Nosherwan Saleem, Developer in Berlin, Germany
Nosherwan is available for hire
Hire Nosherwan

Nosherwan Saleem

Verified Expert  in Engineering

Security Engineer and Developer

Berlin, Germany

Toptal member since October 31, 2022

Bio

Nosherwan is a senior information security professional with extensive experience in multi-cloud security and architecture, security governance and auditing, vulnerability assessment, and penetration testing. He is a certified incident handler and a GDAT-certified professional with a bachelor's degree in electrical engineering.

Portfolio

NortonLifeLock
Incident Response, Security Operations Centers (SOC), Blue Team...
Ebryx
Blue Team, Incident Response, Information Security...

Experience

  • SecOps - 5 years
  • Network Security - 4 years
  • Incident Response - 4 years
  • Security Operations Centers (SOC) - 4 years
  • Architecture - 3 years
  • SIEM - 3 years

Availability

Part-time

Preferred Environment

Amazon Web Services (AWS), Azure, Splunk, ELK (Elastic Stack), Windows, Linux

The most amazing...

...thing I've designed and deployed is security monitoring for a mega-corporation.

Work Experience

Principal Information Security Analyst

2021 - PRESENT
NortonLifeLock
  • Monitored security and incident response activities along with playbook creation.
  • Performed purple teaming exercises to create new rulesets and fine-tune the old ones.
  • Tracked threats to identify previously unknown or ongoing non-remediated ones.
Technologies: Incident Response, Security Operations Centers (SOC), Blue Team, Amazon Web Services (AWS), Azure

Senior Security Engineer

2018 - 2020
Ebryx
  • Engaged, planned, and developed security incident response, ensuring its readiness.
  • Tracked issues and managed projects using Agile and Scrum methodologies.
  • Chased threats, assessed compromises for enterprise environments, and created playbooks for implemented security while researching new security tools and products.
Technologies: Blue Team, Incident Response, Information Security, Security Operations Centers (SOC)

Network Traffic Sniffer

The project was done using Python, and it was about a network traffic monitor to find DNS NXDOMAIN requests checks if the domain is present in an open source threat exchange platform. The NXDOMAIN is a DNS message type received by the DNS resolver, i.e., client, when a request to resolve a domain is sent to the DNS and cannot be resolved to an IP address. An NXDOMAIN error message means that the domain does not exist. Requests to NXDOMAINS might indicate a bot utilizing a domain-generating algorithm (DGA) to participate in a botnet or web browser hijacking.

SOC Deployment for Various Companies

I have played a leading role in designing the security architecture of many giant companies with complex networks. I also managed security monitoring tools deployment and integration, including Splunk, QRadar, and ELK. The trickiest part was system logs collection using custom scripts from segregated VLANs.

SIEM Deployment and Integration

I worked with SIEM deployment in a complex environment and integrated all log sources. The SIEM knowledge covers Splunk, QRadar, LogRhythm, ELK, and Wazuh. It also includes post-deployment activities such as custom logs sources integration.
2014 - 2018

Bachelor's Degree in Electrical Engineering

National University of Sciences and Technology (NUST) - Islamabad, Pakistan

SEPTEMBER 2022 - SEPTEMBER 2026

GIAC Defending Advanced Threats (GDAT)

GIAC

OCTOBER 2021 - OCTOBER 2025

GIAC Certified Incident Handler (GCIH)

GIAC

JANUARY 2019 - PRESENT

IBM Certified Associate Analyst - Security QRadar SIEM V7.2.6

IBM

Tools

IBM QRadar, ELK (Elastic Stack), Splunk, Squid Proxy Server

Platforms

Windows, Linux, Amazon Web Services (AWS), Azure

Languages

Python

Paradigms

Penetration Testing

Industry Expertise

Network Security

Other

Blue Team, Incident Response, Information Security, Security Operations Centers (SOC), Cyber Threat Hunting, Security, Endpoint Protection, Security Policies & Procedures, Analysis, Programming, Power Shell Commands, Vulnerability Assessment, Malware Removal, Information Gathering, SIEM, SecOps, Architecture, Incident Handling, Application Security, Networking, SSL Certificates, Security Monitoring, Security Architecture, GIAC Certifications

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring