Experience

• 

  Pakistan assocication council (pac)

  Jun 2010 - Aug 2010

  Student internship

   Amnesty Scheme Volunteer Work

• 

  National defence university islamabad

  Jun 2014 - Aug 2014

  Student internship

   Department: National War Gaming Center (NWGC) Developed Web Based Customized Interface of Joint Theatre Level Simulation (JTLS) forDisaster Management Scenarios

• 

  It butler e-services fz llc

  Jun 2016 - Nov 2019

  Senior information security analyst

   Deployment, Implementation, Configuration, Integrations & Management IBM QRadar SIEM Deployment & Configuration of IBM QRadar Vulnerability Manager (QVM) & Risk Manager (QRM) Parser writing using Regular Expressions, customization of rules and dashboards and reports Experience in integrating with custom application logs and aggregators such as Syslog Implementing customer specific use cases and fine-tuning offenses and rules Monitoring of network traffic, real time security event and log monitoring and offense analysis Building the use cases for every Foreseeable Security Threat Incident Triage of QRadar SIEM – Filter out false positives & watch for potential intrusions QRadar Upgradation through IBM X-Force Threat Intelligence and Offline upgrade packages Performs regularly scheduled security and vulnerability audits and develop mediation plans Experience of MSSP SOC Developing, Managing and Updating SOC Policies and Procedures IBM Resilient Incident Response Platform (IRP) Implementation, Configuration and Management GAP Analysis and Development of Compliance Report ISO27001:2013 ISMS Policies and Guidelines Implementation & Tracking Risk Assessment and Threat Analysis Developing, Managing and Updating Project Plan Plan and Design HLD, LLD, Run Books and Testing Documents Managing and Conducting Trainings Show less

• 

  Systems limited

  Dec 2019 - Feb 2021

  Senior information security engineer @ telenor 345

  Systems Limited, Islamabad – Deputed at TELENOR 345 PAKISTAN Provide security consulting to project and development teams in the area of information security Provide regular scheduled metrics and reporting to all stakeholders Extensive knowledge of Splunk architecture and various components. Deployment, Implementation, Configuration, Integrations & Management of Splunk (SIEM) Parser writing using Regular expressions, customization of alerts and dashboards and reports Experience in Splunk Administration, Upgradation, Alert scheduling, KPI’s and infrastructure Create data retention policies and perform index administration, maintenance and optimization Design & Development of core scripts to automate Splunk maintenance processes Implementation Splunk Universal Forwarder & Heavy Forwarder in Linux and Windows platforms Developing, Managing and Updating Project Plan Plan and Design HLD, LLD and Run Books Documents Managing and Conducting Trainings Show less

• 

  Jazz

  Mar 2021 - Jul 2024

  Manager security operations center

  • Provide security consulting to project and development teams in area related to Information Security• Management of Jazz Security Operations Center including Team assignments, Shift Rosters, Teammanagement, etc.• Review JSOC Alerts raised by JSOC L1 team as part of Incident Response: Identify affected systems andthe scope of the attack by emerging threat intelligence (IOCs, updated rules, etc.); Review and collectasset data (configs, running processes, etc.) on these systems for further investigation. Determine anddirect remediation and recovery efforts• Responsible for Vulnerability Assessment, Management, Detection & Response (Qualys VMDR) for every new system and application launched for Jazz or 3PP, Review asset discovery and vulnerability assessment data• Sumologic IncMan (SOAR) Incident Response Platform (IRP) Implementation, Configuration andManagement• Responsible for management of ArcSight/LogRythm SIEM Solution including integrations, logsonboardings for different Security appliances, OS, Applications, etc.• Development of Alerts, Reports and Dashboards including development of new Use Cases for effectivemonitoring for JSOC• Responsible for management of Falcon CrowdStrike EDR (Endpoint Security) and ensuring EndpointControls Coverage in Jazz• Perform Threat hunting to detect advanced threats and improve cyber defense’s• Compliance review of Microsoft BitLocker Administration and Monitoring (MBAM) tool for Endpointprotection against Employee BYOD’s• Responsible for Management of Cisco Email Security Gateways (ESA) appliances to implement controlsand policies• Overview and Monitoring of McAfee IPS / TrendMicro IPS for network Security• Management and monitoring of F5 WAF for application security Show less

• 

  Asiacell communications pjsc

  Jul 2024 - now

  Cyber security senior consultant