprehensive security awareness training program, leading to a 99.99% increase in employee cyber hygiene. — Led the migration to a cloud-based security platform, ensuring a seamless transition and enhanced security posture. Commitment to Collaboration and Communication: — Beyond technical expertise, I prioritize clear and concise communication with both technical and non-technical audiences. — Collaborating effectively with cross-functional teams to develop and implement security solutions aligned with business objectives.
JavaScript Python SQL Git MySQL Linux HTML C++ C# Jira Node.js CSS Project Management Scrum Adobe Photoshop QA Web Design jQuery Design Azure Power BI CI/CD methodologies Wordpress Excel
— With 15 years of experience in the Systems and cybersecurity field and a dedication to continuous learning, I possess the strong leadership qualities, technical expertise, and certifications necessary to significantly contribute to your team. — I am passionate about staying at the forefront of cybersecurity best practices and hold several security certifications. — Security plus: SY0-501, GSLC -GIAC Security Leadership, where CISSP, CEH and CISM are completed under my organization SABIC(Saudi Basic Industries) online skills. Soft learning system called Percipio, it helped with demonstrating my deep understanding of: — Information security and risk management frameworks. — Secure architecture and design principles. — Incident response and threat mitigation strategies. My recent technical achievements include: — Proactively identified and mitigated a zero-day vulnerability, preventing a potential data breach and saving the company. — Developed and implemented a comprehensive security awareness training program, leading to a 99.99% increase in employee cyber hygiene. — Led the migration to a cloud-based security platform, ensuring a seamless transition and enhanced security posture. Commitment to Collaboration and Communication: — Beyond technical expertise, I prioritize clear and concise communication with both technical and non-technical audiences. — Collaborating effectively with cross-functional teams to develop and implement security solutions aligned with business objectives.
JavaScript Python SQL Git MySQL Linux HTML C++ C# Jira Node.js CSS Project Management Scrum Adobe Photoshop QA Web Design jQuery Design Azure Power BI CI/CD methodologies Wordpress Excel

Portfolio

Multi Honeypot Platform

Deployed T-Pot on Azure Cloud, bolstering security measures and enabling advanced threat detection and analysis. ● Monitored and analyzed honeypot data generated by T-Pot, enabling early detection and response to potential cyber threats.

Vulnerability Assessment Lab

Set up and configured a Windows virtual machine (VM) on VirtualBox, creating a secure and isolated environment for testing and analysis. ● Conducted comprehensive vulnerability scans using Nessus to identify and assess potential security risks and weaknesses. ● Developed and implemented effective remediation strategies to address identified vulnerabilities, minimizing potential risks and strengthening system resilience.

SIEM Implementation in Azure Cloud

Successfully deployed Microsoft Sentinel SIEM solution in Azure Cloud, fortifying the cloud’s cybersecurity capabilities and enabling proactive threat detection and response. ● Enhanced threat detection with custom KQL analytics rules, enabling swift incident response to safeguard assets. ● Conducted incident investigations using SIEM tools and techniques to analyze cybersecurity incidents. ● Implemented remediation actions to mitigate and resolve identified cybersecurity incidents, minimizing the impact on critical assets and preventing recurrence.

Skills

Splunk
Python
Microsoft Office 365
QRadar
Qualys
ELK Stack
MacAfee
Black Carbon
Burp Suite
OWASP
Wireshark
Kali Linux
Snort
Metasploit
Nmap
Tcpdump
Bash
SIEM
SOAR
C#
JavaScript
Jquery
HTML5/CSS3
Azure
SharePoint
MS Defender
Azure Sentinel
PowerApps
PowerShell
Power Bi

Work experience

Web / Security Specialist
since 04.2024 - Till the present day |Firstline Cars
GDPR, DocuSign
Optimized internal processes by designing and implementing portal sites to manage Roles & Responsibilities effectively. Led the full project lifecycle. ● Led the deployment and integration of Hikvision face recognition terminals across multiple facilities, replacing legacy systems and modernizing access control protocols. ● Ensured compliance with GDPR data privacy laws by implementing strict policies for managing and securing biometric data, including encryption and access control for 99% of sensitive information. ● Directed the successful deployment and integration of DocuSign for electronic signature management system. ● Decreased document turnaround times by automating approval chains and minimizing the need for manual handling, boosting operational efficiency and reducing delays by up to 90%.
System / Security Specialist
08.2013 - 04.2024 |SABIC
ISO 27001/2, NIST CSF, GDPR, IDS/IPS, SIEM
Implemented threat intelligence practices by collecting and analyzing data from external sources such as opensource intelligence feeds and Malware database services, resulting in a 30% reduction in potential security risks. ● Efficiently interpreted data from cyber threat intelligence sources to identify potential vulnerabilities and develop proactive measures to mitigate risks, effectively reducing the average time it takes to detect a cyber-attack by 30%. ● Effectively Implemented industry-leading cyber security standards, including ISO 27001/2 certification, NIST CSF, GDPR, and Maturity Models resulting in a 75% reduction in regulatory compliance violations. ● Performed comprehensive penetration testing on 50+ web applications, identifying and remediating over 200 vulnerabilities, achieving a 75% decrease in potential security breaches. ● Successfully Administered network traffic logs from various sources at SOC, including firewalls, IDS/IPS systems, and applications logs, and defined SIEM Rules, to detect and prevent security breaches in real time.
Software Engineer
07.2011 - 06.2013 |Chamber Of Commerce
MS SharePoint, ECM, IAM
Developed and implemented a comprehensive MS SharePoint & ECM governance strategy for 70+ projects, resulting in an 80% decrease in site collection breaches and increased security by 60%. ● Protected privileged access by implementing an account lockout threshold and blocking client forwarding rules, reducing the risk of unauthorized access by 40%. ● Ensure a proactive and continuous audit, monitor and alert on changes to systems, configurations, and data, and audit any change made on-premises or in the cloud to help improve visibility, security, and compliance readiness. ● Executed security measures such as Identity and access management (IAM), creating the required User groups to manage and control share permissions, ensuring compliance with industry regulations, and reducing the risk of data breaches by 30%.

Educational background

Business Administration (Masters Degree)
Till 2008
University Of Central Punjab
University Of Central Punjab (Bachelor’s Degree)
Till 2004
University Of Central Punjab

Languages

EnglishAdvancedUrduNativePunjabiProficientArabicUpper Intermediate