Mheboobkhan Pathan
Cyber Threat Hunter
Hyderabad
Summary
Seasoned Cyber Threat Hunter and Incident Responder with over 8 years of experience in identifying, analyzing, and mitigating sophisticated cyber threats. Proficient in using advanced threat detection tools, conducting thorough investigations, and implementing robust security measures to safeguard critical information assets. Adept at incident response, threat intelligence analysis, and developing proactive strategies to prevent cyberattacks.
Overview
9
9
years of professional experience
4
4
years of post-secondary education
5
5
Certifications
Work History
O365D Threat Hunter II
Microsoft R&D
11.2022 - Current
- Managed LLM performance evaluation and testing, identifying bugs and optimization opportunities. Provided actionable feedback to engineering teams, enhancing model efficiency and reliability in production environments.
- Currently, I serve as an Incident Responder and threat hunter for Microsoft's MXDR services. Which is an advanced incident response & threat hunting services enrolled by multiple customers across the spectrum of working sector.
- My primary duties include investigating, triaging, and responding to security incidents across various customer tenants. I have in depth knowledge of phishing, ransomware and other sophisticated attacks and their remediation.
- Additionally, I am responsible for testing, validating, and enhancing the Security Copilot tool for XDR operations. I have developed multiple plugins and project ideas to expand the capabilities of LLM in BAU.
- I have been a part of CFS (Copilot for security) V-Team member, as a part of member I have proposed multiple ideas which are discussed at leadership level for incorporation and efficient utilization of LLM.
- I also oversee the User Acceptance Testing (UAT) of the CMS tool and develop strategies to optimize process efficiency. Which has give me exposure to product management lifecycle and change management process.
Sr Support Analyst
Nomura Holdings
06.2022 - 11.2022
- Develop advanced threat hunting strategies based on the different methodologies of the threat hunting like PoP(Pyramid of pain) and Diamond model.
- Guide a team in executing a successful threat hunting program. This enabled organization to move one step ahead in the threat hunting maturity, by moving from purely intel based hunting to IoA, TTP based hunting.
- Coordinate and execute purple team exercises.
- Develop advanced threat detection logic and queries using Splunk, Elastic, and Crowdstrike.
- Integrate advanced threat hunting into daily operations using machine learning (ML) and artificial intelligence (AI).
- Participating in incident response if there is major incident.
- Tools: Splunk, SEIM, Python
Security Consultant
IBM India
03.2020 - 06.2022
- Conduct regular threat hunting activities within network environments. This led to the discovery of multiple hidden threats which are undetected by the current security products, thus protected organization from monetary and reputation loss.
- Led a team of four members to conduct threat hunting in the customer environment.
- Mapping threat on the MITRE ATT&CK framework against the organization's threat landscape, to deliver the constant picture of attack surface and keep guarding the weak areas.
- Collect and analyze threat intelligence, including new attack vectors and APT campaigns, extracting indicators of attack (IOA) and compromise (IOC).
- Perform threat modeling to understand both external and internal attack surfaces, facilitating the development of precise threat hunting hypotheses.
- Develop use-cases from hunting results to enhance the organization's detection capabilities.
- Collaborate with the incident response team to eradicate threats identified during hunts and conduct root cause analysis (RCA).
- Prepare detailed reports and monthly presentations of hunt results for executive management review.
- Tools: Qradar, TIP(Cyware), AQL, Sysmon, YARA
InfoSec Admin
NetConnect Pvt Ltd
11.2018 - 03.2020
- Develop specific content to meet the organization's security operations goals, including creating content-specific queries, templates, reports, rules, alerts, dashboards, and workflows.
- Develop, implement, and configure guides for the operations support team.
- Successfully migrated endpoints from Trend Micro to Sophos.
- Analyze and resolve complex technical issues.
- Diagnose customer issues, identify problem areas, design innovative solutions, and facilitate deployment, resulting in high client satisfaction.
- Contribute to unit-level and organizational initiatives.
Antivirus Admin
IDC Technologies
11.2018 - 03.2020
- Deploy antivirus patches on endpoint devices.
- Regularly monitor updates of antivirus signatures on all scoped devices.
- Troubleshoot antivirus-related issues via the central console on endpoints.
- Collect and analyze logs.
- Prepare, maintain, and update SOPs, weekly compliance reports, and risk reports.
Desktop Support Engineer
ITSource Technologies
03.2016 - 07.2017
- Maintain compliance of antivirus (AV) systems.
- Troubleshoot agent issues.
- Resolve user issues remotely and coordinate with the OEM.
Education
B.E. - Electronics
M.H. Saboo Siddik College of Engg.
Mumbai, India 01.2011 - 01.2015
Skills
- AI Ops (LLM Project management)
- Threat Hunting
- Team Lead
- Threat Detection
- Operations
- Incident Response
- SOC
Certification
CISSP by ISC2, 2024-06-26, 2027-06-30
Research And Blogs
Authored technical blogs on topics such as Threat hunting, Machine Learning and Malware analysis demonstrating expertise in cybersecurity and emerging trends.
https://whiteheart0.medium.com/
Timeline
O365D Threat Hunter II
Microsoft R&D
11.2022 - Current
Sr Support Analyst
Nomura Holdings
06.2022 - 11.2022
Security Consultant
IBM India
03.2020 - 06.2022
InfoSec Admin
NetConnect Pvt Ltd
11.2018 - 03.2020
Antivirus Admin
IDC Technologies
11.2018 - 03.2020
Desktop Support Engineer
ITSource Technologies
03.2016 - 07.2017
B.E. - Electronics
M.H. Saboo Siddik College of Engg.
01.2011 - 01.2015
Similar Profiles
Tejas LunawatTejas Lunawat
SDET-2 at Microsoft R&DSDET-2 at Microsoft R&D
Teena AgrawalTeena Agrawal
Software Developer at Microsoft R&DSoftware Developer at Microsoft R&D
Mabel LiMabel Li
Business Support & GM Asssitant & EA at Microsoft Asia Pacific Corporation & Microsoft Open TechnologiesBusiness Support & GM Asssitant & EA at Microsoft Asia Pacific Corporation & Microsoft Open Technologies
Divya NelaturiDivya Nelaturi
Medical Coder at Augustus Health CareMedical Coder at Augustus Health Care
JEEVAN KUMAR PERIKALAJEEVAN KUMAR PERIKALA
Data Engineer at Suncorp InsuranceData Engineer at Suncorp Insurance