Summary
Overview
Work History
Education
Skills
Additional Information
Certification
Languages
Timeline
Hi, I’m

Mohammed Tauseef Ubaid

Mohammed Tauseef Ubaid

Summary

SOC |SIEM|Security Analyst | Vulnerability/Patch Management

The objective is to find a challenging role in a reputable organization to utilize my technical and management skills for the growth of the organization and to enhance my knowledge in IT sector.

Professional Summary : Experienced IT professional with a broad set of skills applicable across different roles in Security Operation Center (SOC) & Vulnerability/Patch Management. Expert in handling and managing 24/7 day-to-day activities of SOC. Demonstrated experience in developing and managing Service Level Agreements (SLAs) and Key Performance Indicators (KPIs). Experienced in security technologies: Security information and event management (SIEM-Qradar, Splunk, LogRhythm), IDS/IPS, Proxy, Web Application Firewall (WAF), Anti-Virus, Sandboxing, firewall, etc. Experienced on SOAR solutions like(Swimlane & IBM Qradar resilient) Experienced on IAM(PAM(Beyond Trust) & on Firewalls (SonicWALL, Cisco & Fortinet). Hands-on experience in real-time logs monitoring, analysis, investigation, incident handling, reporting, and escalations of security events and their mitigation. Log analysis, detection, analytical and problem-solving skills. Documenting the tickets with all the action updating incidents & reporting. Good Knowledge about EDR Solutions (Crowd strike, Trend Micro-XDR) and vulnerability assessment tools(Qualys,Nesus). Experienced in Office 365 Security Center Experienced in Data Loss Prevention (DLP) incident handling using Mcafee, Office 365 & Symantec tools. Hands-on experience in Monitoring alerts generated from the DLP tool. Incident management and follow-up with concerned teams to resolve Incidents and escalate to senior management. Conduct daily review, triage, and escalation of detected and user-reported information security events. Hands-on Experience -VA/Vulnerability Management, Configuration Management & Monitoring for Servers & Network Devices.Implemented the CSD deviations on the new build servers Experience in Software distribution& OS deployment through SCCM 2012 Experience in Managing Windows, and Linux Servers. Managed HP blade servers through iLO and Dell servers through iDRAC Managed AD users and groups - the creation of users, groups, OU, and applying basic GPOs at the OU level. Maintained inventory through CMDB and active directory Experience in Incident Management, problem management, and change management. Managed a team of Service Desk engineers. Experienced in Monitoring and Troubleshooting alerts of routers and switches, Extreme switches, and various other Networking devices. Experienced in Vulnerability Management (Qualys, Nessus) & Patch Management(SCCM) Expertise in using Manage engine, BMC Remedy, Marvel, and many other tools and applications. Perform hunting for malicious activity across the network and digital assets Conducts analysis using a variety of tools and data sets to identify indicators of malicious activity on the network
Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious research maintain malware to assist with threat support-related the security services and technologies involving the SIEM configuration & planning, and incident response.
Lead incidents, coordinating and directing multiple subject matter experts internal and external to the project support related tasks to integrate security platforms as well as ongoing tuning support for existing technology. Specialize in network-centric analysis utilizing a variety of tools and techniques such as Network Security Monitoring, log analysis, and more technical leadership guiding the development and evolution of our security monitoring platform as well as detection and response procedures.

Overview

16
years of professional experience
1
Certification

Work History

FIFA Supreme Committee

Cybersecurity Security Consultant
10.2022 - 05.2023

Job overview

  • Responsible for conducting security investigations as a result of security incidents identified by the tier 1 security analyst who is monitoring the security consoles from various SOC channels (SOAR(Qradar Resilient), SIEM(Qradar),XDR(Trend-Micro).
  • Coordinate with Business Units and Technology teams to assist with incident response, remediation, and recovery efforts.
  • Develop and maintain documentation, processes, procedures, and reports to improve the quality, consistency, effectiveness, and efficiency of SOC operations.
  • Review, analyze, and respond to security events triggered through the security monitoring systems using Qradar resilient SOAR.
  • Manages and executes multi-level responses and addresses reported or detected incidents.
  • Performs information security incident response and incident handling based on risk categorization and in accordance with established procedures.
  • Work with a cross-functional team, drive improvements to policies and processes within the law enforcement response team
  • Coordinate with internal partners and external law enforcement agencies to provide assistance to people in crisis
    Identifying incidents and making recommendations to protect the network.
  • Assist in the administration and integration of security tools to include new data/log sources, expanding network visibility and automation.
  • Utilizes digital forensic tools including Guidance EnCase to execute digital investigations and perform incident response activities.
  • Perform hunting for malicious activity across the network and digital assets

