S.M.Faisal Hussain

Experience

• 

  Pakistan International Airlines

  Jul 2017 - Jul 2017

  Intern

  Following are the departments which i covered during Internship:* AVIONICS* OVER HAUL SHOPS1. RADIO O/H SHOP:- Inflight entertainment (IFE)- Radar° Primary Radar°Secondary Radar- Distance measuring instrument (DMI)2. INSTRUMENT O\H SHOP:- Flight Data Recorder (FDR)- Fuel Quantity Instrument- Altimeter3. ELECTRICAL O\H SHOP:- Auxiliary Power Unit- Ground Power Unit- Battery Shop

• 

  Huawei

  Dec 2018 - Mar 2019

  Engineer Intern

  -> Huawei working on PTCL project where I managed routine field activityand contacted PTCL concerns regarding field activity->Worked on MSAG Equipment & Installed subscriber cards on it.->Periodically | daily review | checking project status and inform tohierarchy level.-> On regular basis maintain POWER BI reports and published on HUAWEI WORLDWIDE DASHBOARD.

• 

  TeleCard Limited

  Mar 2019 - Oct 2021

  Telecommunications Engineer

  -> Troubleshoot network issues and resolve connectivity issue incoordination with respective vendors-> Working on Cisco Router & Switches and Linux based servers.-> Working and real time monitoring of VoIP Traffic-> Maintain reports regarding status of servers, routers and switches andalso status of all interconnect connectivity-> Give support and services to clients through tickets skype and emails-> Try to contribute in task and suggest possible arrangements fornetworks. Network equipment by using different Network MonitoringTools-> Monitor Data Center for temperature/power related issues Show less

• 

  Silkbank Limited

  Nov 2021 - Sept 2022

  Information Security Analyst (G-3)

  -> To manage and ensure closure of incident Management/SOC Tickets.->Perform manual hunting of IOC's, User management, improvised rules andperform basic administration task on SIEM (IBM QRADAR). ->Ensure and manage new enhancement in Information security system.->Perform Gap analysis of Information Security Department by identifying newrequirements with respect to the industry. ->Ensure tracking and completion of all Information Security projects with their timelines. Show less

• 

  Habib Bank Limited

  Sept 2022 - Nov 2023

  Assistant Manager Cyber Security Operation Center

  Responsibilities: Responsible for security event monitoring, threat intelligence, threat hunting,triage analysis, IOC’s blocking and response. Analysis Phishing email using different analysis tool s like MX tool box for emailcredibility and using sandboxing for attachments analysis. Gather threat intelligence feeds from various sources and distribute them to theappropriate parties along with suggestions. Monitoring Security controls i.e., Splunk, QRadar SIEM, EDR, ETP, WAF, CTM360,Mandiant DTM. Maintain incident and advisory management life cycle on SOAR (SIRP). Resolution of Day to Day SIEM administration issues by troubleshooting withprinciple for seamless operation. Manage lifecycle of security log sources, including onboarding, modifying,decommissioning of log sources and modifying playbooks. Timely gather Threat advisories from various Threat Intelligence platforms,circulate them and follow-up with relevant teams. Participate in CSIRT & Cyber Security Drill activities with local and internationallocations as well to ensure a seamless operation. Co-ordination with security services and technologies providers on routine affairs. Work with SOC team to plan and deploy new features and changes in SOCenvironment. Perform data engineering to extract, transform, load for security monitoring andProvide relevant trainings to the SOC teamAchievements: Successfully upgraded Qradar Technology stack to latest update packversion. Show less

• 

  Confidential

  Nov 2023 - now

  Cyber Security Analyst (L2)

   Responsible to monitor Microsoft cloud security suite I.e. Microsoft 365 defender andMicrosoft Sentinel Microsoft 365 defender (XDR) used or identities, endpoints, cloud apps, email anddocuments. Responsible to analyze SIEM logs and perform manual hunting to mitigate the risk Analyze and perform forensic collected data by EDR through triage and minimize the riskthrough containment. Automate determined rules, EDR take necessary action accordingly to any security incidentand take immediate actions on suspicious activity. Keep up to date to recent Threat Intel to identify cyber criminals’ tactics, techniques, andprocedures (TTP) and their modus operandi. Gather feeds of critical information from various sources and distribute them, along withsuggestions, to the appropriate parties. Show less