About Sarmad
With five years of experience in cybersecurity, I’ve implemented security strategies that reduced risks and improved system resilience across networks and cloud environments.
In my previous role, I conducted regular vulnerability assessments, managed security operations and ensured compliance with industry standards such as ASVS and PCIDSS. I have hands-on experience with firewalls, SIEM tools, endpoint protection, and access controls, and I work well in both independent and cross-functional team settings.
English
Native or bilingual
Urdu
Native or bilingual
Can work on-site
Dubai (up to 50km)
Experience
- AL-ANSARI FINANCIAL SERVICESCYBER SECURITY ENGINEERAugust 2023 - August 2024 (1 year)Dubai, United Arab Emirates• Performing Vulnerability Assessment (VAPT) of RedHat and Windows Servers using Nessus to identify application & OS vulnerabilities in environment and suggesting remediation actions.• Analyzing and responding to security events on Dell Secureworks XDR and QRadar SIEM.• Monitoring and investigating alerts originating in Crowdstrike Falcon EDR, implementing rules and policies tailored to the security compliance standards.• Implementing and configuring Firewall and File Integrity Monitoring policies in EDR.• Assisting team in evidence gathering for PCI-DSS compliance.• As part of risk prevention, identifying and reporting impersonating threat actors through brand protection solution.• Familiarity with DLP solution and implementing DLP policies.• Familiarity with carrying out security awareness & email phishing exercises.• Familiarity with Checkpoint Email Security Solution.• Experience in managing and applying policies in Netskope Proxy Solution.
- EMPIRICAI LTDCYBER SECURITY ENGINEERFebruary 2020 - May 2022 (2 years and 3 months)• Conducting web application penetration testing using OWASP top 10 and ASVS standards to ensure application security and compliance.• Proficiently performed Dynamic Application Testing (DAST) using industry-leading tools such as BurpSuite and ZAProxy to ensure robust security of applications.• Performed AWS cloud security assessments to identify and remediate vulnerabilities and misconfigurations, ensuring a secure and compliant infrastructure.• Executed AWS cloud penetration testing utilizing PACU attack framework to enhance cloud security posture.• Performed API testing and SAST testing of Java, Node.js, and Python applications using tools such as Bitbucket and SonarCloud to ensure the delivery of high-quality software.• Proactively securing Windows and Linux operating systems through hardening techniques aligned with CIS benchmarks, ensuring optimal protection against potential cyber threats.• Penetration testing of operating systems and networks utilizing advanced tools such as Nmap, Kali Linux, and Metasploit to identify vulnerabilities and improve overall security posture.• Monitored, analyzed and responded to security alerts and events utilizing ELK SIEM to defend client's security posture.
- INBOX BUSINESS TECHNOLOGIESSOC ANALYSTNovember 2019 - February 2022 (2 years and 3 months)• Monitored Security Operations Center (SOC) using Graylog SIEM, proactively developing and implementing advanced use-cases to enhance threat detection and response capabilities.• Analyzed security logs from different assets and performed analysis on logs for threat hunting.
Recommendations
Be the first to recommend Sarmad
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- BACHELORS OF SCIENCENATIONAL UNIVERSITY OF SCIENCES AND TECHNOLOGY2018BACHELORS OF SCIENCE
- TrainingsOrgsSANGFOR IAM ASSOCIATE CERTIFIED TRYHACKME PENTEST AND ANALYST PATH TRAININGS CYSA+ TRAINING