Asad Noor

Assistant Manager – Data Center | Cybersecurity Engineer | SIEM & Detection Engineering

Lahore, Pakistan | asad.noor@postex.pk | linkedin.com/in/asadnoor951 | asadnoor.kavren.pk | github.com/asadnoor951

🎉 Available for Opportunities

Cybersecurity Engineer and Assistant Manager – Data Center at PostEx (fintech/logistics), managing enterprise infrastructure security across 500+ endpoints. Specializing in SIEM engineering with Splunk Enterprise and Wazuh, detection engineering with 40+ MITRE ATT&CK-mapped rules, threat hunting, network security monitoring, and infrastructure security across Proxmox, VMware, MikroTik, and Cisco environments. Reduced false positive alert rate by 40% and achieved sub-2-minute MTTN. Actively growing expertise in web application penetration testing and bug bounty research.

● Experience

Assistant Manager – Data Center

PostEx — Lahore, Pakistan2022 – Present

Implemented Splunk Enterprise for centralized log aggregation covering local network, global WAN, core routers (MikroTik/Cisco), and all infrastructure assets (500+ endpoints). Enabled real-time threat monitoring, security visibility, infrastructure monitoring, and alert analysis.
Deployed Wazuh SIEM + XDR across 500+ endpoints. Engineered 40+ MITRE ATT&CK-mapped detection rules. Reduced false positive rate by 40% through systematic tuning methodology.
Implemented SOC automation pipeline using n8n integrating Wazuh with VirusTotal, AbuseIPDB, Telegram alerting, and JIRA ticket creation. Achieved mean time to notify under 2 minutes.
Designed and managed VLAN segmentation across enterprise network: Corporate, Server, Management, DMZ, and Security Monitoring segments with MikroTik ACL enforcement.
Managed infrastructure security for Proxmox VE hypervisor cluster, VMware ESXi, Windows Server/AD environments, and Linux servers. Implemented CIS benchmark hardening across all server classes.
Conducted web application security assessments and vulnerability testing on internal and customer-facing applications following OWASP Testing Guide methodology.
Deployed Security Onion with Suricata IDS and Zeek for network security monitoring. Configured custom Suricata rules and JA3/JA3S fingerprinting for encrypted traffic analysis.
Configured and hardened MikroTik RouterOS and Cisco IOS network devices including firewall rules, VPN (WireGuard/OpenVPN/IPSec), and port knocking for management access control.
Managed Active Directory domain including GPO security policies, privileged access controls, and AD security monitoring for lateral movement and Kerberoasting attack detection.

Assistant Network Administrator

PostEx / CALL Courier — Lahore, PakistanMay 2023 – Dec 2024

Monitored and maintained network infrastructure health across firewalls, routers, and switches; supported early-stage security alert response and escalation.
Configured and maintained MikroTik RouterOS devices including OSPF/BGP routing protocols and L2VPN tunnels for high-availability inter-site connectivity.
Assisted in firewall rule updates, VLAN configuration, and network segmentation to enforce access control and zero-trust network principles.
Maintained network topology documentation, device configurations, firewall rule registers, and standard operating procedures for NOC handoffs.

Technical Support Engineer

StormFiber — Lahore, PakistanFeb 2023 – May 2023

Diagnosed and resolved network faults at L1/L2/L3; escalated unresolved cases per defined SLA procedures.
Coordinated with field engineers and NOC teams to restore service availability during network outages.
Provided first-line technical support to residential and business customers for fiber-optic internet services.

● Key Projects

Splunk Enterprise Production Deployment — Full SIEM deployment with 500+ endpoint coverage, Universal Forwarder management via GPO/Ansible, router syslog integration, 40+ SPL detection rules, and custom security dashboards
Wazuh SIEM + XDR — Open-source SIEM covering 500+ endpoints, custom XML detection rules, active response automation, FIM configuration, and Elastic Stack integration
Security Onion NSM — Network security monitoring with Suricata, Zeek, JA3 fingerprinting, custom IDS rules for DNS tunneling and C2 detection
Dockerized SOC Stack — Containerized Wazuh + ELK + TheHive + Cortex + MISP deployable in 15 minutes via Docker Compose
SOC Automation — n8n-based automation with IP enrichment (VirusTotal, AbuseIPDB), JIRA ticket creation, Telegram alerting; reduced MTTN to under 2 minutes
Threat Hunting Library — 12+ documented hypothesis-driven hunt exercises with Splunk SPL queries for LOLBins, beaconing, Kerberoasting, and DNS tunneling

● Technical Skills

Splunk Enterprise & ES

Wazuh SIEM / XDR

ELK Stack / Elastic Security

Security Onion

SIEM Engineering

Detection Engineering

Sigma Rules

Threat Hunting

MITRE ATT&CK Framework

Incident Response

Suricata IDS/IPS

Zeek / Bro

Network Security Monitoring

Proxmox VE

VMware ESXi

Docker / Compose

MikroTik RouterOS

Cisco IOS

Linux (Ubuntu/CentOS/RHEL)

Windows Server / AD

Web Application Security

Burp Suite Professional

Bug Bounty Research

Ansible Automation

Git / CI/CD

Python Scripting

Firewall Administration

VPN (WireGuard/IPSec)

● Certifications & Training

Splunk Core Certified User Splunk Fundamentals 1 TryHackMe Top 1% Hack The Box Active eJPT (in progress) CEH (planned)

Also completed: Wazuh Official Training, Elastic Security Fundamentals, TCM Security SOC Analyst Path

● Education

Bachelor of Science — Computer Science / Information Technology

University — PakistanGraduated 2022

Contact Me LinkedIn Profile GitHub Portfolio