Post Job Free
Sign in

Cybersecurity and SOC Specialist

Location:
Jersey City, NJ
Posted:
April 03, 2025

Contact this candidate

Resume:

ARSHAD AHMED

PROFESSIONAL SUMMARY

Cybersecurity and SOC Specialist with 14+ years of IT experience, including 9+ years dedicated to securing enterprise networks, applications, and sensitive data from cyber threats.

Extensive experience in Security Operations Center (SOC) environments, specializing in threat detection, incident response (IR), forensic analysis, and cyber defense strategies to protect critical infrastructures.

Proficient in Security Information and Event Management (SIEM) platforms like Splunk, QRadar, and ArcSight, leveraging advanced log correlation, anomaly detection, and threat intelligence for real-time security monitoring.

Skilled in threat hunting, vulnerability management, and risk mitigation, utilizing tools like Tenable Nessus, Qualys, Rapid7, and ThreatConnect to proactively detect and remediate security weaknesses.

Expertise in Endpoint Detection and Response (EDR) solutions such as CrowdStrike, Microsoft Defender ATP, and Carbon Black, ensuring advanced threat containment and behavioral anomaly detection .

Strong grasp of MITRE ATT&CK framework, NIST Cybersecurity Framework (CSF), CIS Controls, and SANS Incident Response Lifecycle, applying industry best practices to strengthen security operations.

Adept in SOC automation and orchestration through SOAR (Security Orchestration, Automation, and Response) platforms, optimizing incident response workflows and reducing dwell time.

Skilled in log analysis, correlation rule creation, and SIEM fine-tuning, enhancing

detection accuracy and reducing false positives to improve SOC efficiency.

Hands-on experience with Intrusion Detection/Prevention Systems (IDS/IPS), firewalls (Palo Alto, Check Point), and packet analysis tools (Wireshark, tcpdump) for deep forensic investigations.

Expertise in cloud security monitoring across AWS, Azure, and GCP, leveraging tools like AWS GuardDuty, Azure Sentinel, and Google Security Command Center to detect and mitigate cloud-based threats.

Strong background in Identity and Access Management (IAM), implementing Zero Trust Security models using Okta, Ping Identity, Active Directory, and MFA solutions for robust access control.

Knowledgeable in U.S. regulatory compliance frameworks such as PCI DSS, GDPR, HIPAA, ISO 27001, NIST 800-53, and CMMC, ensuring adherence to federal and industry security mandates.

Experienced in cyber incident response planning, digital forensics, tabletop exercises, and playbook development, enhancing organizational resilience against ransomware, APTs, and insider threats .

Skilled in scripting and automation using Python, PowerShell, and Bash, streamlining

security operations, log analysis, and automated remediation workflows

Familiar with AI/ML-driven security analytics, leveraging Extended Detection and Response (XDR), UEBA, and anomaly detection to enhance proactive threat defense.

Excellent communicator and cross-functional collaborator, adept at conveying

security risks to executive leadership, technical teams, and non-technical stakeholders to drive risk-informed decision-making

Committed to continuous learning and professional development, staying up to date with the latest threat landscapes, attack vectors, and cybersecurity innovations .

.

TECHNICAL SKILLS Core CyberSecurity & SOC Skills:

Incident Response & Management

Threat Intelligence & Threat Hunting

Digital Forensics & Incident Investigations

Insider Threat Detection & Mitigation

Root Cause Analysis & Post-Incident Reporting

Security Monitoring & Analysis:

Security Information & Event Management (SIEM) Management

Network Security Monitoring & Packet Analysis

Endpoint Detection & Response (EDR/XDR) Operations

Intrusion Detection & Prevention Systems (IDS/IPS) Monitoring

Data Loss Prevention (DLP) & Information Protection

Risk & Compliance Management:

Risk Assessment & Risk Management

Third-Party & Vendor Risk Management

Security Auditing & Compliance (NIST, ISO 27001, PCI-DSS, SOC 2, GDPR)

Compliance Monitoring & Internal Audits

Security Automation & Scripting:

Security Orchestration, Automation, and Response (SOAR)

Log Analysis & Event Correlation

Scripting for Security Automation (Python, PowerShell, Bash, Regex)