Malomatia

Cybersecurity Operations Lead
12.2021 - 10.2022

Job overview

  • Experience with SIEM, Vulnerability scanning systems and tools, IDS/IPS, HIDS/HIPS, Anti-malware technologies, Firewalls, Data Loss Prevention (DLP), Web/Email Proxy filtering systems, and Security Event Correlation
  • Responsible for conducting security investigations as a result of security incidents identified by the tier1 security analyst who are monitoring the security consoles from various SOC channels (SOAR(Swimlane),SIEM,Tickets,Email,Phone)
  • Assist Team Leads with reporting, projects, administrative work as needed
  • Participated in regular meetings with management to discuss trends within the environment and provide recommendations for improvement where applicable
  • Performed analysis of network traffic using tools such as Wireshark and TcpVantage to identify potential threats or anomalies within the environment
  • Reviewing security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats; and providing recommendations to comply with an applicable cybersecurity framework
  • Develop and document processes to ensure consistent and scalable response operations and ensure continuous improvement to the firm's incident response plans
  • Ensure operational readiness though collaboration with the Cybersecurity Exercise and Drills team and the firm's crisis management functions
  • Experience with data center operations, virtual networks, and/or cloud
  • Provide accurate & priority driven analysis to detect, analyze, respond to and track security threats and vulnerabilities
  • Collaborated with other corporate functions including Information Technology, Internal Audit, Legal and Compliance, etc
  • To ensure that the organization maintains a strong security posture
  • Coordinate with Business Units and Technology teams to assist with incident response, remediation, and recovery efforts
  • Develop and maintain documentation, processes, procedures, and reports to improve the quality, consistency, effectiveness, and efficiency of SOC operations
  • Review, analyze, and respond to security events triggered through the security monitoring systems using Swimlane SOAR.

Wipro Technologies

SOC Analyst
05.2021 - 11.2021

Job overview

  • Security Incident Management and Log Analysis using Qradar,Splunk SIEM
  • Review, analyze, and respond to security events triggered through the security monitoring systems according to internal security procedures for cyber events
  • Monitor & investigate real time logs from different log sources like firewall, proxy, WAF, endpoints, IPS/IDS etc
  • 24x7 operations at SOC including incident detection, tracking and analyzing on real time basis, report generation etc
  • Detect, identify, and provide first-level incident handling of possible attacks and misuse activities
  • Detect alerts by monitoring the SIEM console, Rules, Reports and Dashboards
  • Document and escalate incidents that may have on-going or immediate impact to the environment
  • Escalate incidents to Senior SOC Analyst on suspected events for further analysis
  • Report the confirmed incident as per the Incident management process
  • Experience in detection and analysis of phishing emails
  • Collect supporting information in support of Incident Response activities
  • Monitoring alerts generated on Symantec DLP like USB policy, Cloud storage, HTTP policy, IP address policy where confidential information or data is breached
  • Communicating and interacting with end users to discuss further about alerts generated
  • Identify custom reporting requirements, translate requirements into SIEM technical specifications and implement changes
  • Preparing incident reports with complete analysis for critical alerts observed in the network.

