Summary
Overview
Work history
Education
Skills
Certification
TOOLS & TECHNOLOGIES
AVAILABILITY
Timeline
Generic

HASSAM KAFAIT

London

Summary

Experienced security operations professional with expertise in SaaS and cloud environments, specialising in SOC alert triage, external SOC coordination, and alignment with ISO and NIST frameworks. Proficient in AWS cloud security, identity and access management (IAM), and security monitoring tools such as Splunk and EDR. Skilled in risk assessments, control testing, audit evidence preparation, and the development of security policies, standards, and procedures. Adept at process automation using Python and PowerShell to enhance workflow efficiency. Strong background in stakeholder engagement and providing strategic security advisory services to drive continuous improvement in organisational security posture.

Overview

8
8
years of professional experience
2023
2023
years of post-secondary education
1
1
Certification

Work history

Information Security Analyst

Capital Dairy LTD
London
2022.12 - 2026.02
  • Act as a trusted security point of contact supporting day-to-day information security operations in a growing, business-critical environment.
  • Triage and investigate security alerts, malware detections, and anomalous activity, working with third-party IT and security providers to drive remediation.
  • Coordinate with internal technical teams to prioritise and resolve security issues without disrupting business operations.
  • Implemented and maintained core security controls including endpoint protection, access management, logging, and email security.
  • Authored, reviewed, and maintained security policies, standards, and procedures aligned with ISO 27002 principles.
  • Supported internal risk assessments, control reviews, and audit evidence collection to improve compliance maturity.
  • Performed access reviews and enforced role-based access control (RBAC), supporting secure joiner-mover-leaver processes.
  • Regularly communicated security risks and recommendations to non-technical stakeholders in clear, practical terms.
  • Impact:
  • Helped move the organisation toward a more structured, audit-ready security posture.
  • Improved visibility and accountability across security monitoring and access controls.

Cyber Security Engineer

Technobiz Solutions
Lahore
2021.01 - 2021.11
  • Supported multiple client environments in a SOC-style operating model, analysing security alerts and events using SIEM tooling (Splunk).
  • Worked alongside external stakeholders and engineering teams to investigate incidents and coordinate timely remediation.
  • Contributed to the implementation of security controls aligned with regulatory and compliance requirements.
  • Tested and refined incident response playbooks, helping improve detection and response consistency.
  • Delivered consultative security guidance to customers, translating technical findings into actionable business advice.
  • Deployed and managed EDR solutions across endpoints and servers.
  • Impact:
  • Improved client confidence in security monitoring and incident handling processes.
  • Strengthened alignment between security operations and compliance expectations.

Network Security Engineer

Hubul Textile (PVT) Limited
2019.09 - 2020.12
  • Designed, implemented, and maintained LAN/WAN security controls including firewalls, IDS/IPS, and VPNs.
  • Conducted vulnerability assessments and penetration testing to identify and remediate security weaknesses.
  • Implemented disaster recovery strategies and intrusion detection mechanisms.
  • Managed Active Directory security, auditing user permissions and access rights.
  • Delivered security awareness workshops to non-technical employees.

Network Security Engineer Intern

PTCL
Gujrat
2018.06 - 2019.08
  • Assisted with network routing, VoIP maintenance, and network troubleshooting.
  • Supported public-sector network operations and ensured availability of voice and data services.

Education

MSc - Computer Forensics & Cyber Security

University of Greenwich
London

BSc - Electrical (Telecommunication) Engineering

COMSATS University
Pakistan

Skills

  • Security Operations in SaaS & Cloud Environments
  • SOC Alert Triage & External SOC Coordination
  • ISO / ISO Implementation & Continuous Improvement
  • SOC & NIST Framework Alignment (practical exposure)
  • Risk Assessments, Control Testing & Audit Evidence
  • Security Policies, Standards & Procedures
  • AWS Cloud Security (IAM, Logging, Network Security)
  • Identity & Access Management (MFA, RBAC, Joiner-Mover-Leaver)
  • Security Monitoring & Logging (Splunk, EDR)
  • Process Automation & Workflow Improvement (Python, PowerShell)
  • Stakeholder Engagement & Security Advisory

Certification

  • CEH – Certified Ethical Hacker
  • CCNA (Routing & Switching)
  • CCNP (Security, Collaboration, VoIP)
  • CISSP (Training)
  • Sophos EDR Certification
  • Cisco ISE & Nexus Switching

TOOLS & TECHNOLOGIES

  • Cloud: AWS, Google Workspace
  • SIEM & Monitoring: Splunk
  • EDR: Sophos, Trend Micro
  • Security Tools: Nessus, Nmap, Burp Suite, Kali Linux
  • Threat Intelligence: VirusTotal, OpenCTI
  • Automation: Python, PowerShell, Bash

AVAILABILITY

Hybrid-ready | London-based | Comfortable with audit support and cross-office collaboration

Timeline

Information Security Analyst

Capital Dairy LTD
2022.12 - 2026.02

Cyber Security Engineer

Technobiz Solutions
2021.01 - 2021.11

Network Security Engineer

Hubul Textile (PVT) Limited
2019.09 - 2020.12

Network Security Engineer Intern

PTCL
2018.06 - 2019.08

BSc - Electrical (Telecommunication) Engineering

COMSATS University

MSc - Computer Forensics & Cyber Security

University of Greenwich

Similar Profiles

Create profile
HASSAM KAFAIT