profile image

About

Hi
I'm Hassan & I am a

I am a dedicated Cybersecurity professional with a robust background in Cybersecurity, cloud computing, and networking. Currently pursuing a degree in Information Technology with a concentration in Cybersecurity. I've honed my skills through hands-on experience and various certifications, including CompTIA CySA+, CompTIA PenTest+, SBT BTL1, and AWS Certified Solutions Architect Associate.

With a strong focus on proactive defense strategies and a keen understanding of cybersecurity frameworks, I am passionate about identifying and mitigating threats to protect critical infrastructures. My goal is to become a Cyber Defense Analyst at a government agency, where I can leverage my technical expertise to fortify digital defenses and contribute to national security.

My skills

My goal is to fortify organizational security by leveraging my expertise in cybersecurity analysis, threat intelligence, vulnerability management and more.

I employ advanced tools and frameworks to detect, prevent, and respond to sophisticated cyber threats, ensuring the protection of critical infrastructure and sensitive information.

Cybersecurity Expertise:

    • Cybersecurity Analysis:
      • Conduct real-time monitoring and deep analysis of network traffic using advanced SIEM solutions (e.g., Splunk) to identify and mitigate potential security incidents.
      • Perform in-depth forensic analysis on compromised systems to determine the root cause and extent of breaches.
      • Develop, implement, and enforce security policies, protocols, and incident response procedures to protect critical infrastructure.
      • Execute regular vulnerability assessments, risk analysis, and compliance audits to ensure adherence to stringent security standards.
      • Tools: Splunk, Wireshark, Nessus, OpenVAS, Autopsy, FTK Imager, Volatility, Sigma, Event Viewer
    • Threat Intelligence:
      • Lead the collection, analysis, and dissemination of actionable intelligence to preempt and neutralize advanced persistent threats (APTs).
      • Apply the MITRE ATT&CK framework, Lockheed Martin Cyber Kill Chain, and the Diamond Model of Intrusion Analysis to map adversary tactics, techniques, and procedures (TTPs) to defense strategies.
      • Implement and manage Yara rules for sophisticated malware detection and proactive threat hunting in large-scale environments.
      • Utilize advanced open-source intelligence (OSINT) and proprietary tools to build a comprehensive threat landscape and support strategic decision-making.
      • Collaborate with intelligence agencies and cybersecurity teams to share critical threat intelligence and strengthen national security posture (MISP).
      • Tools: MITRE ATT&CK, MISP, Lockheed Martin Cyber Kill Chain, Diamond Model of Intrusion Analysis, OpenCTI, PhishTool, VirusTotal
    • Vulnerability Management:
      • Expertise in conducting comprehensive vulnerability assessments and implementing remediation plans.
      • Experience with automated vulnerability scanning, patch management, and compliance audits.
      • Tools: Nessus, OpenVAS, QualysGuard, Nmap
    • Incident Response, Digital Forensics & Malware Analysis:
      • Proficient in rapid incident detection, containment, and eradication using methodologies like NIST SP 800-61r2.
      • Skilled in forensic data collection, analysis, and reporting to support legal and regulatory requirements.
      • Expertise in reverse engineering malware, analyzing malicious code, and developing Yara rules for threat detection.
      • Tools: Splunk, Snort, Autopsy, Volatility, FTK Imager, Scalpel, KAPE, PECmd, JumpList Explorer, Browser History Capturer, Browser History Viewer, Windows File Analyzer, IBM Resilient, TheHive, Ghidra, IDA Pro, Yara, ProcDump
    • Penetration Testing & Ethical Hacking:
      • Strong abilities in simulating real-world attacks to identify and exploit system vulnerabilities.
      • Proficient in developing custom scripts and tools to augment penetration testing efforts.
      • Tools: Kali Linux, Nmap, Metasploit, Burp Suite, Nessus, OWASP ZAP
    • Security Operations & SIEM:
      • Expertise in monitoring and analyzing networks for security compromises and responding to security events.
      • Tools: Splunk, ELK Stack (Elasticsearch, Logstash, Kibana), ArcSight, IBM QRadar, Graylog, LogRhythm
    • Network Security:
      • Deep understanding of network security principles, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, encryption, and TLS.
      • Tools: Snort, Suricata, Zeek, Wireshark
    • Governance, Risk, and Compliance (GRC):
      • Strong knowledge of cybersecurity frameworks and regulations, including NIST Cybersecurity Framework, ISO/IEC 27001, STIG, OWASP, and CIS Controls.
      • Standards: NIST SP 800-53, ISO/IEC 27000 Series, STIG, OWASP Top 10, CIS Controls, PCI DSS, GDPR

  • splunk
  • kali
  • aws
  • wireshark
  • metasploit
  • hashcat
  • hive
WHAT MAKES ME QUALIFIED?