IBM

SOC Analyst
01.2017 - 04.2021

Job overview

  • Real time Monitoring of Alerts using IBM QRadar and Solarwinds
  • Analyze offense, follow run book steps and create incidents for all true positive alerts
  • Monitor & investigate real time logs from different log sources
  • Validate, classify and open tickets for security incidents
  • Provide support and guidance to the team in case of any issues
  • Support daily SIEM operational activities, monitoring and reviewing within the information security environment
  • Responding to inbound security alerts, emails, and inquiries from the organization
  • Perform investigation of network and hosts/endpoints for malicious activity
  • Regular review of process and support documentation and amend where necessary
  • Preparing incident reports with complete analysis for critical alerts observed in the network
  • Providing support for incident response, including evidence collection, documentation, communications, and reporting
  • Good Experience in Health check, Patching & Vulnerability management
  • Managed & Configured Compliance tools ( Qualys,IBMBigfix, )
  • Log Monitoring (e.g., Windows, Unix, Linux, Networking, and Applications leveraging tools such as Qradar,Qulays)
  • Coordination & collaboration with technical teams and internal management
  • Closing the NCI's in SIM tool on time to avoid overdue of NCI's
  • Prepare audit reports and presents observations, recommendations, and management action plans to senior management

Qatar Steel

Security Engineer
06.2015 - 11.2016

Job overview

  • Lead and manage a team of 25 Engineers, report to Director-Technical
  • Implemented security measures to protect computer systems, data and networks
  • Review and validate Access controls of the users over consoles and servers
  • Experience in Change, Problem and Incident Management as per ITIL framework
  • Managing & Administrating Symantec endpoint protection rules for blocking ports & IP's
  • Preventing data loss and service interruptions
  • Managed the Websense for Email filtering for Whitelist & blacklist of emails
  • Created information security content (System of Applicability), Tech Specs and conducting Information Security Training and Awareness Sessions
  • Experience in implementing and managing BitLocker encryption

Wipro Technologies

Sr System Administrator
11.2014 - 06.2015

Job overview

  • Managed AD users and groups - creation of users, groups, OU and applying basic GPOs at OU level
  • Installed, configured & maintained both physical and virtual servers
  • Windows OS and ESXi installation on HP & Dell servers
  • Software distribution& OS deployment through SCCM 2012 & GFI-Languard
  • Managed HP blade servers through iLO and Dell servers through iDRAC
  • Maintained inventory through CMDB and active directory
  • Worked in a team of Service desk Engineers
  • Ensuring proper work progress, shift handover, data communication
  • Monitoring of network elements, and performance information on the 24x7
  • Providing first line support, surveillance, troubleshooting and resolving of all server related faults
  • Act as a focal point for all incidents and requests reported to the Service Desk.

Param Info
Dubai

Sr System Administrator
11.2013 - 03.2014

Job overview

  • Administrating Windows Servers 2003 & 2008 and ESX hosts
  • Managing Users and Groups in Active Directory
  • Managing the HP blade servers through ILO
  • Managing the Dell servers through DRAC
  • Administration of ESX servers, Virtual machines through Virtual Centre Server
  • Administrating the Vmotion&Svmotion
  • Creating the Virtual Machines
  • Working with Snapshots, Templates and Clones
  • Administrating the VCOPS
  • Administrating the Sophos Antivirus
  • Coordinating with the vendors for resolution of IT infrastructure related issues

JPMORGAN & CHASE

Specialization Sr
06.2012 - 10.2013

Job overview

  • Part of 24/7 Team, providing Support to Windows, VMware based servers remotely
  • Patch Management of Servers through SCCM, WSUS
  • Remediation of Servers
  • Administrating the Backup, Raid & Clusters
  • Working with Microsoft clustering servers
  • Administrating the backup tool Symantec NetBackup
  • Managing the clusters 2 node,3 node clusters
  • Monitoring tools like SNARE, PREFMON, ESM, SCOM, and NETCOOL
  • Administrating the Symantec & Sophos Antivirus

Etisalat
Dubai

System Engineer
08.2008 - 08.2011

Job overview

  • Administrating Windows Servers 2003 & 2008 and ESX hosts
  • Managing Users and Groups in Active Directory
  • Remediation of Servers
  • Windows OS and ESXi installation on HP & Dell servers
  • Worked on patch management through SCCM 2012 & GFI Languard
  • Managed HP blade servers through iLO and Dell servers through iDRAC
  • VMware ESXi install, configure 5.0, 5.1, 5.5 & 6 versions
  • VMware ESXi hosts cluster creation & configuration from the scratch
  • Created and configured VMware standard and distributed network switches
  • Administrating the Backup, Raid & Clusters
  • Administration of ESX servers, Virtual machines through Virtual Centre Server.

