Hire the Best Information Security Engineer in Karachi, Pakistan

Passionate about learning new technology !

Products(Hands on Experience) SIEM Solutions • QRadar IBM QRadar, QVM, QRM, QFlow (All-in-one Environment, Distributed Environment) • LogSign SIEM & SOAR • Wazuh (All-in-one Environment, Distributed Environment) TrendMicro Solutions • Deep Security (DS) • Deep Discovery Inspector (DDI) • Deep Discovery Analyzer (DDAN) Crowdstrike (Falcon) • Activity (Dashboard, Incidents, Detections (Quarantined Files, Remediation)) • Hosts (Host Management, Groups, Zero Trust Assessment) • Configuration (Detections Management, IOC Management, Sensor Update Policies, General Settings) • Investigation (Host Search, Hash Search, User Search, IP Search, Hash Execution Search, Bulk Domain Search) • Discover (Assets, Managed Assets, Unmanaged Assets, Unsupported Assets) DNS Solution • InfoBlox BloxOne (Manage, Policies (Endpoints, Data Connector), Reports)

Highly motivated and experienced Assistant Manager of Information Security Governance with a strong track record of success in developing and implementing information security policies and procedures. Possesses in-depth knowledge of information security governance frameworks and best practices, as well as experience managing and leading teams. A dedicated professional with a commitment to excellence in all aspects of information security Expert area Penetration Testing internal and external network (api, webapp, mobile, infrastructure etc.) Vulnerability Assessment Red Teaming Network Hardening Static and Dynamic code analysis Phishing drill Social Engineering drill CTM 360 Analysis and reporting Threat Analysis Mitre Framework Analysis ATT&CK framework Analysis ISAC Framework Analysis IOC building and Analysis Compromise Assessment Testing Black,Grey,White box testing Reportings IS internal and external audit IBM QRADAR logs investigation and forensic threats Technical Knowledge: • Network Services: DHCP, DNS, HTTP etc • Telnet,SSh • Routing Protocol (RIP V1/2 , EIGRP , OSPF , BGP) • Static Routing • VLAN, VTP,Inter VLAN Routing • Port Security • Sound of AD and IP camera • STP, RSTP • Symantec Endpoint Security On-Premises • Symantec Endpoint Security (SES) •Symantec EDR Endpoint detection and response • kaspersky security center 11,12, Cloud, Cloud Plus • Kaspersky Encryption Patch Management • Kaspersky EDR optimum • Create VM in server image 2008,2012,2016 • Sound Knowledge in Exchange Server 2016 • Installation of SQL Server 14,16 • Installation of Oracle version 12.c •IS Auditor •VAPT •ISO 27001 Lead implementor •ISO 27002 Lead implementor •IS Consultant •Information security engineer •digital forensic expert •Force point Data Loss Prevention •cofense phishme •rapid7 specialist (idr, insightappsec, insightVM) Soft Skills: • Leadership • Teamwork • learning new technology • cyber security enthusiast

Hacking got me hooked! I got into hacking in my final year of graduation when I watched the TV show Mr. Robot. JK! Although watching Mr. Robot did get me intrigued and excited about hacking and cybersecurity in general, what really got me hooked was finding out about the bug bounty hunting model. The way that people can find all kinds of security vulnerabilities in real world companies and report them to the owners without getting into any trouble! As a computer engineering undergraduate who had no clue about his passion, I was really fascinated by the idea of becoming a successful bug bounty hunter. However, as I explored more domains of cyber security, I became more and more interested in them. Learning to break and secure applications and systems became my daily calling. I am also an absolute lover of OSS (Open-Source Software). The most favorite part of my job is researching and testing open-source technologies for achieving daily business goals and meeting cyber security requirements. Post my typical 9 to 5 Security Analyst responsibilities, I also do bug bounty hunting as a part-timer and try to find vulnerabilities in OSS. My specialties include quickly learning new skills, efficient googling, coming up with creative solutions for complex problems, SOC Engineering, security automation, VAPT, threat hunting and purple teaming. I have also gained proficiency in security tools and solutions including Graylog, OSSIM, Wazuh, OSQuery, Cuckoo Sandbox, TheHive, HashiCorp Vault, BurpSuite and HSM. My passion for the field keeps me motivated to explore and keep learning more about the latest security technologies on both the offensive and defensive fronts.

With an experience of ~4 yrs working with PCI-DSS & ISO-27001 certified organizations, I am fortunate enough to have worked on multiple aspects of the field including Cloud Security, Infrastructure Security, and currently working in a hybrid capacity with Cloud Security and SecOps. Hands on include AWS, SIEM, EDRs, IDS's and many other security monitoring tools and technologies. I have also played a role in developing processes & procedures, significantly improving the security posture of the organization, as well as a leading role in Incidence Response & Reporting I am always looking for new challenges and adventures. Favorite Pastime including reading, playing video games, a little bit of sports and learning about the new developments in the field of IT, InfoSec & Cloud

Experienced Information Security Analyst with a demonstrated history of working in the Information Security industry. well Versed Knowledge of Compliance with IT frameworks and Information Security Standards (ITILv4, ISO 27001, GDPR, PCI-DSS, ) Skilled in Communication, Management, Teamwork, Team Coordination, and Cross-functional Team Leadership. Strong Information Security professional with a Masters focused in Cyber Security from National University of Sciences and Technology (NUST).

Resident Engineer on the following Projects: Qradar SIEM Administrator:  Worked on SIEM solution (QRadar) as a SIEM Administrator.  Managed Daily operations and upgrades of SIEM with major components.  Creating Daily, Weekly, and Monthly Reports.  Creation of Custom Parser/Mapping.  Troubleshooting for any error that occurred.  Maintaining the Health of components.  Performed GAP Assessment for IBM QRadar.  Integration of 3rd Party applications with QRadar. Forcepoint DLP :  Deployed Forcepoint Data Loss Prevention (DLP), complete endpoint suite.  Rules creation as per use cases, and also implementation of rules in blocking mode.  Agent Roll out for 1000+ users.  Fine-tuning of rules and policies.  Deployed Data classification using the GetVisibility tool.  Data Classification syncing with DLP. Forcepoint NGFW Firewall :  Troubleshooting of Forcepoint firewall services.  Upgrades of FW Engines and Central Management,  Rules creation and implementation for segmented VLANs.  Custom report creation.  IPS deployment on all internet segments of the Bank. Prove of Concepts (POC):  Trend Micro EPP  LogRhythm SIEM  Forcepoint DLP  IBM QRadar

Computer Science Graduate having a keen interest in Cyber & Network Security. Hard-working, energetic, personable, and technical-minded individual. Possess exceptional customer service and communication skills with the strong ability to multitask and resolve issues.