Experience

MEEZA, Managed IT Services Provider

• Qatar
• IT Services and IT Consulting
• 100 - 200 Employee

• SOC L2 Analyst

  • Jun 2022 - Present



NADRA

• Pakistan
• Information Technology & Services
• 700 & Above Employee

• Assistant Director | Security Operations Center Analyst

  • Dec 2018 - Sep 2022

  Experienced in Network Security Monitoring and Incident Response• Incident validation and prioritization: Assess potential business impact• Incident analysis: Reverse engineer attacks.• Containment and remediation: Stop the bleeding and eliminate vulnerabilities.• Hunt missions: Proactively uncover hidden attacks• Deep understanding of layered security and defense in depth (Network, Host/Endpoint and Application level in an enterprise environment)• Cyber Threat Advisories (Malware TTP, Threat Baselining and Playbooks Writing of Analyst) Log Management and Analysis using SIEM (QRadar / Elastic SIEM)• Resolving Security Events and alarms analysis• False Positive (FP) / True Positive (TP) analysis• Incident detection and analysis• Incident investigation and its remediation report writing • Quick fix writing and disaster recovery plan• Deep packet inspection• Rule writings and configuration tuning• Firewalls, Antivirus, Web Servers, Email Servers, IDS/IPS, Network Appliances and Operating Systems.• Alert and dashboard customization according to requirement • Data source (Antivirus logs, firewall logs) integration• Log parsing using DSM and QID mapping in Qradar• Log parsing using grok filter in Elastic search.• Reports generation SIEM Customization (QRadar / Elastic SIEM )• Custom correlation rule writing according to company policy• Custom plugins writing for custom data sources• Network devices logs integration with SIEM• Firewall, antivirus log integration using plugins• Tuning default policies and writing custom policies in SIEMDatabase Activity Monitoring (IBM Guardium)• Create Guardium Access, Exception, and Extrusion Policy Rules• Resolving security alerts and policy violations• Create, install, and update a Guardium policy• Vulnerability assessment - discover vulnerabilities in your data environment• Creating and populating Guardium groups• Reports generation

• Network Engineer Trainee

  • Sep 2017 - Dec 2018

  - Configuration and troubleshooting of VoIP Phones (CISCO and Polycom).- Exposure to Routers, Switches, Server Rooms and Data Centers used in networking.- Work directly with Database Administrators, Network Administrators, Transport, I.P., Switch and equipment vendors to solve complex problems.- Maintenance and troubleshooting of all software’s of office that includes MS Windows (windows 7/8/10), MS Office and custom-built software’s of NADRA, such as National Identification System etc.