Experience as Information Security Consultant

• Employer

  HSBC BANK

• From

  17 October 2018

• To

  Present

• Detail

  ? Review the SOC architecture including HA/DR and report the gaps
  ? Establish the SOC SOPs and assist senior management to implement
  ? Build use cases, implement and tune it
  ? Review the Log sources and parse the logs or custom properties to optimize
  ? Support the SOC Analysts team to optimize operations
  ? Tune the SOC according to best practices and maintain accordingly
  ? Review the Cyber Security gaps and recommend best practices

Experience as Manager IT Security

• Employer

  Khushhali Bank limited

• From

  07 October 2013

• To

  15 October 2018

• Detail

  ? Established policies, frameworks, standards, procedures for information security, SOC, I&AM
  ? Established SOC from scratch and tuned it to the minimal false positives/offences (SOPs, alerts, reports, metrics)
  ? Established Regulatory gap assessment and achieved compliance.
  ? Established IT/information security requirements for a new Core/internet/mobile banking application
  ? Established an Information security risk management program and conducted it annually (qualitative)
  ? Established the physical & environmental security risk assessments program and conducted it annually
  ? Established an information security awareness program and conducted it continually
  ? Participated in BIA/BCP/DR activities as an independent observer
  ? Managed IT security advisories/bulletin for the administrators
  ? Enhanced the information security incident management
  ? Regular vulnerability assessments & penetration testing of IT infrastructure
  ? DLP/Endpoint security review & enhancement
  *Joined as IT Security Officer and got promoted (Resigned for better opportunity)