Mostafa K.
Durrani

Cybersecurity Engineer / Endpoint & Incident Response / Open to Opportunities

ISC2- and CompTIA-certified cybersecurity professional, with operational experience in endpoint security, incident response, and compliance auditing across mixed Linux and Windows Server environments.

↳ emailmostafa.k.durrani@gmail.com ↳ linkedin/in/mostafakdurrani ↳ phone+1 647 394 5690 ↳ resumeDownload PDF
// 01 Profile

Cybersecurity Professional, focused on
secure operations & incident response.

Operational For
Current Status

I work on the operational side of security — maintaining endpoint agent health, triaging alerts, and conducting compliance audits across multi-segment network infrastructure.

Day-to-day this means Trend Micro Deep Security operations, CIS benchmark audits, and root-cause analysis on incidents and degraded endpoints. I work primarily in mixed Linux and Windows Server environments.

ISC2 CC & CompTIA Security+ certified · BSc Computer Science, York University

// 02 Experience

Experience

Feb 2026 — Present
Active Full-time

Resident Engineer

Secure Networks · Lahore, PK
  • Managed endpoint security operations for ~150 servers across PITC's multi-segment infrastructure — maintaining agent health, policy compliance, and system availability across mixed Linux and Windows Server environments.
  • Monitored and triaged ~ 200 security events weekly across Integrity Monitoring, Log Inspection, Firewall, and IPS modules, investigating active reconnaissance probes, brute-force authentication attempts, and exploitation attempts.
  • Coordinated with SOC and IT teams on incident response and containment, performing root cause analysis to prevent recurrence.
  • Diagnosed and resolved Deep Security agent connectivity failures, policy conflicts, and multi-error states across distributed network segments, restoring managed status to degraded endpoints.
  • Delivered structured weekly and monthly operational reporting; maintained incident, system-change, and troubleshooting documentation.
Mar 2025 — Feb 2026
Full-time

Junior Cybersecurity Consultant

Softbiz Solutions · Plano, TX (Remote)
  • Conducted comprehensive information-system audits using Center for Internet Security (CIS) benchmarks to evaluate compliance and identify security gaps.
  • Deployed and configured 12 PowerEdge servers and SAN switches — physical rack installation, cabling, asset inventory, Proxmox cluster deployment, and decommissioning of legacy equipment.
  • Implemented and configured multi-factor authentication (MFA) protocols on high-risk PC and mobile endpoints.
Sep 2023 — Jun 2024
Part-time

Web Developer

Urban League of Canada · Toronto, ON
  • Built custom WordPress plugins to extend core platform features for a non-profit serving youth and senior wellness programs.
  • Wrote clean, maintainable HTML, CSS, and JavaScript across multiple ongoing projects, prioritizing accessibility and cross-browser stability.
  • Deployed updates to live production environments following strict security and review protocols.
Apr 2016 — Dec 2016
Part-time

Editor-in-Chief, School Magazine

Crescent College · Lahore, PK
  • Led the editorial team for the school magazine, reviewing written submissions and accompanying artwork for grammar, syntax, accuracy, and adherence to quality standards before publication.
  • Determined readiness of pieces for print, made editorial revisions, and approved final versions across each issue's production cycle.
  • Suggested edits to copy and artwork to improve readability, visual coherence, and overall reader impact.
Nov 2014 — Apr 2016
Part-time

Teacher's Assistant, Biology

Crescent College · Lahore, PK
  • Supervised examinations and practical labs, assisting instructors with test administration, grading, and exam-day logistics.
  • Supported curriculum and lesson plan development across subject areas, contributing materials and feedback during planning cycles.
  • Delivered personalized and small-group academic support to help students meet defined learning objectives.
// 03 Capabilities

Skills

Security Tools

/ 01
Trend Micro Deep Security Apex One Apex Central Deep Discovery Inspector CIS Benchmarks

Security Practices

/ 02
Endpoint Security Ops Incident Response IPS / IDS Monitoring Log Analysis & Inspection Threat Investigation Vulnerability Assessment MFA Implementation Agent Lifecycle Management

Systems & Infrastructure

/ 03
Linux — CentOS 6/7/8 Ubuntu Oracle Linux Windows Server 2008–2022 Proxmox Dell PowerEdge SAN Configuration

Networking

/ 04
TCP/IP Network Security Monitoring Firewall Rule Analysis Network Log Analysis

Scripting & Programming

/ 05
Python Bash PowerShell Java SQL
// 04 Credentials

Certifications & education

Certification

Certified in Cybersecurity (CC)

ISC2
Issued Feb 2025
Verify on Credly
Certification

Security+

CompTIA
Issued May 2026
Verify on CertMetrics
Education

BSc. Computer Science

York University · Toronto, ON
Oct 2024
// 05 Projects

Projects

Building
/ 01

Detection & Response Lab

Home-built SIEM with monitoring agents, honeypot, and red-team rig.

A small detection-and-response lab built for practising the full alert-to-triage-to-postmortem cycle end-to-end. A Wazuh SIEM aggregates telemetry from a Windows agent and a CentOS agent, with a honeypot drawing traffic and a Kali Linux attacker running controlled red-team exercises against the stack.

Wazuh CentOS Windows Server Kali Linux Honeypot SIEM
// 06 Interests

Other Interests

TTRPGs
Worldbuilder and DM, mostly D&D. Check out the wiki for my D&D campaign setting here.
Reading
Currently reading Glen Cook's The Black Company and Mark Fisher's Ghosts of My Life.
Movies
What I'm watching, tracked on Letterboxd at @khan_of_lahore.
Chess
Please don't ask me what my rating is.
Baking
Once you've tasted my lemon bars, you'll never settle for anything else... get the recipe here!
Thrifting
When I'm not hunting for threats I'm on the hunt for a good find.