• Review the MT – Intelligence Cyber Offensive Defense Service system and monitoring for any alarm, events.
• Collecting events logs and monitoring SIEM real-time events, inspecting any malicious activity.
• Deep inspecting the cause of incident event & efficiently responding to incidents
• Generates an incident ticket with event description and remediation steps.
• Communicating the senior or management about the incident occurrence and its severity.
• Creating incident executive report with evidence snapshot and event attacking frequency, causes and remediation steps.
• Systems anomalies detection through webroot FlowScape.
• Forensic analysis of end-user systems through tools (Malware Analysis Pack, Process Explorer, FileAnalyzer)
• Network packet analysis through wireshark network packet tracer.
• Exploring the threat knowledge by subscribing to cyber threat news articles.
• Creating standard operating procedures(SOP) and working manuals to operate and manage security tools.
• Attending online training and webinars regarding latest cyber security protection tools and awareness to the latest cyber threats across the globe.

Managing IT operations, Networking Infrastructure managing , Desktop support, Server applications monitoring

Internship in IT Department of Institute of Bankers Pakistan