5 years+ Cyber Security / Digital Forensics Analyst. Ranked number 10 out of 23,873 in Immersive Labs Cyber Competition, UK (handle PARZIVAL). Ranked #2 (Top 10) in CyberDefenders.org Cyber Competition, USA. Ranked #1 in Haiku Pro Cyber Security Competition.
- Wrote elite, detailed, and precise reports for MNP clients matching them to the MITRE ATT&CK cycle and TTPs.
- Reverse engineered malware statically and dynamically to find IoCs and malicious Win32 API calls and functions.
- Performed technical investigations on majority of ransomware / data breach security incidents to identify root cause analysis for well-known and large industrial, commercial, and municipal clients.
- Championed and assessed complex TTXs (table-top exercises) to support security awareness and maturity
- Participated in workshop creation for teaching staff about Powershell deobfuscation and malware reverse engineering
- Wrote Python scripts to sort and analyze big data for breached data
Mosse Cyber Security Institute
Jun 2020 – Jan 2022
Vancouver
Remote Intern
- Performed network vulnerability scans.
- Exploited vulnerabilities with state-of-the-art hacking tools like Metasploit.
- Defended web applications against common vulnerabilities such as SQL injection, XSS, etc.
Global Relay
Mar 2019 – Jun 2020
Vancouver, BC, Canada
Cyber Security Specialist
- Scripted in Python, BASH, and PowerShell to automate reporting for different systems using appropriate REST APIs.
- Worked with ArcSight / Splunk SIEM to triage incidents for the CSOC (Cyber Security Operations Center).
- Worked with different types audits: ISO 27001/2 and SOC 2 Audits.
- Monitored the CSOC Operations in a 12-hour shift basis.
Lululemon Athletica
May 2016 – May 2017
Vancouver, BC, Canada
Incident Response Analyst
- Worked with Trustwave SIEM to analyze log collection.
- Provided incident response to incoming incidents relating to malware and built IRP (incident response procedures).
- Worked on authentication and authorization mechanisms (SSO and MFA) for hardening Windows Server.
- Trained with Carbon Black suite: CBDefense and CBResponse
- Experience with IDSes and IPSes such as FireEye, TippingPoint, Symantec Endpoint (SONAR) to detect attacks before they come into place.
- Used Mandiant RedLine to analyze indicators of compromise, Internet history artifacts, and related activities.
- Escalated tickets to ServiceNow for quick incident response.
- Used Autopsy and FTK Imager to examine and analyze electronic media in suspected hacking and malware cases.
- Created KB (knowledge-base) documents for lower levels of Corporate Support and Store Support to follow.
- Drove SLAs to completion within a timely basis for critical malware alerts.
- Worked with PowerShell and Windows server/client OS, Active Directory, and O365.
Vancouver Community Network
Jan 2012 – Jan 2014
Vancouver, BC, Canada
Systems Administrator
- Provided technical support and performed onsite UNIX / Linux network maintenance
Education
British Columbia Institute of Technology
Feb 2014 – Jun 2019
Bachelors of Technology in Forensics Program (Computer Crime), Computer Forensics and Cybersecurity
Douglas College
Jan 2008 – Jun 2010
Diploma in Computer Science and Information Systems, Computer Science