Identity & Access Management (IAM) & Cloud Security:

Identity & Access Management (IAM) & Privileged Access Management (PAM)

Cloud Security & Monitoring (AWS, Azure, Google Cloud)

Application & Web Security Testing (OWASP, WAF, SAST/DAST)

Soft Skills & Best Practices:

Analytical & Critical Thinking

Problem-Solving & Decision-Making Under Pressure

Crisis Management & Incident Coordination

Teamwork & Cross-Team Collaboration

PROFESSIONAL EXPERIENCE

SPEC - SECURITY OPERATIONS 04/2023 to Current

Verizon, Basking Ridge, NJ

Provided expertise with incident response, security event monitoring, vulnerability management, asset security compliance and Data Loss Prevention utilizing McAfee Nitro (SIEM), McAfee ePO, McAfee DLP.

Establish a strong GRC (Governance, Risk and Compliance) practice to ensure adherence to best practice, regulatory requirements, and ISO 27001.

Conducted a detailed gap analysis against ISO 27001 requirements, identifying and addressing non-compliance areas, which improved the organization's security posture and audit readiness.

Developed and implemented cybersecurity policies and procedures, increasing employee compliance with security protocols and reducing policy violations by 25% .

Collaborated with cross-functional teams to execute business continuity (BCP) and disaster recovery plans (DRP), ensuring seamless operations and compliance with ISO 27001's availability requirements.

Spearheaded the implementation of ISO 27001 standards, establishing a comprehensive, Information Security Management System (ISMS) that resulted in the bank achieving ISO 27001 certification within 12 months.

Automated alert triaging and phishing email investigations using InsightConnect, reducing SOC analyst workload.

Established a robust third-party risk management framework, improving vendor security assessments and reducing supply chain risks by 20% .

Delivered security awareness training across all levels of the organization, resulting in a

15% decrease in phishing-related incidents and improved employee vigilance.

Designed customized risk dashboards and reporting mechanisms for leadership, enabling data-driven decision-making and prioritization of critical security initiatives.

Achieved a 99% compliance rate during internal and external audits by implementing efficient remediation plans and control testing in alignment with ISO 27001.

Led the integration of SIEM solutions to enhance real-time monitoring and reporting of security incidents, improving detection capabilities by 35% .

Integrated DevOps tools for continuous security monitoring, enhancing visibility into potential vulnerabilities in production environments.

Nurtured relationships with key stakeholders within the organization to promote collaboration on security initiatives and increase overall buy-in for new policies or procedures.

Fostered a culture of continuous improvement by encouraging team members to share insights, experiences, and ideas for enhancing the effectiveness of the security program.

Conducted thorough investigations into security breaches, identifying root causes, and

recommending preventive measures.

Developed comprehensive incident reports to provide accurate documentation for internal review and legal proceedings when necessary.

Deployed asset discovery and monitoring capabilities in Rapid7 InsightIDR to improve visibility into endpoint security.

Improved team cohesion by conducting regular meetings to discuss ongoing issues, share information, and assess progress towards goals.

Ensured compliance with all relevant regulations by maintaining up-to-date knowledge on industry standards, laws, and best practices.

Addressed potential vulnerabilities proactively by conducting risk assessments and recommending adjustments to security protocols as needed.

Maintained a high level of situational awareness through continuous monitoring of security events, network traffic, and threat intelligence feeds to detect and respond to potential cyber threats.

Administer Azure AD, Conditional Access policies, and MFA configurations to enhance identity security.

Implemented Cloudflare Zero Trust Network Access (ZTNA) for secure remote access, reducing reliance on traditional VPNs and enhancing identity-based security.

Recorded incident reports with detailed accounts of occurrences

Led the integration of InsightIDR with cloud platforms (AWS, Azure, GCP) for centralized security monitoring..

Strengthened endpoint detection and response (EDR/XDR) visibility through InsightIDR integrations with CrowdStrike and Microsoft Defender.

Collaborated with management to develop security policies and procedures.

Monitored and approved access control systems for accessibility to authorized personnel.

Investigated and resolved security breaches to protect organization and corporate assets.

