Nawazish Ali | Freelancer Resume

Nawazish Ali Passport: ST- Nationality: Pakistani Date of birth: 23/04/2002 Place of birth: Khanpur, Pakistan Gender: Male  Phone number: (-  Email address:-  LinkedIn: www.linkedin.com/in/nawazish22p  Home: Chak # 22P P.O Mari Allah Bachaya Khanpur District Rahim Yar Khan, 64100 Khanpur (Pakistan) ABOUT ME I have skills in SOC operations, including threat detection, incident response, and log analysis using SIEM tools. With expertise in both offensive and defensive security, I have a top 8% ranking on TryHackMe and hold multiple certifications, showcasing my practical knowledge and dedication to cyber security. WORK EXPERIENCE  Cyborts – Islamabad City: Islamabad SOC Analyst Internship [ 01/07/2025 – Current ] • • • • Learned SOC workflow, alert handling, and escalation process. Monitored and analyzed logs using Wazuh for suspicious activity. Detected brute force and malware using Wazuh rules and threat feeds. Monitored network traffic and blocked threats using pfSense and Suricata.  Mindbridge – Islamabad City: Islamabad Network Complaint Unit [ 01/07/2025 – Current ] • • • • • Handled customer queries related to internet and network issues in a timely manner. Diagnosed and resolved basic connectivity problems via call, email, or ticketing system. Provided clear instructions to customers for troubleshooting modem/router configurations. Escalated unresolved or critical network issues to higher technical teams. Maintained logs and ensured proper follow-up to ensure customer satisfaction.  Redynox – Islamabad City: Islamabad Network Security Internship [ 04/07/2025 – Current ] • Learned basic network security, configured firewall, and captured traffic using Wireshark. • Identified and analyzed threats like viruses, phishing, and suspicious network activity. • Used WebGoat and OWASP ZAP to find and exploit web vulnerabilities like SQLi, XSS, and CSRF. • Documented findings with screenshots and suggested mitigation steps for each vulnerability. • Improved LinkedIn presence by sharing internship updates and engaging with cybersecurity content.  Sybrid Pvt Ltd – Islamabad City: Islamabad Technical Support Engineer [ 01/02/2024 – 10/06/2025 ] • • • • • Troubleshooting & Problem-Solving Operating Systems & Software Networking & Security Basics Customer Support & Communication Hardware & System Maintenance  Trilliums Information Security System – Islamabad City: Islamabad Penetration Testing Internship [ 12/2024 – 02/2025 ] • • • • • Vulnerability Scanning and Exploitation Enumeration Techniques Web Application Testing Network Penetration Testing Reporting EDUCATION AND TRAINING Bachelor's in Cyber Security Khwaja Fareed UEIT [ 09/2020 – 08/2024 ] City: Rahim Yar Khan PROJECTS [ 03/2025 ] SSH Honeypot with Interactive Shell for Attack Monitoring • Created a Python honeypot using Paramiko for SSH. • Learned SSH authentication and attacker access methods. • Captured and logged attacker actions on the honeypot. • Implemented logging to track attacker activities • Deployed honeypot in VMs, configured networking • Analyzed logs to identify attack patterns. [ 2024 ] Honeypot For Cloud Attack Detection With Offensive Toolkit • Set up a honeypot on a cloud-based Linux machine. • Configured security protocols to secure the environment. • Implemented monitoring tools to detect unauthorized access attempts. • Simulated a vulnerable system to collect data on attacker methods and behaviors. TRAININGS [ 26/05/2025 – Current ] PAM Training (Privileged Access Management) • Understanding privileged accounts and their risks. • Using PAM tools to manage and secure privileged access (e.g.CyberArk, BeyondTrust). • Setting up policies, password vaulting, session monitoring. • Defining roles, permissions, and access levels. • Tracking and reporting privileged user activities for security and compliance. [ Current ] SOC L1 (TryHackMe) • SOC Fundamentals • Log Analysis & Monitoring • Threat Intelligence & Detection • Network Security Monitoring Cyber Security Training IGNITE 2022: Participated at COMSATS Islamabad; ranked in the top 15%. 2023: Competed at LUMS Lahore; ranked in the top 10. CERTIFICATIONS [ 2024 ] C3SA (Certified Cyber Security Analyst) • Threat Analysis Identify and assess potential cyber threats. • Vulnerability Assessment Find system weaknesses that attackers could exploit. • Incident Response Plan and react to cybersecurity incidents. • Defensive Strategies Use tools like firewalls and encryption to prevent attacks [ 2024 ] Ethical Hacking Essentials EHE • Ethical Hacking Learn legal techniques to test and improve system security. • Penetration Testing Simulate attacks to identify system vulnerabilities. • Vulnerability Exploitation Understand how attackers exploit weaknesses to protect systems. • Cybersecurity Best Practices Implement strategies to secure systems and prevent breaches. [ 12/2023 ] The Malware Analysis • Malware Identification Recognize different types of malware (viruses, worms, etc.) and their behavior. • Static Analysis Examine malware code without running it (file structure, signatures, patterns). • Dynamic Analysis Run malware in a controlled environment (sandbox) to observe its behavior. • Reverse Engineering Decompile malware code to understand its function and identify vulnerabilities. [ 2023 ] Cyber security Careers : Become a Penetration Tester • Pen Testing Basics Role and methods of a penetration tester. • Tools & Techniques Using tools like Metasploit, Nmap, and Burp Suite. • Vulnerability Assessment Identifying system weaknesses. • Reporting Documenting findings professionally. • Ethical Hacking Legal and ethical considerations. [ 2024 ] Make In-House Hacking and Pentesting Lab • Set Up Hacking Lab Build a secure environment for testing. • Configure Lab Set up VMs, networks, and tools for testing. • Manage Lab Keep the lab updated for effective practice. • Simulate Attacks Test real-world attack scenarios. [ 05/2023 ] Learning Penetration Testing • Reconnaissance Gathering target info. • Scanning Identifying vulnerabilities. • Exploitation Attempting attacks. • Post-Exploitation Maintaining access. • Reporting Documenting findings. [ 07/2023 ] Pre-Security • Cyber security basics • Networking basics and weaknesses • The web and common attacks • Learn to use the Linux operating system [ 08/2023 ] Intro to Cyber Security Fundamentals • Basic Security Concepts Confidentiality, Integrity, Availability. • Types of Cyber Threats Viruses, Malware, Phishing, Ransomware. • Encryption Data security techniques. • Firewalls and VPNs Network protection tools. TECHNICAL SKILLS Vulnerability Assessment SIEM Solutions Wazuh IDS /IPS Networking OWASP Top 10 Endpoint Security Logs Monitoring