Hossein Shirdeli Email & Phone Number

Dubai, United Arab Emirates

Director Manager SOC at RedCoNet LLC |Threat hunter | Blue team | DFIR

Tehran, Tehran, Iran

• Develop and present use cases to Management to improve security posture to effectively mitigate advanced threats
• Perform cyber security threat engineering activities with specific focus on countermeasure Tactics, Techniques and Procedures (TTPs)
• Help analyze findings in investigative matters, and develop fact-based technical reports detailing events over specified periods of time
• Knowledge of proper forensic investigation techniques when working with compromised system images or files
• Design and Implement various splunk components in clustered and distributed environment including: Enterprise Security Search Head, Monitoring Console, Search Head Cluster, Deployer Server, Cluster Master, Deployment.
• Define correlation queries, reports, alerts, dashboards, and workflow

Mehrabad, Airport

• responsible for detecting and assessing cybersecurity events and incidents across the Lowe’s environment. I am working among a team of skilled technicians to address complex or difficult problems as needed within a.
• Monitors security incident and event management (SIEM) and logging environments for security events and alerts to potential (or active) threats, intrusions, or compromises
• Assists with triage of service requests from customers and internal teams
• Escalates cybersecurity events according to Lowe’s Incident Response Plan
• Assists with containment of threats and remediation of the environment during or after an incident
• Documents event information for further investigation

Iran

• Assists with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
• Investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices
• Use threat intelligence to hunt for indications of compromise in log data and utilizing endpoint security tools
• Drive monitoring of security events using a ELK and other feeds, looking for significant events, and processing reports of unexpected network activity
• Responsible for reviewing malware infections and taking pertinent Incident Response (IR) Actions to mitigate Security Incidents.

Tehran Province, Iran

• Professional level understanding of TCP and UDP including the ability to identify root cause of elusive problems through packet capture analysis
• Deployed, configured, managed and implemented Sophos, Fortigate Firewalls
• Implementing and managing Fortinet Web Application Firewall to block intrusion attempts
• Configured, managed, monitored and analyzed IDS/IPS Signatures Attacks, Firewalls log, Systems, Applications and Security Event Log for comprehensive security monitoring and vulnerability management.
• Concentrated on the design of the bank's Network/Network Security, as well as troubleshooting and/or debugging network-related problems
• Optimized project scheduling to reduce cycle time; organized cross-functional teams, and resolvedengineering design and test problems.

Tehran Province

Master'S Degree, Network Security

Bachelor'S Degree, Information Technology