Manage Microsoft Intune for endpoint compliance, device enrollment, and security posture enforcement.

Managed FortiCloud logging, threat intelligence correlation, and security analytics to enhance visibility across the enterprise network.

Configure Cloudflare WARP for secure remote access, reducing unauthorized endpoint connections.

Conducted regular security audits and assessments to identify potential security risks and vulnerabilities.

Coordinated with IT personnel regarding security of digital assets and information systems.

CYBER RISK MANAGEMENT SPECIALIST 02/2020 to 04/2023

Valley Bank, Morristown, NJ

Responsible for assessing and managing cyber risks, ensuring the effectiveness of

controls, and providing strategic oversight of the bank's cybersecurity initiatives.

Managed relationships with regulators, maintaining open lines of communication to ensure transparent operations.

Conduct risk assessments to identify and mitigate potential cybersecurity threats .

Monitor emerging threats and analyze their impact on the bank's security landscape.

Collaborate with cross-functional teams to enhance the bank's cybersecurity posture.

Integrate CrowdStrike Falcon & Microsoft Defender for endpoint threat detection and response.

Configured AWS WAF, AWS Shield, and GuardDuty for firewall security, DDoS protection, and threat detection.

Customized InsightIDR dashboards and reports to provide executive leadership with key security insights.

Implement security best practices and recommend improvements to existing security policies.

Assisted with internal and external audits to confirm compliance with applicable laws and regulations.

Promoted a culture of continuous improvement through ongoing evaluation and refinement of compliance program elements.

Collaborated with cross-functional teams to address compliance concerns, fostering a culture of shared responsibility.

Designed and enforced security protocols and controls that reduced the bank's risk

Conducted Office 365 security assessments, including email security configurations & threat intelligence monitoring.

exposure by 40%, ensuring compliance with regulatory standards such as FFIEC, PCI DSS, and GLBA .

Successfully led the implementation of vulnerability management programs using tools like Qualys and Tenable Nessus, which improved the average remediation time by 30% and eliminated critical vulnerabilities in high-priority systems.

Implemented Rapid7 InsightIDR for continuous threat detection and compliance with FFIEC, PCI DSS, and GLBA regulations.

Developed and implemented cybersecurity policies and procedures, increasing employee compliance with security protocols and reducing policy violations by 25% .

Oversaw the development of access control policies and implemented least privilege models, ensuring secure access to sensitive data and reducing unauthorized access incidents by 40% .

Reduced potential information security incidents by developing and enforcing company- wide security policies and procedures.

Created detailed compliance and audit reports addressing regulatory standards (PCI DSS,

ISO 27001), delivering improvements that ensured a successful audit outcome.

Utilized InsightIDR Threat Intelligence to proactively detect and block threats targeting banking infrastructure.

Led cross-functional teams in establishing disaster recovery plans, minimizing potential data loss during critical incidents.

Enhanced network security by implementing advanced threat detection and prevention systems.

SOC CONSULTANT 03/2018 to 02/2020

BNY Mellon, New York, NY

Conducted security risk assessments and vulnerability analysis for enterprise systems, identifying and mitigating risks, resulting in a 25% reduction in exploitable vulnerabilities .

Designed and implemented custom use cases in SIEM platforms (Splunk and QRadar) to detect advanced persistent threats (APTs), improving threat detection accuracy by 30% .

Led SOC automation initiatives, integrating SIEM and SOAR tools for efficient incident management.

Investigated complex security incidents, including phishing attacks, malware infections, and insider threats, delivering actionable recommendations that reduced similar incidents by 40% .

Enhanced the organization's incident response processes, aligning with MITRE ATT&CK and NIST CSF, which led to a 20% improvement in response time for critical incidents.

Managed threat intelligence integration, proactively identifying and mitigating risks through analysis of threat actor behavior, preventing potential breaches in real-time.

Led efforts to integrate and correlate logs from diverse systems (firewalls, IDS/IPS, endpoint security tools) into centralized monitoring, improving situational awareness.

Delivered results in root cause analysis and post-incident reviews, implementing controls that strengthened defenses and reduced false positives by 15% .

Implemented Identity and Access Management (IAM) solutions, securing user access and addressing gaps that minimized unauthorized access incidents by 35% .

Migrated and secured cloud environments (AWS and Azure) using GuardDuty, CloudTrail, and Azure Security Center, ensuring compliance and reducing cloud misconfigurations.

Automated repetitive security tasks using Python and PowerShell, achieving a 20% increase in operational efficiency in security monitoring and response.

Developed customized cybersecurity training programs to raise employee awareness and minimize human error risks.

Integrated InsightConnect with incident response processes, reducing MTTR (Mean Time to Respond)

Implemented multi-factor authentication protocols, reducing unauthorized access to sensitive information.

Improved incident response times with the development of comprehensive incident management plans and procedures.

Reduced cyber attack risks by conducting thorough vulnerability assessments and penetration testing.

Enhanced SOC capabilities by deploying Rapid7 InsightIDR to detect and mitigate security incidents efficiently.

Automated alert triaging and phishing email investigations using InsightConnect, reducing SOC analyst workload.

Established a culture of shared responsibility for cyber hygiene within the organization through effective communication of policies, procedures and expectations around securing sensitive information.

Oversaw digital forensics investigations following security incidents, uncovering root causes and preventing future occurrences.

Streamlined security processes, optimizing system configurations for efficient threat monitoring and mitigation.

Conducted regular audits of security infrastructure, identifying weaknesses and recommending improvements.

Performed risk analyses to identify appropriate security countermeasures.

SECURITY OPERATIONS SPECIALIST 10/2015 to 12/2017

Verizon, Hyderabad

Established a strong GRC (Governance, Risk and Compliance) practice to ensure adherence to best practice, regulatory requirements and ISO 27001 standards.

Conducted security audits to identify compliance violations, report the issues by logging observations, suggest mitigations, and close the reviews on or before the due date.

Monitor sessions and events, and raise observations if any problems are identified.

Analyzed information, raised observations, and provided solutions and suggestions wherever applicable.

Demonstrated respect, friendliness, and willingness to assist wherever needed.

Integrated Rapid7 InsightConnect (SOAR) to automate response workflows, reducing incident resolution times by 30%.

Proven successful working in tight deadlines and a fast-paced environment.

Participated in team projects, demonstrating the ability to work collaboratively and effectively.

Worked on different programs including Awareness, Dashboard Preparation, CSO KPI, Asset Disposal Requests, Ad-hoc Reviews/Testing, Conducting Inductions and internal audits.

Ensured regulatory compliance by staying current on industry rules, guidelines, and reporting requirements.

Reduced false alarms by fine-tuning intrusion detection system configurations based on historical analysis of incidents.

Identified root causes of security breaches through thorough investigation and analysis of log data.

Deployed and managed Rapid7 InsightIDR for SIEM-based security event monitoring and real-time detection of advanced threats.

Provided technical support during high-priority incidents, ensuring timely resolution with minimal impact on business operations.

Maintained accurate documentation of all SOC activities, facilitating knowledge sharing across the organization.

Developed correlation rules in InsightIDR to detect patterns associated with APTs, phishing, and malware campaigns.

Improved incident management workflows through streamlined communication between SOC Analysts, IT departments, and other relevant parties.

Provided expert guidance on cybersecurity trends and emerging threats to internal stakeholders for informed decision making.

Supported compliance initiatives by conducting regular audits of security controls and providing recommendations for improvement.

Trained junior analysts in threat intelligence gathering techniques, improving overall team efficiency.

Configured InsightIDR's User Behavior Analytics (UBA) to identify anomalous activities and insider threats

Promoted a culture of security awareness through regular training sessions, presentations, and workshops for employees at all levels.

Led cybersecurity awareness programs, increasing staff vigilance against phishing and social engineering attacks.

Reduced false positive alerts, fine-tuning security monitoring tools based on detailed analysis.

Conducted comprehensive security assessments to identify risks and recommend mitigation strategies.

Conducted security audits to identify vulnerabilities.

MAJOR INCIDENT MANAGER 01/2013 to 10/2015

Verizon, Hyderabad

Worked as Incident Manager on tickets created in Service Now tool.

