عاصم نعيم

Responsible for establishing an effective SOC (Security Operations Center) within the
organization, which includes the implementation of LogRhythm SIEM (Security
Information & Event Management) Solution, Vulnerabilities Assessment.
Lead and manage Security Operations Center
Creation of reports, dashboards, metrics for SOC operations and presentation to Senior
Management.
Investigate the suspicious activities
Initiates, facilitates, and promotes activities to foster information security awareness
within the organization.
Manage CISCO Anti Malware Protection (AMP) & CISCO XDR Secure X.
Ensure incident identification, assessment, quantification, reporting, communication,
mitigation and monitoring.
Responsible for handling information security related issues like IT Security advisories,
management of intrusion detection and incident response by coordinating with
Information Technology department.
Responsible for assessing risks in business processes, applications and technical projects
implementations.
Conducting Internal Audit with Internal teams
Provide support for external audits like ISO 27001, ISO 22301, GDPR and CDTISR.
Initiates, facilitates, and promotes activities to foster information security awareness
within the organization.
Develop & implement the organizational information security policies and procedures.
Monitors compliance with the organization's security policies and procedures among all
employees, contractors and other third parties and takes corrective action.

Lead and manage Security Operations Center
Primarily responsible for security event monitoring, management and response.
Responsible for establishing an effective SOC (Security Operations Center) within the
bank, which includes the implementation of IBM QRADAR SIEM (Security Information &
Event Management) Solution, Vulnerabilities Assessment.
Ensure incident identification, assessment, quantification, reporting, communication,
mitigation and monitoring.
Identification and implementation of use cases for SIEM (Security Information and Event
Management) in alignment with business needs and security best practices.
Responsible for implementation of DLP solution (Force point)
Ensure compliance to SLA, process adherence and process improvisation to achieve
operational objectives
Revise and develop processes to strengthen the current Security Operations Framework,
Review policies and highlight the challenges in managing SLAs
Responsible for team & vendor management, overall use of resources and initiation of
corrective action where required for Security Operations Center.
Management, administration & maintenance of security devices.
Perform threat management, threat modeling, identify threat vectors and develop use
cases for security monitoring.
Responsible for integration of standard and non-standard logs in SIEM.
Creation of reports, dashboards, metrics for SOC operations and presentation to Senior
Management.
Co-ordination with stakeholders, build and maintain positive working relationships with
them.
Assessment of security solutions like DLP, DRP, etc.

Responsible for establishing an effective SOC (Security Operations Center) within the
bank, which includes the implementation of IBM QRADAR SIEM (Security Information &
Event Management) Solution, Vulnerabilities Assessment & Penetration Testing within
the bank.
Coordination with SIEM/other security solutions implementing partners/vendors for
support activities and get the issues fixed in a timely manner.
Perform VA & PT with third parties to evaluate the critical risks & their mitigation
processes.
Assess the VA & PT tools for Bank.
Monitor, evaluate, and assist the maintenance of assigned security systems in
accordance with industry best practices to safeguard internal information systems and
databases.
Identification and implementation of use cases for SIEM (Security Information and Event
Management) in alignment with business needs and security best practices.
Strictly adhere to and enforce change management policies and ensure compliance to
the bank’s Information Security policies, regulations and report breach in case of any.
Analyze network flow data for anomalies and detect malicious network activity.
Development of processes and procedures to improve incident response times, analysis
of incidents, and overall, SOC functions.
Updated all departments on potential and new cyber threats.
Develop & implement the organizational information security policies and procedures.
Monitors compliance with the organization's security policies and procedures among all
employees, contractors and other third parties and takes corrective action.
Access rights review and management of ID related matters of all applications within the
bank.
Perform Risk Assessment of Critical banking applications like core banking (Oracle
Flexcube) and ADC (Alternate Delivery Channels), etc.
Perform responsibilities of carrying out audits (Internal, External, State Bank of Pakistan)
and security assessments, incident management.
Responsible for defining security guidelines and objectives with software development
teams.
Create technical and managerial documentation, topologies and metrics to support
security task.
Coordinates in developing the organizations disaster recovery and business continuity
plans for a bank.
Perform periodic Systems Access Rights Reviews.
Ensure the implementation and maintenance of Password Envelop Procedures (PEP) on
quarterly basis.
Initiates, facilitates, and promotes activities to foster information security awareness
within the bank.
Implementation of domain level security to restrict users.
Analysis of the network applications and services to be used for selection of devices and
technologies.
Analysis and Configurations and security patches of active network devices i.e. L2/3
Switches, Routers & Firewalls.
Network designing as per identified requirement including logical and physical topology,
cable infrastructure design, selection of devices and technologies, IP addressing scheme
and network security structure. Analysis & Management of Virtual Machines through VSphere.
Information gathering for civil and cable infrastructure design. i.e. Site Plan, Distances,
Physical location.
Maintaining the 1000 Windows 2000/2003 based computer Network.
Oracle 10g DB / Client Installation and Configuration.

 Physical setting up of computers and software system installation for various computer
applications and programs.
 I.T Infrastructure.
 Having ability to install and Configure LAN & WAN.

Installation and administration of server