Usman Zafar, security incident response engineer

Usman Zafar

security incident response engineer

dincloud llc

Location
Pakistan
Education
Master's degree, Information Technology
Experience
14 years, 6 Months

Share My Profile

Block User


Work Experience

Total years of experience :14 years, 6 Months

security incident response engineer at dincloud llc
  • Pakistan - Lahore
  • My current job since May 2020

• Threat Trigger/Incident responder, remediating serious attacks and documentation
• Lead the project for PCI DSS and SOC type l and SOC type ll Certification
• Assessing the scope of the attack and affected systems and initial investigation for further
analysis
• Identify potential, successful, and unsuccessful intrusion attempts and compromises
thorough reviews and analyses of relevant event detail and summary information
• Use threat intelligence to hunt for indications of compromise in log data and utilizing
endpoint security tools
• Document all activities during an incident and providing leadership and teams with status
updates during the life cycle of the incident
• Write reports after analyzing a variety of security appliance logs (Firewalls, NIDS, HIDS, Sys
Logs, etc.) to determine the correct remediation actions
• Provide information regarding intrusion events, security incidents, and other threat
indications and warning information
• Perform analysis and correlation of logs, Offense, Incident Correlation and alerts
• Experience hunting proactively for threats within an enterprise environment using different
tools
• log source integration, tuning, parsing and analysis
• Document required actions for vulnerabilities treatment, vendor security alerts and against a
security incident and track the progress
• Management of Sophos Central for Intercept X and EDR endpoint solution
• Experience with ELK stacks and Wazuh SIEM

Team Lead at Sefam Pvt. Ltd
  • United Arab Emirates
  • October 2014 to October 2019

Lead the project for ISO:27001 Certification
• Developed network security using Next-genertion firewalls with synchronized security
solution, IPS, Content Filtering, Web Filtering, Site-to-Site VPN and Remote Access VPN
• Analyse a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys
Logs, etc.) to determine corrective or mitigation actions and escalation paths for each incident
• Monitoring and maintaining Endpoint Security Solution operations/deployment along with
incident handling
• Secured 1000+ nodes LAN environment using layer 3 switches by implementing, Access
Controls Lists, VLANs and CIS hardening
• Scan and monitor system vulnerabilities on servers and infrastructure devices using a Threat
and Vulnerability security solution
• Follow detailed processes and procedures to analyze, escalate, and assist in remediation of
critical information security incidents
• Secure Firewall Configuration
• Multiple firewalls migrations projects (ASA, FortIGate, Sophos, juniper and SonicWall)
including site to site and dial-up VPNs, ACLs, and source IP and port based publishing
• Network Security Devices (Firewalls, DMZ, Virtual Private Network (VPN), Proxy Server, IDS/IPS
Solutions)
• Network Security Policy (Internet Usage Policies, Acceptable-Use Policy, User-Account Policy,
Remote-Access Policy, Firewall-Management Policy, Security Hardening Policy, Data
Backup/Disaster Recovery Policy, Switch/Router Security Policy)
• Endpoint Security (OS/Windows/Linux, Network Servers, Routers and Switches

Network Engineer at Systems Ltd
  • Pakistan
  • August 2013 to October 2014

Secured network by migrating from Cisco ASAs to NXGF FortiGate Firewalls
• Designed, implemented and maintained IPSec-based connectivity with remote sites and
customers
• Enabled and monitored logging on network devices
• Secured network with Cisco switches using VLANs & VACLs
• Installed and configured Cisco 3845 Routers on 4 sites, 1 for INet and 2nd for GRE over IPSec
Tunnels
• implemented ISMS policies and prepared respective documentation for multiple sites
• Maintained and updated Symantec Antivirus Server, and clients
• Assisted CSIRT/SOC with the investigation of and response to network security breaches
• Configured IDS/IPS on Fortinet Firewalls
• Monitored system and network activities for attack and intrusion
• Responded to information security incidents as needed
• Drafted security standards and procedures documents

security at Analytics Pvt. Ltd
  • Pakistan
  • October 2011 to July 2013

Amazon AWS server’s

Assistant at Waqt TV
  • Pakistan
  • April 2008 to July 2010

Network and Infrastructure management
• Active Directory 2003, DNS, DHCP, Group Policies and Exchange Server 2007
• VLAN configurations on Cisco switches
• Panda Anti-virus and Firewall
• Strong Network & PC/Mac knowledge
• Network printer installation
• Windows and Mac server environment troubleshooting

Education

Master's degree, Information Technology
  • at Virtual University of Pakistan
  • January 2011

Specialties & Skills

Network Design
Network Optimization
Network Operations
Network Security
Network Administration
FIREWALLS
ANTI VIRUS
CONTENT MANAGEMENT
DOCUMENTATION
MICROSOFT ACCESS
MICROSOFT WINDOWS
NETWORKING
POLICY ANALYSIS
SWITCHES

Languages

English
Expert

Training and Certifications

Information Security Incident Handling (Training)
Training Institute:
Charles Sturt University, Australia
Date Attended:
September 2021
Duration:
5 hours

Hobbies

  • Tennis