Kashif Ali Khan

Self-motivated IT professional having more than 15 years of extensive experience in Systems and Network &
Administration, planning, designing, implementing, and supporting Microsoft infrastructures, VMware, Linux,
IBM, Cisco, Information Security, and Endpoint Products.

Security Administrator July 2022 – Present
MCB Islamic Bank Ltd:
ISO Application Administration and Management
 Administrator for managing, administering, implementing, and upgrading the security appliances.
 Administrator for managing, administering, implementing, and upgrading IBM Security Verify Privilege.
 Administrator for managing, administering, implementing, and upgrading Trend Micro Deep Security.
 Administrator for managing, administering, implementing, and upgrading IBM Qradar 7.4.3 (Cloud Pack)
SIEM and also integrating and parsing the new log sources in Qradar SIEM.
 Administrator of Wazuh File integrity monitoring (FIM) application.
 Administrator for managing, administering, implementing, and upgrading IBM Security Verify Access.
 Administrator for managing the IBM Security Guardium 11.3.
 Modification, configuration, and upgradation of all above-mentioned applications when needed.
 Also perform routine/schedule audits of the systems, including all backup, and any other assignment
assigned by the line manager.
 Also monitoring and performing health checks of all applications when needed.
Vendor Management
 Go through the vendor requirements for flawless execution of the new information security projects and
address any issues or concerns that may arise during the project.
 This includes emphasizing the importance of addressing communication problems promptly, working
together to find solutions, and holding vendors accountable for implementing corrective actions when
necessary. This approach is crucial for maintaining effective operations and resolving issues efficiently.
2
SOC Analyst January – 2020 – June 2022
MCB Islamic Bank Ltd:
Active Monitoring and Threat Analysis
 •Monitoring of all valuable assets of the Bank through SIEM.
 Rules tuning to make troubleshooting easy and reduce false positive alerts
 Investigate and resolve all issues which are received from alerts of Security Controls
 Troubleshoot, analyze and resolve any anomaly found in assets.
 Uploading IOCs on the security solutions to generate alerts on Hits.
 Tracking anonymous authentications from log source events.
 Detecting misconfigurations and suspicious flow on port traffic to get it properly configured.
 Detection and removal of malware based on known malware signatures from the endpoints detected by
EDR.
Database Activity Monitoring
 Installation and Deployment of DAM collectors, Aggregators, and Central Manager.
 Daily health check, and fine-tuning.
 Integrating Databases and building rules.
 Troubleshooting and Coordination with support when required.
Investigation
 •Co-relating events based on current and past behavior. Using multiple threat intelligence platforms to
compare suspicious sources.
 Analyzing malicious/suspicious behaviors on the sandbox environment.
 Searching for IOCs over different platforms.
Malicious Emails Analysis
 Analysis of malicious email alerts received from the email gateways and investigation of them through
multiple tools.
 Analyze and respond to emails that are received from different sources for investigation.
Research & Documentation
 Continuously learning and researching threat-hunting techniques and malware behavior to stay up-to-date
on emerging threats and improve organizational security posture.
 Preparing weekly progress reports on security events, investigations, and overall risk posture to provide
updates to management
 Coordinating with the Managed Information Security Services Provider (MISSP).
Senior IT Administrator
Highway Enterprises: January 2019 – December 2019
 Manage Microsoft, VMware, Linux, LAN, and WLAN Infrastructure
 Provide remote support to clients
 Microsoft Azure Administration
3
 Kaspersky Endpoint Administration
 Manage and administer the Fortigate 100e Firewall
 Manage and Support Linux Proxy and Chating Server [Openfire]
 Manage and Support Distributed File System Server based on Windows Server 2008 R2
Principal IT Systems Engineer
Innovative Pvt Limited: November 2008 – December 2018
 Managed and Support Windows Server 2012 Active Directory, Exchange 2013, Group Policies,
Distributed File System Server, MS Outlook, Office 365 business applications, and advanced features,
including, Skype for Business.
 Managed and supported end-user Desktop and software issues.
 Management, Support, and Administration of VMware Virtualization infrastructure based on VMware
 Managed and Support SAN Storage.
 Upgradation of VMware infrastructure from 6.5 to 7.0.
 Managed DNS, DHCP, and TCP/IP.
 Performed weekly VMs backup through VMware standalone converter tool.
 Managed and Support Windows client machines Windows 7 and Windows 10.
 Maintained and Administered Microsoft Windows Update Server WSUS.
 Managed Solar Winds network monitoring Server.
 Managed Anti-virus Server Bit Defender.
Certifications

Academic Qualification
 Masters in Computer Science [2003 – 2004]
University of Karachi, Pakistan
 Bachelor in Science [1999 – 2001]
University of Karachi, Pakistan