Rao Afham Shahid

• Assisted in performing risk assessments and maintaining risk registers aligned with regulatory and security
frameworks.
• Conducted gap assessments by comparing organizational policies and controls against industry standards such as
SAMA CSF, NCA ECC, CCC, and CSCC.
• Evaluated inherent and residual risks by analyzing likelihood, impact, existing controls, and treatment plans.
• Reviewed Identity & Access Management (IAM) controls including SSO with MFA, RBAC implementation, PAM
integration, and automated user provisioning/deprovisioning processes.
• Assessed control effectiveness (Preventive & Detective) and provided recommendations for remediation and
compliance improvement.
• Participated in documentation review and compliance validation to ensure alignment with regulatory
requirements.
• Supported risk treatment decisions including risk mitigation, acceptance, and documentation of corrective action
plans.
• Actively expanding knowledge in enterprise risk management, regulatory compliance, and control implementation
practices within GRC domain.

+ Gained hands-on experience with network infrastructure, including core switches, routers, firewalls, and DMZ
configurations.
+ Worked with firewall technologies (Perimeter, Data Center, Next-Gen, Palo Alto) for traffic filtering, access
control, and application-level inspection.
+ Assisted in configuring and monitoring proxy servers, Burp Suite, and firewall policies for secure traffic
management.
+ Collaborated with the SOC (Security Operations Center) team
to observe real time threat monitoring, incident
alerts, and response workflows.
+ Learned and practiced with security tools such as SIEM, SNMP, IRIS (incident Response and Investigation System),
Nikto, Wireshark, Nexpose, and SolarWinds for vulnerability assessment and network monitoring.
+ Understood enterprise network design including production & disaster recovery (OR) environments, load
balancing (VIPs), MPLS/VXLAN connectivity, and high-availability setups.
+ strengthened knowledge in web application security (WAF, SQL injection prevention, sniffing. enumeration\] and
email security protocols (SMTP, IMAP, POP3).

• Gained hands-on experience with network infrastructure, including core switches, routers, firewalls, and DMZ
configurations.
• Worked with firewall technologies (Perimeter, Data Center, Next-Gen, Palo Alto) for traffic filtering, access control,
and application-level inspection.
• Assisted in configuring and monitoring proxy servers, Burp Suite, and firewall policies for secure traffic
management.
• Collaborated with the SOC (Security Operations Center) team to observe real-time threat monitoring, incident
alerts, and response workflows.
• Learned and practiced with security tools such as SIEM, SNMP, IRIS (Incident Response and Investigation System),
Nikto, Wireshark, Nexpose, and SolarWinds for vulnerability assessment and network monitoring.
• Understood enterprise network design including production & disaster recovery (DR) environments, load balancing
(VIPs), MPLS/VXLAN connectivity, and high-availability setups.
• Strengthened knowledge in web application security (WAF, SQL injection prevention, sniffing, enumeration) and
email security protocols (SMTP, IMAP, POP3).

• Implemented File Integrity Monitoring (FIM) using Wazuh to detect unauthorized file changes.
• Configured malware detection logic to trigger alerts and automatically delete malicious files.
• Performed vulnerability assessments to identify and patch critical exposures.
• Integrated VirusTotal API with Wazuh to enhance malware identification.
• Worked with tools like IBM QRadar and OSSIM for log correlation and event analysis.

Overview: project, we built a complete cyber security monitoring system using open-source tools to help small and
medium-sized businesses (SMEs) detect and respond to cyber threats in real-time.
Key Components & What We Did:
• Wazuh Installation & Setup: Deployed Wazuh on Ubuntu to act as the SIEM (Security Information and Event
Management) system.
• Wazuh Agent Integration: Installed Wazuh agents on Windows systems to send logs and detect suspicious activity.
• File Integrity Monitoring (FIM): Set up rules to monitor critical files and folders for unauthorized changes.
• Malware Detection: Configured Wazuh to detect malicious files. Integrated it with VirusTotal API for real-time
scanning of file hashes.
• Automatic Malware Response: Built Python scripts to delete malicious files if detected by Wazuh and flagged by
VirusTotal.
• Log Analysis: Used Kibana dashboards to visualize logs, alerts, and system activities.
• Threat Hunting: Performed manual log analysis and threat investigation using Wazuh alerts.

+ Installed and configured WebGoat, an intentionally wuinerable
web app, to simulate real-world security attacks *
Used OWASP ZAP to intercept and scan traffic, successful identifying:
• SQL injection (SQL): Extracted sensitive data via manipulated queries.
+ Cross-Site Scripting (XSS): Executed malicious JavaScript payloads.
+ Cross-Site Request Forgery (CSRF): Created and tested CSRF PoC attacks.
+ Documented each vulnerability with screenshots, exploitation steps, and mitigation strategies.
+ Configured
Windows Defender Firewall to block high-risk ports
(e g., 23, 4444).
+ Monitored real-time traffic using Wireshark, filtered DNS/HTTP/TLS traffic, and analyzed suspicious IPs via
iplocation.net.
+ Gained practical exposure to both network-level and application-level attack prevention.

• Installed and configured WebGoat, an intentionally vulnerable web app, to simulate real-world security atacks
◦
Used OWASP ZAP to intercept and scan traffic, successfully identifying:
• SQL Injection (SQLi): Extracted sensitive data via manipulated queries.
• Cross-Site Scripting (XSS): Executed malicious JavaScript payloads.
• Cross-Site Request Forgery (CSRF): Created and tested CSRF PoC atacks.
• Documented each vulnerability with screenshots, exploitation steps, and mitigation strategies.
• Configured Windows Defender Firewall to block high-risk ports (e.g., 23, 4444).
• Monitored real-time traffic using Wireshark, filtered DNS/HTTP/TLS traffic, and analyzed suspicious IPs via
iplocation.net.
• Gained practical exposure to both network-level and application-level atack prevention.

tools
(Netdiscover, Spiderfoot).
+ Performed vulnerability scanning with Nikto and other scanners to detect misconfigurations and web
vulnerabiltes.
«Conducted network sniffing and traffic analysis using Wireshark; practiced social engineering to evaluate human
attack surface.
• Built and tested Android payloads (EviDroid) in controlled lab environments to assess mobile threats and improve
defenses.

+ implemented File Integrity Monitoring (FIM) using Wazuh to detect unauthorized fle changes.
+ Configured malware detection logic ta trigger alerts and automatically delete malicious files.
+ Performed vulnerability assessments to Identify and patch critical exposures.
+ Integrated VirusTotal AP! with Wazuh to enhance malware identification.
+ Worked with tools ike 18M QRadar and OSSIM for log correlation and event analysis.

Contribute to RETO education and community programs including Smart Study, Self-Learners Intiative, Career
Guidance, and the Health Chapter.
+ Organized awareness campaigns, blood drives and student leadership events such as Shades Olympiad and
Independence Day Celebration.
«Supported career and skill development sessions to guide students in academic and professional planning.
«Assisted in coordination, logistics
and reporting of events across multiple educational institutions.
«Part of outreach initiatives that impacted 30, 000+ individuals across 9 cities in Pakistan.

• Contribute to RETOs education and community programs including Smart Study, Self-Learners Initiative, Career
Guidance, and the Health Chapter.
• Organized awareness campaigns, blood drives and student leadership events such as Shades Olympiad and
Independence Day Celebration.
• Supported career and skill-development sessions to guide students in academic and professional planning.
• Assisted in coordination, logistics and reporting of events across multiple educational institutions.
• Part of outreach initiatives that impacted 30, 000+ individuals across 9 cities in Pakistan.