Summary

Overview

Education

Work History

Certification

Skills

Timeline

Muhammad Alishan Mirza

Information Security Engineer

Chicago,IL

Summary

Cybersecurity engineer with hands-on experience in cloud security, DevSecOps, penetration testing, and digital forensics. Skilled in vulnerability management, secure CI/CD pipelines, incident response, malware analysis, and ML-based threat detection. Strong understanding of NIST SP 800 series, CIS Controls, MITRE ATT&CK/ATLAS, ISO 27001, and AI risk governance. Pursuing MS in Cyber Forensics & Security at Illinois Institute of Technology.

Overview

years of professional experience

Certificates

Education

MS - Cyber Forensics & Security

Illinois Institute of Technology

Chicago, IL

01.2027

BS - Software Engineering

DHA Suffa University

Karachi

01.2025

Work History

DevOps Engineer

NayaPay

10.2024 - 08.2025

Software Engineer Intern

Systemapic

03.2024 - 04.2024

Built automation workflows (Zoho, Make.com), reducing manual tasks 50%; integrated Twitter API automations.

Student Penetration Testing Intern

Ghanimah Canada

11.2022 - 11.2023

Performed pentesting using Metasploit, Burp Suite, Nessus, Hydra, Nmap; exploited OWASP Top 10 issues (SQLi, XSS, CSRF).
Executed privilege escalation, lateral movement, Kerberoasting; mapped TTPs to MITRE ATT&CK.

Certification

CompTIA Security+ Certified (2025)

Skills

Cybersecurity: Pentesting, Vulnerability Mgmt, Incident Response, SIEM (Wazuh/Splunk), SAST/DAST, Threat Hunting

DFIR: FTK, Autopsy, Ex3, Volatility, Memory/Registry Analysis

DevSecOps/Cloud: Docker, Kubernetes, Terraform, Ansible, Jenkins, Git, AWS IAM/VPC/GuardDuty, Azure & GCP Cloud

Frameworks: NIST SP 800 series, MITRE ATT&CK/ATLAS, NIST AI RMF, CIS Controls, ISO 27001

Tools: Burp, Metasploit, Nmap, Nessus, Hydra, ELK Stack, Prometheus, Grafana, Vault

Programming: Python, Java, C, Bash, PowerShell, SQL, Javascript

OS and Servers: Linux (RHEL/Ubuntu/Kali), Windows Server, Active Directory, Tomcat, Apache, Nginx