Yasir Khan
Riyadh
Summary
Experienced Cybersecurity Engineer with comprehensive understanding of network architectures, security protocols, and risk assessment methodologies. Proven strengths include vulnerability analysis, threat mitigation and cyber incident response. Demonstrated impact in previous roles includes successful implementation of sophisticated security solutions to safeguard company data and infrastructure.
Overview
9
9
years of professional experience
1
1
Certification
Work History
Cybersecurity Engineer
Leejam Sports Company
Riyadh
03.2024 - Current
- Successfully implemented multi-factor authentication and single sign-on for over 3,000 users.
- Executed privileged access management solution based on vendor analysis and proof of concept results.
- Rolled out vulnerability management solution after comprehensive vendor assessment.
- Implemented endpoint detection capabilities for 3,000 users to improve threat response.
- Participated and implemented PDPL project
- Conducted security awareness campaigns assured the effectiveness of the program.
- Managed and protected Email security Gateway to protect against external threat sources. Ran a proactive incident response against imminent email threats.
- Managed day-to-day security operations, monitoring systems for threats, vulnerabilities, and unusual activity to ensure a secure IT environment.
- Protected Leejam’s security infrastructure by deploying advanced threat detection and prevention technologies.
- Enhanced Leejam’s security posture by implementing proactive measures and refining existing security protocols.
- Configured and maintained Cloudflare WAF to safeguard web applications against attacks, such as DDoS, SQL injection, and cross-site scripting (XSS).
- Deployed and managed email security solutions, ensuring protection against phishing, spam, and malicious attachments.
- Administered endpoint protection tools to defend against malware, ransomware, and other endpoint-based threats.
- Led incident response efforts, containing and mitigating security incidents, while documenting lessons learned to improve response plans.
- Conducted comprehensive security assessments and gap analyses, identifying vulnerabilities, and recommending actionable remediation strategies.
- Developed and enforced cybersecurity policies and procedures to align with industry standards and best practices, ensuring compliance with regulatory requirements.
Cybersecurity Engineer
Digital Technology Co
Jeddah
01.2018 - 02.2024
- Managed comprehensive threat management processes, including real-time monitoring and response.
- Implemented FortiAnalyzer and FortiManager for log analysis, threat detection, and incident resolution.
- Conducted penetration tests to assess vulnerabilities and provided remediation strategies.
- Designed and enforced secure network access policies to mitigate internal and external risks.
- Coordinated with clients on cybersecurity gap analysis, compliance requirements, and risk assessments.
- Configured and managed firewalls, including advanced threat protection and intrusion prevention systems (IPS).
- Deployed and optimized Web Application Firewalls (WAF) to safeguard online assets.
- Conducted security audits to ensure alignment with cybersecurity frameworks (e.g., CITC ISP Cybersecurity Framework).
- Delivered comprehensive reports on vulnerabilities and advised on mitigation measures.
Network Security Team Lead
Perfect Projects Co
Jeddah
04.2016 - 12.2017
- Led the incident response team to address critical network and security breaches.
- Oversaw the implementation of advanced network security policies and access control lists (ACLs).
- Conducted security assessments and implemented disaster recovery protocols for network infrastructure.
- Configured and managed VPNs (IPSec, SSL) and authentication systems (AAA with TACACS+ and RADIUS).
- Performed regular security audits on Cisco devices, ensuring compliance with industry standards.
- Collaborated with cross-functional teams to resolve security issues, and deliver secure solutions.
Education
MBA -
Cardiff Metropolitan University
United Kingdom02-2011
Skills
- Vulnerability management
- Endpoint protection
- Threat detection
- Incident response
- Web application firewalls
- Network security
- Security assessments
- Risk assessment
- Email Security
- Multi-factor authentication and SSO
- Security Awareness and Training
- Regulatory compliance(CITC and NCA)
- Encryption techniques
- Deployment and management of DLP solutions
- Security testing
Hands On Technologies
Saviynt, Cisco DUO, Forticlient EMS, Qualys, Trend Micro, Cloudflare, Tenable Nessus, Wazuh, Metasploit, Burp Suite, Wireshark, Nessus, OpenVAS, Cisco, Barracuda, FortiAnalyzer, Symantec DLP, Cybersecurity Frameworks, FortiGate, FortiWAF, VPN, SD-WAN, SAML, Encryption
Certification
- CISSP (Ongoing)
- Fortinet Network Security Professional (NSE4)
- CompTIA PenTest+
- AWS Certified Solutions Architect (SAA-C02)
- CISCO Certified Network Professional (CCNP 350-401)
- CISCO Certified Network Associate (CCNA 200-125)
- Juniper Networks Certified Associate (JNCIA)
Timeline
Cybersecurity Engineer
Leejam Sports Company
03.2024 - Current
Cybersecurity Engineer
Digital Technology Co
01.2018 - 02.2024
Network Security Team Lead
Perfect Projects Co
04.2016 - 12.2017
MBA -
Cardiff Metropolitan University
Similar Profiles
Mahdi BalharithMahdi Balharith
Treasury Accountant at Leejam Sports Company ( Fitness Time )Treasury Accountant at Leejam Sports Company ( Fitness Time )
Oumaima FoughaliOumaima Foughali
Area business manager at Leejam Sports CompanyArea business manager at Leejam Sports Company
Amjad Khan MohammedAmjad Khan Mohammed
IT Security Engineer at Leejam Sports CompanyIT Security Engineer at Leejam Sports Company
Shahad AltamimiShahad Altamimi
Restaurant Manager in Charge at Naif Alrajihi InvestmentRestaurant Manager in Charge at Naif Alrajihi Investment
Renad AldosariRenad Aldosari
Accountant at Veolia water technologyAccountant at Veolia water technology