Photo

Talal Ansari SOC Analyst

Saudi Arabia
BruteXSSBurpsuiteDirBusterFireEyeGenymotionIncident ResponseKali LinuxLog AnalysisMetasploitNessusNexposeNiktoNmapPenetration TestingQradarSIEMSOCSplunkSQLmap

Looking to pursue a career-oriented position in an organization where my experience in cyber security and analytical skills could be well utilized and I can find the facility of learning in the field of cyber security, which could help me to show constructive ideas and productivity in the practical field. I would always prefer to work in a challenging environment.

Education

JAN 2013 - DEC 2016 BS Computer Science at Sir Syed University Of Engineering and Technology
2010-2012 Higher Secondary School Certificate (Pre-Engineering) at Al Aqeeq Int College, Medina, KSA
2008-2010 Secondary School Certificate (Matriculation) at Al Aqeeq Int School, Medina, KSA

Experience

Nov-2019 TO (Current Employer) SOC Analyst at Al Rajhi Bank

The Al Rajhi Bank is a Saudi Arabian bank and the world’s largest Islamic bank by capital based on 2015 data. The bank is a major investor in Saudi Arabia’s business and is one of the largest joint stock companies in the Kingdom, with over SR 330.5 billion in AUM and over 600 branches.
My responsibilities are as follows:
– 24/7 SOC Monitoring
– Identifying gaps in the integration of logs with SIEM (Splunk).
– Analyzing logs produced by different devices such as firewalls, endpoint protection, DLP, IPS/IDS, Email etc. to ensure
cyber security threat eradication and compliance.
– Creation of escalation matrix.
– Creating and following up with tickets for their timely resolution.
– Review and understand collected metrics from monitoring systems and be aware of patterns and anomalies.
– Provide analytical feedback on client infrastructure.
– Provide recommendations in tuning and optimization of security systems, SOC security process and procedures and
policies.

Aug-2017 TO Nov-2019 Information Security Analyst at Meezanbank ltd.

Meezan Bank, Pakistan’s best, the first and largest Islamic bank, is a publicly listed company with a paid-up capital of Rs. 10 billion. It is one of the fastest growing financial institutions in the banking sector of the country. With its Vision of establishing ‘Islamic banking as banking of first choice …’ – the Bank commenced operations in 2002, after being issued the first-ever Islamic commercial banking license by the State Bank of Pakistan.

My responsibilities were as follows:

– Cyber and Application Security.
– Performing manual and tool based vulnerability assessment and penetration testing of all internal and public facing
MBL applications keeping in view OWASP top 10.
– Recommend corrective measures and ensure the adequacy of existing Information Security controls & Provide
comprehensive vulnerability report with Risk Ratings, Steps to exploit and recommendations.
– Co-ordinate with respective teams to get the reported vulnerabilities fixed.
– Responsible for blocking anti phishing web pages of MBL Brands.
– Access control on MBL server farm and other IT services.
– IBM SIEM (Qradar)
– Owning installation and management of QRadar infrastructure (Red Hat Enterprise Linux (RHEL) images for QRadar
SIEM).
– Creating new rules and developing use cases keeping in view the evolving threats.
– Regex writing along with creating and maintaining dashboards for quick and easy reporting.
– Creating reference sets along with maintaining them by adding the updated IOCs.
– Coordinating with the SOC team to fine tune the alerts and offenses.
– Creation and enhancement of reports.  Integration of new log sources.
– Co-ordinate extensively with networking teams to maintain SIEM architecture.
– Maintain Management Information System (MIS) reports.
– Performing analysis on logs produced by network devices utilized within Meezan Bank such as firewalls, content
filtering, and syslog from various sources/devices, assorted Intrusion Detection capabilities, substantiating
vulnerability scanner results, directory services, DHCP logs, Secure Email Gateway logs, and approved applications.
– Monitor logs and investigate security events and alerts, taking in account system and application logs, network
security appliances, user activity, and NetFlow data.
– Develop and test new correlation content and use cases using Qradar SIEM filters, rules, data monitors, active lists,
and session lists.  Maintaining SIEM (Qradar) Backup.
– Identify and design use cases that address specific enterprise needs.
– Analyze Fire-eye event in SIEM and fire-eye dashboard which includes NX, EX
– Review IT projects with respect to security concerns.
– Development of network security standards, policies and practices.  Coordinate internal/external/SBP IS Audits. 
Information Security awareness to end user.

Projects/Reviews

– ATM
– IP phone
– Mobile Internet banking
– Service Quality mobile application
– BDO sales mobile application
– E-banking application pentest
– Cash management system
– Corporate internet banking
– Online account opening form
– Meezanbank website
– Network Review
– Branchless Banking
– Printer review
– Infrastructure review

Mar-2017 TO Jul-2017 Network Support Engineer at Xper2go Inc.

Xper2go provides affordable and reliable enterprise class computer IT support and outsourcing to small and medium sized businesses located in Fremont, US. We provide services to customers in Hospitality, Construction, Real Estate, Manufacturing and Services industries. My responsibilities were as follows:

– Providing complete network support to hospitality industry mostly located in the U.S.
– Deployment of network devices via WebEx (including various routers and switches).
– Monitoring the logs of all deployed network devices.
– Provide network architecture to customers.
– Provided support over the phone to corporate customers