Abdul Syed
Verified Expert in Engineering
Cybersecurity Consultant and Developer
Victoria, BC, Canada
Toptal member since April 3, 2026
Abdul is a cybersecurity expert and CISM-certified professional specializing in threat detection, incident response, GRC, security architecture, application security, and AI-driven security solutions. With a master's in engineering and 10+ years of experience in enterprise environments, he delivers practical, results-driven security solutions. Clients trust Abdul to find and fix vulnerabilities, reduce risk, and build resilient defenses from day 1.
Portfolio
Experience
- Incident Response - 8 years
- Artificial Intelligence (AI) - 8 years
- Cybersecurity Operations - 7 years
- Microsoft Defender XDR - 7 years
- Sentinel - 5 years
- Security Monitoring & Threat Protection - 5 years
- Machine Learning - 5 years
- AI Agent Security - 3 years
Preferred Environment
Windows, Ubuntu Linux, Python, Microsoft Defender XDR, Sentinel, IT Security, Penetration Testing, Playbook, Mobile App Security
The most amazing...
...security platform I've built is Indus Shield—an AI-powered XDR/SIEM solution that automates threat detection across enterprise environments.
Work Experience
Security Engineer
Camosun
- Led incident response operations as Incident Commander, reducing mean time to containment across security events by coordinating cross-functional response teams.
- Deployed and tuned Microsoft Sentinel SIEM, building custom KQL detection rules that reduced false positives by 40% and improved threat visibility.
- Mentored and coordinated SOC team members on incident handling procedures, threat hunting techniques, and security tool usage to elevate team capability.
- Triaged 100+ security incidents monthly using Microsoft Defender XDR and CrowdStrike, ensuring rapid escalation and resolution within defined SLA windows.
- Implemented data-loss prevention (DLP) policies and security controls across enterprise systems, reducing data exposure risk and ensuring compliance with institutional security frameworks.
Senior Information Security Analyst
Huawei Technologies Co.
- Led enterprise-wide security operations covering threat detection, incident response, and vulnerability management, reducing mean time to respond to critical incidents by 40%.
- Designed and implemented a SIEM-based monitoring framework aligned with NIST SP 800-53 controls, improving real-time visibility across 500+ endpoints and network assets.
- Developed and enforced DLP policies and security baselines, achieving full compliance with organizational information security standards and audit requirements.
- Conducted risk assessments and security audits across critical infrastructure, identifying and remediating high-severity vulnerabilities before exploitation occurred.
- Built and delivered security awareness training programs for 200+ staff, measurably reducing phishing susceptibility and improving overall security posture.
Experience
Indus Shield – Enterprise XDR, SIEM, & Agentic AI SOC Platform
Architecture: Real-time log ingestion via Apache Kafka, with a Python agent normalizing logs from endpoints, servers, and cloud APIs into a unified event schema. Elasticsearch indexes all security events with sub-second search. PostgreSQL manages alerts and cases. Redis handles caching and rate limiting.
Detection engine: Sigma rules evaluation engine loading YAML-based detection rules against incoming events in real time. MITRE ATT&CK auto-mapping classifies every detection by tactic and technique. Alert generation with severity scoring and deduplication.
AI SOC agent: Autonomous AI analyst powered by Claude API triages alerts, investigates root cause, maps to threat frameworks, and recommends response actions 24/7.
Dashboard: React and TypeScript with real-time threat overview, live alert queue, MITRE ATT&CK visualization, and interactive investigation panel.
Stack: Python, FastAPI, Kafka, Elasticsearch, PostgreSQL, Redis, React, TypeScript, Docker, Sigma, MITRE ATT&CK, and Claude API.
Malicious URL Detection Using Machine Learning
https://dspace.library.uvic.ca/items/4bfcea4c-f71e-4431-bcbb-d9cc3f533e4dI used the ISCX-URL-2016 dataset from the Canadian Institute for Cyber Security, containing 79 features across 4 URL classes. I applied principal component analysis (PCA) for dimensionality reduction, selecting the top 10 and 25 features based on eigenvalues. I then evaluated 5 classifiers: random forest, decision tree, K-nearest neighbors (KNN), Bayesian network, and simple logistic, using 5-fold and 10-fold cross-validation.
RESULTS
Random Forest achieved the highest accuracy at 98.7% using all 79 features. KNN delivered 98.3% accuracy with the fastest execution time of 0.06 seconds, making it optimal for real-time detection in production security environments. Performance was measured across accuracy, precision, recall, F-measure, and execution time.
The findings were directly applicable to real-time proxy filtering, firewall URL inspection, and enterprise threat detection pipelines.
Stack: WEKA, Python, random forest, KNN, decision tree, PCA, cross-validation, and ISCX-URL-2016 dataset.
Education
Master's Degree in Engineering: Cybersecurity and Artificial Intelligence
University of Victoria - Victoria, BC, Canada
Bachelor's Degree in Computer Science
University of Sindh - Jamshoro, Pakistan
Certifications
Certified Information Security Manager (CISM)
ISACA
Microsoft Azure Security Technologies (AZ-500)
Microsoft
Microsoft Certified: Security Operations Analyst (SC-200)
Microsoft
Microsoft Certified: Azure Fundamentals (AZ-900)
Microsoft
Skills
Libraries/APIs
React
Tools
Sentinel, Weka, Cisco Umbrella
Paradigms
Penetration Testing
Platforms
Playbook, Apache Kafka, Docker, Azure, Amazon Web Services (AWS), Windows, Ubuntu Linux, CrowdStrike
Languages
TypeScript 5, Python, Kusto Query Language (KQL), SQL
Storage
Redis, Databases, Elasticsearch
Other
Microsoft Defender XDR, IT Security, AI Agent Security, Cybersecurity Operations, Artificial Intelligence (AI), Incident Response, Security Incident Triage, MITRE ATT&CK, Security Operations Centers (SOC), Vulnerability Assessment, Risk Assessment, NIST Framework, Threat Intelligence, Information Security, Security, SOC 2, AI Security, Agentic AI Systems, Zero Trust, Zero Trust Network Access (ZTNA), Mobile App Security, SIEM, Machine Learning, Ethical Hacking, Security and Data Analysis, Security Monitoring & Threat Protection, PostgreSQL 9, XD to HTML, Endpoint Security, Random Forests, K-nearest Neighbors (KNN), Principal Component Analysis (PCA), Microsoft Azure, Cloud Security, GRC, Security Audits, Network Security, Mobile Wireless Networks, Web Development, Cybersecurity & Incident Response, Security Information and Event Management (SIEM), Application Security & Penetration Testing, GRC (Governance, Risk & Compliance), Microsoft Sentinel (SIEM & SOAR), Threat Detection and Response (TDR), Azure Cloud Security, Azure Security Center & Defender for Cloud, Identity & Access Management (Azure AD / Entra ID), Network Security (NSGs, Firewalls, VPNs), Data & Application Security (Key Vault, Encryption), Microsoft Sentinel, FortiSIEM, TDX, Teamwork, Team Leadership, Team Coordination, Programming, Enterprise Cybersecurity, Mobile App Development, FastAPI, Decision Trees, Cloud Computing
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring