Hamza Aslam

• Assisted in developing security governance documentation, including Acceptable Use, Password, and Access Control policies across
multiple client environments, supporting consistent policy enforcement.
• Supported incident response documentation aligned with NIST SP 800-61r3, helping define structured response procedures and
improving incident response readiness.
• Performed risk assessments across client environments, identifying security gaps and documenting risks in risk registers with risk matrix
evaluation and mitigation tracking.
• Conducted NIST CSF 2.0 gap analysis to assess security controls, supporting remediation recommendations and documenting findings to
improve compliance posture.
• Supported ISO/IEC 27001 compliance and audit activities, assisting in control validation for regulatory audit requirements in alignment with
British Council IELTS compliance for MCG Technologies.
• Assisted in implementing endpoint security controls such as removable media restrictions and access control enforcement, contributing to
up to 20% reduction in policy violations and improved compliance adherence.
• Supported Business Continuity Plan (BCP) documentation by contributing to recovery procedures and continuity planning activities,
including defined recovery objectives (RTO: 15 minutes).
• Delivered 6+ security awareness training sessions to 40+ employees on phishing, password hygiene, physical security, and acceptable use
policies, improving user security awareness and compliance behavior.
• Remediated 20, 000+ vulnerabilities through patching, system hardening, and configuration management, reducing organizational risk
exposure and ensuring alignment with security baseline requirements.

• Remediated 20, 000+ vulnerabilities across multiple client environments, reducing attack surface and improving overall security posture.
• Implemented patch management and system hardening in collaboration with cross-functional teams, consistently meeting SLA targets.
• Triaged 10-30 daily alerts using Splunk SIEM and SentinelOne EDR in a 24/7 SOC environment.
• Reduced false positives by 25% through SIEM tuning and improved alert analysis.
• Developed and tuned Splunk queries (SPL) to detect phishing, DDoS and brute-force attacks.
• Investigated 25+ confirmed security incidents with SOC L2 team, performing containment and root cause analysis.
• Mapped threats to MITRE ATT&CK framework to enhance detection accuracy and alert context.
• Supported end-to-end incident response, including detection, investigation, containment, and reporting.
• Analyzed system logs and network traffic to identify threats and vulnerabilities across multiple environments.
• Developed and improved incident response playbooks aligned with NIST CSF 2.0 and SP 800-61.
• Strengthened security controls in alignment with NIST and ISO 27001 standards.
• Documented incidents and vulnerabilities to support audits, compliance, and continuous improvement.

Security product development, security services, and training lab
• Applied Python for automation, including web scraping and data collection to support security research and analysis tasks.
• Developed understanding of the cyber kill chain and how adversaries exploit system and network weaknesses.