Developed a dashboard that categorizes tickets by priority, bounced tickets, and responded tickets.

Provided Tier-2 IT Support to all Verizon Employees working Worldwide with their Network, Active Directory, Software, Hardware, VPN, Shared Drives, Share Point, G Suite related issues.

Provided Transition Support & Trainings to the New Hires.

Created and updated knowledge based articles for the company's helpdesk portal - At Your Service.

Resolved complex technical issues through effective problem-solving techniques and root cause analysis.

Trained junior engineers on best practices related to system administration, providing guidance and mentorship for their professional growth.

Led root cause analysis investigations for significant events, identifying corrective actions to prevent recurrence.

Spearheaded the adoption of ITIL best practices within the organization, contributing to standardization across departments.

Improved major incident resolution times by implementing efficient processes and communication strategies.

Provided immediate emergency response and incident management.

Led and facilitated bridge calls with cross-functional teams, including network engineers, application developers, and external vendors, to expedite incident resolution.

Collaborated closely with stakeholders such as senior management, business leaders, and external clients to communicate incident status, impact assessments, and resolution timelines.

Conducted root cause analyses (RCA) for major incidents, delivering detailed reports and actionable recommendations to prevent recurrence and improve system reliability.

Trained and mentored junior engineers and incident responders, improving team readiness and technical competency during high-pressure situations.

Support included Operating System Support, Application Support, Networking & Storage Support.

Streamlined resolution processes for quicker response times and higher customer

satisfaction.

Utilized analytical skills to identify patterns in customer complaints, recommending targeted improvements to address underlying issues systematically.

Developed strong relationships with clients, leading to higher levels of trust and more effective problem-solving efforts.

Reduced escalation rates by proactively identifying potential issues and providing appropriate solutions.

Provided exceptional support during high-pressure situations, diffusing tension and facilitating productive discussions towards resolutions.

Maintained detailed records of case histories, enabling efficient tracking of recurring issues and trends for proactive management.

Managed a high volume of cases, effectively prioritizing tasks to ensure timely resolutions.

IT SUPPORT ENGINEER 2 01/2012 to 01/2013

C3i-Inc (HCL Tech), Hyderabad

Promoted as a Technical Help Desk Analyst Level II.

Handled escalations and mentored new hires with technical and process related queries.

Supported end-users in troubleshooting hardware and software problems effectively.

Contributed to successful completion of major IT projects within stipulated deadlines by efficiently collaborating with team members.

Handled high priority incidents with exceptional poise and composure, making quick decisions in effort to reduce overall impact.

Established strong relationships with stakeholders across various departments to facilitate seamless collaboration during high-pressure situations.

Optimized resource allocation during major incidents through effective prioritization and delegation techniques.

Developed highly effective incident response team and trained extensively in preparation for possible events.

Played a key role in maintaining business continuity during high-impact incidents by quickly identifying root causes and implementing effective recovery strategies.

IT SUPPORT ENGINEER 01/2011 to 01/2012

C3i-Inc (HCL Tech), Hyderabad

Worked as a Technical Help Desk Analyst supporting Johnson & Johnson employees with their Laptops, Printers, iPads, VPN and other internal Client Specific Applications.

Support included Operating System Support, Application Support, Networking & Storage Support.

Streamlined resolution processes for quicker response times and higher customer satisfaction.

Utilized analytical skills to identify patterns in users complaints, recommending targeted improvements to address underlying issues systematically.

Developed strong relationships with clients, leading to higher levels of trust and more effective problem-solving efforts.

Reduced escalation rates by proactively identifying potential issues and providing appropriate solutions.

Provided exceptional support during high-pressure situations, diffusing tension and facilitating productive discussions towards resolutions.

Maintained detailed records of case histories, enabling efficient tracking of recurring issues and trends for proactive management.

Managed a high volume of cases, effectively prioritizing tasks to ensure timely resolutions.

EDUCATION Osmania University, Hyderabad

Bachelor of Engineering Technology, Information Technology, 2010

CERTIFICATIONS

CompTIA Security+

ISO 27001

Essentials of ESRM

ITL V4 Foundation

AWS Solutions Architect - Associate

Fire Safety & Life Safety



Contact this candidate