Bilal Muqeet.

- Security Monitoring & Incident Response: Managing 24/7 SOC operations to detect, investigate, and respond to security incidents. - Advanced Investigation: Analyzing security alerts using SIEM, EDR, Web Proxy, AV, and threat intelligence to identify threats and risks. - Threat Hunting: Proactively hunting for hidden threats using analytics and intelligence frameworks over Cloud. - Use Case Development: Enhancing SIEM detection rules, fine-tuning alerts and WAF rules, reducing false positives.

- Triggering actions of Splunk notables with threat intel tools (Abuse IPDB, Censys, etc) along with alerting through webhook and emails. - Involved in DDoS protection through WAF. Hands on SIEM, SOAR platforms (Siemplify, ELK) by making customized rules. - Providing threat and vulnerability analysis as well as security advisory services. - Round the clock security operations shifts during Daraz's 11.11, 12.12, mega campaigns: Responding to attacks, strengthening anti-DDoS rules and fraud mechanisms.

- Creating malware analysis reports on the payloads developed by the red team. - Involved with the red team in creating phishing campaigns. - Detection Engineering via Security Onion, ELK. - Filling the gaps by assisting the offensive team in the weaponization of maldocs. - At times, web pentesting and VA.