Summary
Overview
Work History
Education
Skills
Websites
Certification
Research And Blogs
Timeline
Generic

Mheboobkhan Pathan

Cyber Threat Hunter
Hyderabad

Summary

Seasoned Cyber Threat Hunter and Incident Responder with over 8 years of experience in identifying, analyzing, and mitigating sophisticated cyber threats. Proficient in using advanced threat detection tools, conducting thorough investigations, and implementing robust security measures to safeguard critical information assets. Adept at incident response, threat intelligence analysis, and developing proactive strategies to prevent cyberattacks.

Overview

9
9
years of professional experience
4
4
years of post-secondary education
5
5
Certifications

Work History

O365D Threat Hunter II

Microsoft R&D
11.2022 - Current
  • Managed LLM performance evaluation and testing, identifying bugs and optimization opportunities. Provided actionable feedback to engineering teams, enhancing model efficiency and reliability in production environments.
  • Currently, I serve as an Incident Responder and threat hunter for Microsoft's MXDR services. Which is an advanced incident response & threat hunting services enrolled by multiple customers across the spectrum of working sector.
  • My primary duties include investigating, triaging, and responding to security incidents across various customer tenants. I have in depth knowledge of phishing, ransomware and other sophisticated attacks and their remediation.
  • Additionally, I am responsible for testing, validating, and enhancing the Security Copilot tool for XDR operations. I have developed multiple plugins and project ideas to expand the capabilities of LLM in BAU.
  • I have been a part of CFS (Copilot for security) V-Team member, as a part of member I have proposed multiple ideas which are discussed at leadership level for incorporation and efficient utilization of LLM.
  • I also oversee the User Acceptance Testing (UAT) of the CMS tool and develop strategies to optimize process efficiency. Which has give me exposure to product management lifecycle and change management process.

Sr Support Analyst

Nomura Holdings
06.2022 - 11.2022
  • Develop advanced threat hunting strategies based on the different methodologies of the threat hunting like PoP(Pyramid of pain) and Diamond model.
  • Guide a team in executing a successful threat hunting program. This enabled organization to move one step ahead in the threat hunting maturity, by moving from purely intel based hunting to IoA, TTP based hunting.
  • Coordinate and execute purple team exercises.
  • Develop advanced threat detection logic and queries using Splunk, Elastic, and Crowdstrike.
  • Integrate advanced threat hunting into daily operations using machine learning (ML) and artificial intelligence (AI).
  • Participating in incident response if there is major incident.
  • Tools: Splunk, SEIM, Python

Security Consultant

IBM India
03.2020 - 06.2022
  • Conduct regular threat hunting activities within network environments. This led to the discovery of multiple hidden threats which are undetected by the current security products, thus protected organization from monetary and reputation loss.
  • Led a team of four members to conduct threat hunting in the customer environment.
  • Mapping threat on the MITRE ATT&CK framework against the organization's threat landscape, to deliver the constant picture of attack surface and keep guarding the weak areas.
  • Collect and analyze threat intelligence, including new attack vectors and APT campaigns, extracting indicators of attack (IOA) and compromise (IOC).
  • Perform threat modeling to understand both external and internal attack surfaces, facilitating the development of precise threat hunting hypotheses.
  • Develop use-cases from hunting results to enhance the organization's detection capabilities.
  • Collaborate with the incident response team to eradicate threats identified during hunts and conduct root cause analysis (RCA).
  • Prepare detailed reports and monthly presentations of hunt results for executive management review.
  • Tools: Qradar, TIP(Cyware), AQL, Sysmon, YARA

InfoSec Admin

NetConnect Pvt Ltd
11.2018 - 03.2020
  • Develop specific content to meet the organization's security operations goals, including creating content-specific queries, templates, reports, rules, alerts, dashboards, and workflows.
  • Develop, implement, and configure guides for the operations support team.
  • Successfully migrated endpoints from Trend Micro to Sophos.
  • Analyze and resolve complex technical issues.
  • Diagnose customer issues, identify problem areas, design innovative solutions, and facilitate deployment, resulting in high client satisfaction.
  • Contribute to unit-level and organizational initiatives.

Antivirus Admin

IDC Technologies
11.2018 - 03.2020
  • Deploy antivirus patches on endpoint devices.
  • Regularly monitor updates of antivirus signatures on all scoped devices.
  • Troubleshoot antivirus-related issues via the central console on endpoints.
  • Collect and analyze logs.
  • Prepare, maintain, and update SOPs, weekly compliance reports, and risk reports.

Desktop Support Engineer

ITSource Technologies
03.2016 - 07.2017
  • Maintain compliance of antivirus (AV) systems.
  • Troubleshoot agent issues.
  • Resolve user issues remotely and coordinate with the OEM.

Education

B.E. - Electronics

M.H. Saboo Siddik College of Engg.
Mumbai, India
01.2011 - 01.2015

Skills

  • AI Ops (LLM Project management)

  • Threat Hunting

  • Team Lead

  • Threat Detection

  • Operations

  • Incident Response

  • SOC

Certification

CISSP by ISC2, 2024-06-26, 2027-06-30

Research And Blogs

Authored technical blogs on topics such as Threat hunting, Machine Learning and Malware analysis demonstrating expertise in cybersecurity and emerging trends.

https://whiteheart0.medium.com/


Timeline

O365D Threat Hunter II

Microsoft R&D
11.2022 - Current

Sr Support Analyst

Nomura Holdings
06.2022 - 11.2022

Security Consultant

IBM India
03.2020 - 06.2022

InfoSec Admin

NetConnect Pvt Ltd
11.2018 - 03.2020

Antivirus Admin

IDC Technologies
11.2018 - 03.2020

Desktop Support Engineer

ITSource Technologies
03.2016 - 07.2017

B.E. - Electronics

M.H. Saboo Siddik College of Engg.
01.2011 - 01.2015
Mheboobkhan PathanCyber Threat Hunter