Mag. Talha Riaz (DFIR I REM I MSSP I Threat Hunting I VAPT)

Provide support in the detection, response, mitigation, and reporting of cyber threats affecting client networks

• Serve as subject matter expert in incident response and digital forensics. • Perform complex incident response technical analysis and develop technical conclusions based on analysis of evidence; review analysis and conclusions of other consultants. • Document findings, develop incident response remediation recommendations and present both orally and in written reports to management.

• Performed Host-based and Network-based Forensics tasks. • Monitor, triage, and prioritize events, alerts using EDR. • Automate IR tasks by developing python-based CB response API scripts. • Lead project for architecting and managing the implementation of all matters relating to EDR and SOAR. • Integration of SOAR with EDR and SIEM and develop use cases over SOAR. • Investigate network traffic for potential security incidents using Sensor data, Packet captures (occasional)

 Perform Forensics Investigations on different clients.  Threat hunting proactive /Post-Active by using Recorded future, SIEM tool and EDR Threat feeds.  Develop SOPs after incident response handling and mitigating risk.  Familiarity with forensic artifacts typically found on Windows and Linux operating systems  Knowledge of proper forensic investigation techniques when working with compromised system images or files

 Security events monitoring using SIEM  Performed Incident response activities.  Log analysis of OS, network, applications and security technologies  Performed Incident response activities business as usual activities.  Daily, Weekly, monthly reporting to Client with full brief attacks history.  Perform vulnerability assessment of servers and applications  Perform basic malware analysis  Develop monitoring and IR documentation

Bachelors in Computer Sciences (BSCS Hons) COMSATS Institute of Information Technology.