Work Experience
Cyber Security Engineer
Encbit
Jul 2025 - Present Lahore | Hybrid
- Managed Wazuh SIEM deployments across 5+ client environments, authoring 15+ custom detection rules and decoders that improved log ingestion accuracy by 30% across 50+ monitored assets.
- Conducted OSINT-driven attack surface analysis using Google Dorking, WHOIS, and Shodan identifying and coordinating remediation for 10+ exposed assets while triaging 200+ daily security events.
- Maintained continuous offensive/defensive research through TryHackMe labs and MITRE ATT&CK-grounded techniques, directly informing real-world detection engineering decisions.
Cyber Security Analyst
Cyber Silo
Feb 2025 - Jul 2025 Islamabad | Hybrid
- Engineered custom SIEM detection rules and log parsers on Wazuh and Threat Hawk, increasing detection fidelity by 40% while resolving agent misconfigurations to restore 99% log integrity.
- Automated compliance mapping workflows by correlating ISO 27001, NCA-ECC, and SAMA controls via Python scripting, cutting manual alignment effort by 60% and building CIS hardening templates for FortiGate, Cisco, and pfSense firewalls.
- Validated threat detection coverage by simulating 20+ MITRE ATT&CK scenarios via Atomic Red Team, verifying rule accuracy and identifying critical coverage gaps across monitored infrastructure.
SOC Analyst
Cyber Silo (Client: Allama Iqbal Open University)
Feb 2024 - Feb 2025 Islamabad | Hybrid
- Spearheaded SIEM deployment across 30+ servers and endpoints, managing Wazuh EDR with MITRE ATT&CK-mapped rules to close 35% of previously unmonitored attack surfaces.
- Reduced false positives by 45% through systematic rule optimization and threat intelligence alignment, while performing real-time IOC analysis, log correlation, and root cause analysis across all telemetry sources.
- Designed incident response playbooks for containment, remediation, and escalation workflows cutting MTTR from 30+ minutes to under 10 minutes across the monitored environment.