Mosharrafa A.

Cybersecurity Analyst | Security Operations | Vulnerability Management | Threat Hunting | Nessus Tenable | Microsoft Defender for Endpoint | Microsoft Sentinel

Canada

About

I’m an IT and cybersecurity professional with hands-on experience across vulnerability management, security operations, cloud security, endpoint security, and IT support. In vulnerability management, I’ve worked with Tenable to assess and prioritize vulnerabilities across Windows and Linux environments, support DISA STIG compliance, and implement PowerShell-based remediation. Through this work, I contributed to reducing critical vulnerabilities by 100%, high vulnerabilities by 90%, and medium vulnerabilities by 77% for the server team. On the security operations side, I’ve used Microsoft Defender for Endpoint, Microsoft Sentinel, EDR tools, and KQL to investigate suspicious activity, hunt for Indicators of Compromise, analyze brute-force attempts, identify malicious traffic, and support incident response. I’ve also developed custom detection rules, built Sentinel dashboards, and helped reduce brute-force incidents by limiting unnecessary internet exposure through NSG and firewall controls. My background in IT support has also given me strong experience with Microsoft 365, Entra ID, Active Directory, Intune, MFA, VPN troubleshooting, user access, endpoint management, and service desk operations. That experience has taught me how important communication, documentation, trust, and business context are when solving security problems. I enjoy understanding how attacks happen, how they can be detected, and how security teams can reduce risk without creating unnecessary disruption for the business. I’m continuing to build deeper skills in threat hunting, incident response, SIEM, cloud security, vulnerability remediation, and security automation. Let's connect! Email: [email protected] Github: https://github.com/Mosharrafa

Experience

  • Cyber Security Analyst at LOG(N) Pacific
    Oct 2025 - Present · 10 mos

    Vulnerability Management • Conducted vulnerability scans, prepared detailed reports, and implemented PowerShell-based remediations, contributing to a 100% reduction in critical, 90% in high, and 77% in medium-severity vulnerabilities for the server team. • Performed vulnerability assessments, risk analysis, and remediation prioritization using Tenable across Windows and Linux environments. • Conducted secure configuration and DISA STIG compliance audits using Tenable to support security hardening and industry standards. • Automated vulnerability remediation and STIG implementation using PowerShell to accelerate the resolution of critical security findings. • Collaborated with technical and business stakeholders, emphasizing trust, transparency, risk communication, and alignment with business needs. Security Operations • Performed threat hunting using EDR tools to identify Indicators of Compromise (IoCs) related to brute-force attacks, data exfiltration, ransomware, and suspicious activities. • Designed, tested, documented, and published advanced threat-hunting scenarios for incident response tabletop exercises. • Developed custom detection rules in Microsoft Defender for Endpoint to support automated detection, investigation, and isolation of compromised systems. • Reduced brute-force incidents by 100% by implementing inbound Network Security Group (NSG) and firewall rules to limit unnecessary internet exposure. • Created Microsoft Sentinel dashboards and workbooks to monitor failed logons, malicious network traffic, suspicious activities, and threat intelligence indicators. • Used Kusto Query Language (KQL) to query and analyze SIEM and EDR logs for threat hunting, security investigations, and incident response. • Supported security operations through alert triage, log analysis, threat detection, incident investigation, remediation validation, and continuous improvement of detection and response capabilities.

  • IT service desk at Buchanan Technologies
    Oct 2021 - Jun 2026 · 4 yrs 9 mos

    Provide Tier 1 and Tier 2 technical support for end-user computing issues through phone, email, chat, and remote assistance. First point of contact for support requests, ensuring courteous, timely, and effective resolution. Diagnose and troubleshoot Office 365 administration issues, Active Directory user management, and VPN connectivity. Escalate complex issues to senior support teams while maintaining excellent communication with end users. Use remote desktop tools and diagnostic utilities to troubleshoot and resolve issues efficiently. Log, track, and resolve IT support tickets while maintaining high SLA standards. Document solutions and contribute to knowledge base articles for future troubleshooting. Provide training and guidance to new team members on IT support best practices.

  • Support Engineer,Network Operation Center at BDCOM ONLINE LTD.
    Dec 2015 - Apr 2017 · 1 yr 5 mos

    Responded to customer inquiries via phone and email, providing technical assistance and troubleshooting. Maintained detailed records of customer interactions, processed account updates, and managed documentation. Diagnosed and resolved internet bandwidth issues and network routing problems by implementing appropriate protocols. Monitored network and server status using specialized applications, identifying and escalating issues through a ticketing system. Assisted with system installations, updates, and configurations for end users. Resolved Level 1 and Level 2 technical issues related to software, hardware, and network connectivity. Ensured optimal system performance by monitoring and maintaining IT infrastructure, minimizing downtime.