Summary
Overview
Work History
Education
Skills
Certification
Timeline
SoftwareDeveloper
Aftab Ali

Aftab Ali

Cyber Security Specialist | GRC Analyst
Islamabad

Summary

Dedicated and highly skilled cybersecurity engineer with 03 years of experience in designing, implementing, and managing robust cybersecurity solutions. Adept at identifying vulnerabilities and developing proactive strategies to mitigate risks. Seeking to leverage my expertise to protect and enhance the security of an organization through innovative solutions and vigilant monitoring.

Overview

3
3
years of professional experience
2
2
years of post-secondary education
4
4
Certificates
1
1
Language

Work History

Senior Vendor Cyber Risk Analyst

S&P Global
Islamabad
07.2023 - Current
  • Conduct comprehensive assessments of potential and existing vendors' cybersecurity practices and controls.
  • Identify and evaluate cyber risks associated with vendor relationships, including data breaches, compliance issues, and operational vulnerabilities.
  • Ensure that vendors meet regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS) and internal security policies.
  • Develop risk scoring methodologies to quantify the level of risk associated with each vendor, allowing for prioritization.
  • Review and assess vendors' adherence to industry-recognized security standards (e.g., ISO 27001, NIST Cybersecurity Framework).
  • Review the architecture and design of cloud-based applications and services to ensure they are secure by design.
  • Assess the security posture of cloud service providers and third-party vendors, ensuring they meet the organization's security standards.
  • Stay updated on emerging cybersecurity threats and vulnerabilities that could impact vendor relationships.

Senior Product Specialist

S&P Global
Islamabad
05.2023 - 07.2023
  • Extracted data from various source systems, including databases, APIs, and flat files, using ETL tools.
  • Transformed raw data into a structured and usable format through data cleansing, validation, and enrichment processes. Implemented data quality checks to ensure accuracy and consistency.
  • Designed, developed, and maintained ETL workflows and data pipelines to automate data extraction, transformation, and loading tasks. Wrote SQL queries and scripts for data manipulation.
  • Integrated data from multiple sources to create comprehensive datasets for analytics and reporting purposes. Ensured data compatibility and resolved schema conflicts.
  • Tuned ETL processes for improved performance and efficiency, reducing data processing times by [mention percentage] through optimization techniques such as parallel processing and indexing.
  • Maintained detailed documentation of ETL workflows, data mappings, and transformations, ensuring that team members could easily understand and replicate processes.

Associate Product Specialist

S&P Global
Islamabad
02.2022 - 04.2023
  • Improved ETL process efficiency, reducing processing time by half, leading to faster data availability for decision-making.
  • Implemented robust error handling mechanisms to identify and resolve data integration issues promptly. Developed alerting systems for real-time monitoring of ETL jobs.
  • Responsible for designing, deploying, and maintaining the company's network infrastructure, ensuring high availability and reliability.
  • Provided technical support and troubleshooting for infrastructure-related issues, ensuring minimal impact on business operations.
  • Managed server environments, including Windows Server and Linux, and ensured regular patching and updates.

Security Engineer

Ebryx
Lahore
08.2021 - 01.2022
  • Proactively monitor and analyze security alerts generated by SIEM (ELK, Wazuh, CrowdStrike Falcon, etc.) systems, IDS/IPS, firewalls, and other security tools.
  • Investigate and assess the severity of security incidents, including malware infections, data breaches, and suspicious network activity.
  • Perform regular vulnerability assessments and penetration testing to identify weaknesses in the network and recommend remediation actions.
  • Assist in the configuration and tuning of security tools to optimize threat detection capabilities.
  • Stay updated on the latest cybersecurity threats, vulnerabilities, and industry best practices to enhance the security posture of the organization.

Malware Analyst

National Cyber Security Auditing & Evaluation Lab (NCSAEL), MCS-NUST
Rawalpindi
11.2020 - 07.2021
  • Conduct static and dynamic analysis of malware samples to identify their origins, capabilities, and potential impact on systems.
  • Reverse engineer malicious code using security tools, including IDA Pro, Wireshark, and Sandboxing to understand its functionality, including its command and control mechanisms.
  • Develop and maintain custom scripts and tools for automating analysis processes.
  • Stay up-to-date with emerging threats and trends in the cybersecurity landscape.
  • Provide expert guidance on threat intelligence to enhance the organization's security posture.

Education

Bachelor of Science - Computer Science

Air University
Islamabad, Pakistan
09.2016 - 2020.12

Master of Science - Information Security

National University of Science And Technology
Rawalpindi, Pakistan
10.2021 - 12.2023

Skills

    Malware Analysis

undefined

Certification

CISA - Certified Information Systems Auditor

Timeline

Senior Vendor Cyber Risk Analyst

S&P Global
07.2023 - Current

Senior Product Specialist

S&P Global
05.2023 - 07.2023

AWS Certified Solutions Architect

01-2023

Microsoft Certified: Azure Data Fundamentals

09-2022

AWS Certified Cloud Practitioner

07-2022

Associate Product Specialist

S&P Global
02.2022 - 04.2023

Master of Science - Information Security

National University of Science And Technology
10.2021 - 12.2023

CISA - Certified Information Systems Auditor

09-2021

Security Engineer

Ebryx
08.2021 - 01.2022

Malware Analyst

National Cyber Security Auditing & Evaluation Lab (NCSAEL), MCS-NUST
11.2020 - 07.2021

Bachelor of Science - Computer Science

Air University
09.2016 - 2020.12

Similar Profiles

  • Seohyun (Alice) Kang

    Seohyun (Alice) KangSeohyun (Alice) Kang

    Senior Customer Success Manager at S&P GlobalSenior Customer Success Manager at S&P Global

    View Profile
  • Spencer Clauson

    Spencer ClausonSpencer Clauson

    Senior Product Development Manager at S&P GlobalSenior Product Development Manager at S&P Global

    View Profile
  • Puneet Bhatia

    Puneet BhatiaPuneet Bhatia

    Product Management Associate Director at S&P GlobalProduct Management Associate Director at S&P Global

    View Profile
Aftab AliCyber Security Specialist | GRC Analyst