0xRafuSec | Cyber Security Engineer

Available For Hire

Introduction

Overview.

Hello! I'm Muhammad Rafay Ali, an Experienced Cyber Security Engineer Skilled in crafting detection logic, optimizing logs, and engineering scalable monitoring pipelines using Wazuh and Threat Hawk to surface high-signal threats.

I specialize in Threat Hunting, Rule Optimization, and ISO 27001 compliance. Experienced in SOC Operations, SIEM Engineering, and Threat Detection, ensuring robust monitoring and rapid threat mitigation.

Actively sharpening offensive and defensive skills through TryHackMe and Hack The Box labs, translating attack techniques into practical detection and response strategies. Certified in ISO/IEC 27001 Lead Auditor, SOC Foundations, and Google Cybersecurity Professional programs, reinforcing a strong foundation in governance concepts, security operations, and modern defensive practices.

"Let's collaborate to bring your secure infrastructure to life!"

muhammd.rafayali@outlook.com

0xRafuSec

Muhammad Rafay Ali

Expertise

Skills.

SIEM & SOC

Threat Detection & Response

Wazuh

IBM QRadar

Threat Hawk

Threat Intelligence

IOC Analysis

Threat Hunting

Offensive Security

VAPT & Exploitation

Kali Linux

Burp Suite

Metasploit

MITRE ATT&CK

OSINT

OS & Cloud

Infrastructure & Hardening

Windows Security

Linux

Azure

Governance

GRC & Standards

ISO 27001

NCA-ECC

SAMA

ADHICS

Automation

Scripting & DevOps

Python

Bash

PowerShell

Professional Certifications

Certified SOC Analyst Foundation

SIEM XPERT

ISO/IEC 27001:2022 Lead Auditor

MasterMind

ISO/IEC 27001:2022 Information Security Associate

SKILLFRONT

Cybersecurity Specialization

Google

Security Analyst Fundamentals

IBM

Ethical Hacking & Penetration Testing

Udemy

Work Experience

Cyber Security Analyst

Cyber Silo

Feb 2025 – July 2025 Islamabad | Remote

Designed and implemented custom SIEM detection rules and parsers, increasing detection fidelity by 40% across critical systems.
Automated compliance mapping in SIEM by correlating ISO 27001, NCA-ECC, and SAMA controls using Excel-based matrices and scripting.
Integrated MITRE ATT&CK techniques via Atomic Red Team to validate detection accuracy.
Resolved SIEM data flow issues by correcting agent misconfigurations, improving log integrity by 99%.
Developed YAML-based CIS hardening templates and audit automation scripts for firewalls.

SOC Analyst

Allama Iqbal Open University (via Cyber Silo)

Feb 2024 – Feb 2025 Islamabad | Hybrid

Spearheaded SIEM deployment across 30+ servers and network devices, enhancing visibility and reducing detection blind spots by 35%.
Identified exposed assets via OSINT tools such as Google Dorking and WHOIS-based reconnaissance.
Reduced false positives by 45% through rule optimization and logic alignment with threat intel sources.
Designed and implemented incident response playbooks, cutting average response time from 30+ minutes to under 10.
Troubleshot SIEM integration errors ensuring 24/7 uptime for critical assets.

Academic Background

Bachelor of Science in Computer Science

2019 - 2023

Hamdard University Islamabad, Pakistan

Key Courses

▸Cyber & Information Security

▸Network Security

▸Artificial Intelligence

▸Machine Learning

▸Mobile App Development

▸Software Engineering

Final Year Project

IoT Intrusion Detection Systems

Built an IoT security system using ESP32, sensors, and ESP32-CAM with real-time alerts via a Flutter Firebase app.

Featured Projects

Active Directory Attack Simulation & Hardening

security

Emulated post-exploitation techniques in a Windows AD lab using Atomic Red Team, PowerShell, and Mimikatz. Integrated Wazuh SIEM to alert on 20+ MITRE-mapped TTPs and performed CIS-based hardening, achieving 80% increase in compliance.

#Active Directory#Wazuh#Mimikatz#Atomic Red Team#CIS

Code

Multi-Sensor Intrusion Detection IoT

development

Developed an IoT-based security solution using ESP32, motion/gas/fire sensors, and ESP32-CAM. Engineered a mobile application using Flutter and Firebase for real-time alerts, improving response time by 60%.

#IoT#ESP32#Flutter#Dart#Firebase#C++

Code

Interactive Terminal

Execute commands, simulate attacks, and analyze security.

guest@rafay-portfolio:~

Welcome to Rafay's Portfolio Terminal. Type 'help' to begin.

guest@rafay-portfolio:~$

Live Threat Simulation

IDLE

Vulns

Alerts

Exploits

automated_threat_sim.exe

IDLE

Ready to launch attack simulation

* Simulated attack chain for educational demonstration.

Password Auditor

Strength ScoreWeak (0%)

Password analysis checks against Have I Been Pwned database (11+ billion breached passwords).

Security Checklist

At least 12 characters

Contains Uppercase

Contains Number

Contains Special Char

Not in breach database

Get In Touch

Let's Connect

I'm open to discussing SOC operations, SIEM engineering opportunities, and security consultation.

Location

Islamabad, Pakistan

Email

Muhammad.rafayali@outlook.com

Phone

+92 300 9817 567