Asad Noor

Assistant Manager – Data Center | Cybersecurity Engineer | SIEM & Detection Engineering

Lahore, Pakistan | asad.noor@postex.pk | linkedin.com/in/asadnoor951 | asad.kavren.pk | github.com/asadnoor951

🎉 Available for Opportunities

Cybersecurity Engineer and Assistant Manager – Data Center at PostEx (fintech/logistics), managing enterprise infrastructure security across 500+ endpoints. Specializing in SIEM engineering with Splunk Enterprise and Wazuh, detection engineering with 40+ MITRE ATT&CK-mapped rules, threat hunting, network security monitoring, and infrastructure security across Proxmox, VMware, MikroTik, and Cisco environments. Reduced false positive alert rate by 40% and achieved sub-2-minute MTTN. Actively growing expertise in web application penetration testing and bug bounty research.

● Experience

Assistant Manager – Data Center

PostEx — Lahore, Pakistan2022 – Present

Implemented Splunk Enterprise for centralized log aggregation covering local network, global WAN, core routers (MikroTik/Cisco), and all infrastructure assets (500+ endpoints). Enabled real-time threat monitoring, security visibility, infrastructure monitoring, and alert analysis.
Deployed Wazuh SIEM + XDR across 500+ endpoints. Engineered 40+ MITRE ATT&CK-mapped detection rules. Reduced false positive rate by 40% through systematic tuning methodology.
Implemented SOC automation pipeline using n8n integrating Wazuh with VirusTotal, AbuseIPDB, Telegram alerting, and JIRA ticket creation. Achieved mean time to notify under 2 minutes.
Designed and managed VLAN segmentation across enterprise network: Corporate, Server, Management, DMZ, and Security Monitoring segments with MikroTik ACL enforcement.
Managed infrastructure security for Proxmox VE hypervisor cluster, VMware ESXi, Windows Server/AD environments, and Linux servers. Implemented CIS benchmark hardening across all server classes.
Conducted web application security assessments and vulnerability testing on internal and customer-facing applications following OWASP Testing Guide methodology.
Deployed Security Onion with Suricata IDS and Zeek for network security monitoring. Configured custom Suricata rules and JA3/JA3S fingerprinting for encrypted traffic analysis.
Configured and hardened MikroTik RouterOS and Cisco IOS network devices including firewall rules, VPN (WireGuard/OpenVPN/IPSec), and port knocking for management access control.
Managed Active Directory domain including GPO security policies, privileged access controls, and AD security monitoring for lateral movement and Kerberoasting attack detection.

IT Infrastructure Engineer

Previous Organization — Lahore, Pakistan2020 – 2022

Managed Linux and Windows server infrastructure, virtualization environments, and network device administration
Implemented network monitoring solutions and conducted security assessments of internal systems
Configured and maintained firewall rules, VPN connections, and network segmentation

● Key Projects

Splunk Enterprise Production Deployment — Full SIEM deployment with 500+ endpoint coverage, Universal Forwarder management via GPO/Ansible, router syslog integration, 40+ SPL detection rules, and custom security dashboards
Wazuh SIEM + XDR — Open-source SIEM covering 500+ endpoints, custom XML detection rules, active response automation, FIM configuration, and Elastic Stack integration
Security Onion NSM — Network security monitoring with Suricata, Zeek, JA3 fingerprinting, custom IDS rules for DNS tunneling and C2 detection
Dockerized SOC Stack — Containerized Wazuh + ELK + TheHive + Cortex + MISP deployable in 15 minutes via Docker Compose
SOC Automation — n8n-based automation with IP enrichment (VirusTotal, AbuseIPDB), JIRA ticket creation, Telegram alerting; reduced MTTN to under 2 minutes
Threat Hunting Library — 12+ documented hypothesis-driven hunt exercises with Splunk SPL queries for LOLBins, beaconing, Kerberoasting, and DNS tunneling

● Technical Skills

Splunk Enterprise & ES

Wazuh SIEM / XDR

ELK Stack / Elastic Security

Security Onion

SIEM Engineering

Detection Engineering

Sigma Rules

Threat Hunting

MITRE ATT&CK Framework

Incident Response

Suricata IDS/IPS

Zeek / Bro

Network Security Monitoring

Proxmox VE

VMware ESXi

Docker / Compose

MikroTik RouterOS

Cisco IOS

Linux (Ubuntu/CentOS/RHEL)

Windows Server / AD

Web Application Security

Burp Suite Professional

Bug Bounty Research

Ansible Automation

Git / CI/CD

Python Scripting

Firewall Administration

VPN (WireGuard/IPSec)

● Certifications & Training

Splunk Core Certified User Splunk Fundamentals 1 TryHackMe Top 5% Hack The Box Active eJPT (in progress) CEH (planned)

Also completed: Wazuh Official Training, Elastic Security Fundamentals, TCM Security SOC Analyst Path

● Education

Bachelor of Science — Computer Science / Information Technology

University — PakistanGraduated [Year]

Contact Me LinkedIn Profile GitHub Portfolio