I am working as an Assistant Manager of Cyber Security in The First MicroFinanceBank Pakistan. I\'m engaged in activities including

• Leads the planning and design of enterprise security architecture of FMFB.
• Seeking to build in security during the development stages of software systems, networks, and data centres
• Looking for vulnerabilities and risks in hardware and software
• Maintains up-to-date, detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors. Researches and recommends additional security solutions or enhancements to improve FMFB’s overall security posture.
• Monitors all in-place security solutions for efficient and appropriate operations.
• Monitors threat intelligence and other available information to proactively enhance FMFB’s security posture.
• Reviews logs and reports of all in-place devices, whether they be under direct control (say. security tools) or not (say, workstations, servers, network devices, etc.). Interprets the implications of that activity and devises plans for appropriate resolution. Leads the investigations into problematic or suspicious activity.
• Provides on-call support for Information Security Incident Response activities.
• Participates in ongoing information security education, awareness, and outreach activities.
• Perform Cyber Threat Intelligence (CTI) and Intelligence Collection from the deep and dark web.
• Manage the Vendor and suggest the mitigation for vulnerabilities.
• Perform IT Transformation.
• Perform DFIR activities.

Design & implemented virtual environment system for dynamic analysis
● Dissect HTTP system movement to recognize and distinguish malware exercises
● Recognize and bypass anti-debugging and anti-analysis techniques that malware often use to sidestep from virtual environments
● Responsible for framework based programming-level mix investigation, test arrangements, test reports and underlying driver dissects
● Resolve choices about needs and interdependence influencing item discharge

I am a team player the CSIRT team as an Information Security Executive. I\'m engaged in activities including

• Actively engage in CSOC operations to assess the strength of existing controls and continuously enhance the active defence strategies
• Drive incident response activity against detected security incidents
• Overseeing daily security operations
• Create custom content and develop new use cases to correlate security event information better
• Develop and utilise “Case Management” processes for incident and resolution tracking. The methods also used for the historical recording of all anomalous or suspicious activity.
• Management of Incident analysis, reporting and archiving
• Identify misuse, malware, or unauthorised activity on monitored networks. Report the activity appropriately as determined by CSIRT Management
• Monitor, document and respond to centrally collected virus data and indicators
• Cyber Security Risk Analysis and Reporting
• Window Desktop and Server Hardening
• Linux Server Hardening

● Participating in bug hunting programs with Bugcrowd as hobbyist, in 2013 listed in top hundred out-of four thousand Researchers
● Offered pentesting services to world’s leading companies like Ebay, Google, Amazon and Wickr.