Education & Certifications

  • B.S. Information Technology | Concentration: Cyber Security
    — George Mason University

    gmu logo Expected Graduation Date: May 2025 | In Progress

  • CompTIA CySA+ (Cybersecurity Analyst+):
    — Cybersecurity Certification

    cert Issued May 2024 Credly

  • Security Blue Team - Blue Team Level 1 (BTL1)
    — Cybersecurity Certification

    cert Issued July 2024 Credly

  • CompTIA Network+
    — Networking Certification

    cert Issued March 2024 Credly

  • CompTIA A+
    — IT Certification

    cert Issued August 2024 Credly

  • Microsoft SC-900 (Security, Compliance, and Identity Fundamentals)
    — Cloud Certification

    cert Issued August 2024 Credly

  • CompTIA PenTest+
    — Cybersecurity Certification

    cert Issued May 2024 Credly

  • CompTIA Security+
    — Cybersecurity Certification

    cert Issued August 2023 Credly

  • AWS Certified Solutions Architect Associate
    — Cloud Certification

    cert Issued June 2024 Credly

  • AWS Certified Cloud Practitioner
    — Cloud Certification

    cert Issued April 2024 Credly

  • Microsoft AZ-900 (Azure Fundamentals)
    — Cloud Certification

    cert Issued August 2024 Credly

PROFESSIONAL EXPERIENCE

IT Support Center Analyst

George Mason University Information Technology Services | March 2023 - Dec 2024

• Provided technical support to over 30,000 students and faculty, resolving connectivity issues, account problems, and software malfunctions.
• Recognized as a top performer on the team, completing the highest volume of support tickets with high accuracy.
• Utilized TDX (similar to ServiceNow) to log, track, and resolve over 700 service tickets.
• Achieved a perfect first call resolution rate of 100%, surpassing the departmental goal of 70% and demonstrating exceptional proficiency in resolving issues on the initial call.
• Coordinated with Cybersecurity, Networking, and IT Operations teams to mitigate security threats, assist in incident response, and improve overall organizational security posture.
• Implemented and supported multi-factor authentication (MFA) for enhanced account security using Duo Admin.
• Collaborated with the IT Security Operations team to identify and escalate potential security incidents, ensuring prompt response and resolution to minimize downtime and mitigate data breaches.
• Facilitated Cybersecurity Awareness training for team members, enhancing their understanding of security best practices.
• Assisted users in identifying and mitigating malware infections and provided education on phishing campaign tactics and prevention.

Projects

Full Stack Application - LAMP Stack - Application Security (Jan 2024 - May 2024)

Created a LAMP (Linux, Apache, MySQL, Python) stack application:

  • Virtualization with VirtualBox & Ubuntu Distro: Employed VirtualBox to create virtualized environments and deployed Ubuntu distributions to simulate real-world server configurations
  • System Hardening for Database and Web Server Security: Implemented rigorous system hardening measures to secure the database and web server components of the LAMP stack
  • Penetration Testing with Kali Linux: Conducted penetration testing on the LAMP application, employing a variety of ethical hacking techniques to identify and remediate potential security vulnerabilities.
  • Security Control Frameworks: Implemented industry-standard security control frameworks such as Security Technical Implementation Guide (STIG), Center for Internet Security (CIS) Controls, and OWASP Top 10 to ensure compliance with best practices
  • Vulnerability Assessment with Nessus: Leveraged Nessus on Ubuntu VM to perform a credentialed vulnerability scan and validated the vulnerability report.
  • Security Information and Event Management (SIEM) with Splunk: Utilized Splunk for real-time analysis of system logs and data, integrating Snort IDS and configured a real-time alert rule to promptly detect and respond to ICMP traffic, enhancing the overall security posture of the network.
lampstackproject

LAMP




APT 29 Intrusion Analysis and Security Controls Implementation (Jan 2024 - May 2024)

Through this project, gained practical experience in threat analysis, intrusion detection, and security control design, enhancing proficiency in cybersecurity methodologies and best practices.

  • Cyber Threat Intelligence Frameworks: Leveraged the Lockheed Cyber Kill Chain, Diamond Model of Intrusion Analysis, and MITRE ATT&CK framework to comprehensively analyze APT 29's intrusion activities. Mapped TTPs and indicators of compromise (IOCs) to the MITRE ATT&CK framework for enhanced threat understanding
  • Security Controls Design: Evaluated existing security controls and proposed enhancements to mitigate APT 29's TTPs
  • Yara Rule Development: Developed a basic Yara rule to detect specific IOCs associated with APT 29
  • Report Presentation: Presented findings and recommendations in a comprehensive report
project1

APT 29



Contact Me

Email: hassanmraja3@gmail.com
LinkedIn: Hassan M. Raja
Discord: hassanmraja