HCL
Mumbai

Desktop Support Engineer
08.2007 - 07.2008

Job overview

  • Installing and configuring of Active directory
  • Managed AD users and groups - creation of users, groups, OU and applying basic GPOs at OU level
  • Configuring and maintaining Cisco switches 2960
  • Configuration of WAN link between branches using Cisco router 1800
  • Monitoring the Bandwidth utilization of Lease Line using Solar wind
  • Planning and Implementing Group polices.

Education

KBN College Of Engineering
INDIA

from Computer Engineering
06.2007

Skills

  • Cybersecurity Analysis
  • Cybersecurity Compliance
  • Cybersecurity Support
  • Cybersecurity Administration
  • NIST Cybersecurity Framework
  • Application Security
  • Security Administration
  • Cybersecurity Frameworks
  • Cybersecurity Control
  • Register Security
  • Security Devices
  • Data Security
  • Project Management

Additional Information

  • Nationality: INDIAN
  • Marital Status: Married
  • Contact No:+974-70361384,+91-9916567427
  • Email Id:tauseef.ubaid@gmail.com
  • Skype Id:mohammed.tauseef.ubaid
  • Passport No: Z4150303
  • Passport Validity:16/04/2027
  • Driving Licenses: QATAR, UAE, INDIA

Certification

  • Certified Ethical Hacker (CEH)
  • ISO/IEC 27001 Lead Auditor
  • ITIL Foundation (V3)
  • Certified Splunk ES Analyst
  • Certified Digital Forensic Expert (CDFE)
  • Qualys Certification in Vulnerability Management & Policy Compliance
  • Cisco Certified Network Associate (CCNA)
  • Microsoft Certified Professional (MCP)
  • Vmware Certified Professional (VCP)






Languages

English
Advanced (C1)
Hindi
Advanced (C1)
Urdu
Advanced (C1)
Arabic
Beginner (A1)

Timeline

Cybersecurity Security Consultant

FIFA Supreme Committee
10.2022 - 05.2023

Cybersecurity Operations Lead

Malomatia
12.2021 - 10.2022

SOC Analyst

Wipro Technologies
05.2021 - 11.2021

SOC Analyst

IBM
01.2017 - 04.2021

Security Engineer

Qatar Steel
06.2015 - 11.2016

Sr System Administrator

Wipro Technologies
11.2014 - 06.2015

Sr System Administrator

Param Info
11.2013 - 03.2014

Specialization Sr

JPMORGAN & CHASE
06.2012 - 10.2013

System Engineer

Etisalat
08.2008 - 08.2011

Desktop Support Engineer

HCL
08.2007 - 07.2008

KBN College Of Engineering

from Computer Engineering

Similar Profiles

  • Omar Barham

    Omar BarhamOmar Barham

    Project Coordinator Lead. at Supreme Committee Qatar (FIFA World Cup)Project Coordinator Lead. at Supreme Committee Qatar (FIFA World Cup)

  • Neda Hasiri

    Neda HasiriNeda Hasiri

    Procurement & Contracts Senior Specialist at Supreme Committee for Delivery and LegacyProcurement & Contracts Senior Specialist at Supreme Committee for Delivery and Legacy

  • Sanjay Mital

    Sanjay MitalSanjay Mital

    SECRATARY at SUPREME COURT COMMITTEE ON ROAD SAFETYSECRATARY at SUPREME COURT COMMITTEE ON ROAD SAFETY

  • Grigorios Malamis

    Grigorios MalamisGrigorios Malamis

    Cybersecurity Consultant/Security Officer at Ianus Consulting LtdCybersecurity Consultant/Security Officer at Ianus Consulting Ltd

  • Toriola Oladipo

    Toriola OladipoToriola Oladipo

    Cybersecurity & IT Security Intern at UCEACybersecurity & IT Security Intern at UCEA

CREATE PROFILE
Mohammed Tauseef Ubaid