Red River College Polytechnic
Red River College Polytechnic
Log in Sign up
Mahrukh Amir
Learner - She / Her
(1)
5
Location
Calgary, Alberta, Canada
Portals
Categories
Security (cybersecurity and IT security)

Skills

Audit processes 1 Project management 1 Vulnerability 1

Socials

Achievements

View all
Work-Integrated Learner
Issued by Riipen
The Work-Integrated Learner achievement is awarded to learners who applied their skills to a real-world problem by completing a project for an external partner. These learners provided real benefit to businesses while developing experience.
Completed on March 2, 2024
Community Builder
Issued by Riipen
The Community Builder achievement is awarded to learners who provided feedback to project partners at the conclusion of their project, helping to create a better experiential learning ecosystem for all participants.
Completed on January 9, 2024
ICT Ignite Skills
Issued by ICT Ignite Skills - Digital Tech Projects
Awarded for successful completion of an ICT Ignite Skills employer project.
Completed on January 5, 2024

Latest feedback

View all
Nadia Hosseinzadeh
Project Manager
January 9, 2024
Team feedback
Great team to work with very communicative and knowledge
Project management Audit processes Vulnerability
ICT Ignite
ICT Ignite Skills - Digital Tech Projects
ICT Ignite
Appy.Yo
Appy.Yo Cybersecurity
Appy.Yo

Recent projects

View all
Appy.Yo
Appy.Yo
Toronto, Ontario, Canada

Appy.Yo Cybersecurity

The primary objective is for learners (students) to conduct a comprehensive security assessment. Under the guidance of the project manager, they will identify and address potential security vulnerabilities, evaluating the selected security area of the chosen application through an audit process to enhance security posture and compliance.

Matches 2
Category Security (cybersecurity and IT security)
Closed

Work experience

Cybersecurity Analyst
Iron Spear Information Securty
Calgary, Alberta, Canada
September 2022 - July 2023

-Contributed to enhancing the clients' security posture and mitigating potential cyber threats.
-Demonstrated knowledge of ISO 27002:2022 - Information security controls, NIST 800-37, Risk Management Framework (RMF) and NIST 800-53 security controls.
-Proficient in performing root cause analysis activities across multiple platforms, including Windows, Mac, and Linux/Unix estates using Critical thinking and Problem-solving skill set.
-Experienced in utilizing various tools for conducting large-scale investigations and examining endpoint and network-based evidence.
-Developed and continuously improved incident response (IR) plans and countermeasures. Including developing a playbook.
-Provided written and verbal communications, recommendations, and findings to customers and stakeholders in the form of assessment reports.
-Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, DMZ, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solution.
-Knowledgeable in recognizing attacker tools, tactics, and procedures (TTP) that can be applied to current and future investigations.
-Collaborated with security and IT teams to implement remediation plans in response to security incidents.
-Skilled in conducting vulnerability assessments, system hardening, and monitoring of Linux and Windows systems.
-Background in identity and access management (IAM), encryption, multi-factor authentication, and SIEM.
-Skilled in using Python, Shell/Bash, and PowerShell to automate security solutions and ensure operational efficiency
Security Analyst/ Penetration Tester Intern
S01ve Cyber Solutions
Calgary, Alberta, Canada
January 2022 - May 2022

-Researched and developed new methods to discover and test vulnerabilities in IT systems.
-Performed hands-on testing using real-world attack techniques, build exploitation -Proof of Concepts (POC), in-depth technology assessments and proposed solutions to newly discovered security flaws.
-Learned Phishing Campaign and how to protect employees from being victims of phishing email.
-Worked on open-source Intelligence (OSINT).
-Reviewed changes in the IT environment to protect against new security risks.
-Developed plans to safeguard critical business data against accidental or unauthorized modification, or disclosure.
-Collaborated and consulted solution architects, solutions integrators, principal consultants, project managers, system administrators and network specialists in operational teams.

Education

Cybersecurity, Information Security
Toronto Metropolitan University
October 2022 - April 2023