Skip to main content
Abdul Hafidh K AAA
Open to opportunities

Abdul Hafidh K A

@abdulhafidhka

Incident response and threat hunting consultant delivering DFIR, SIEM engineering, and SOC advisory for enterprise security teams.

India
Message

What I'm looking for

I’m looking to lead MITRE ATT—CK-aligned threat hunting and detection engineering, strengthen SIEM/XDR coverage, and modernize SOC workflows with measurable outcomes across global and GCC environments.

I’m an Incident Response and Threat Hunting Consultant with nearly 4 years of experience delivering enterprise-scale DFIR, threat hunting, SIEM engineering, and SOC advisory engagements across telecom, banking, fintech, manufacturing, government, and critical infrastructure sectors. I specialize in ransomware response, digital forensics, threat containment, and MITRE ATT—CK-aligned hunting across Windows, Linux, and hybrid enterprise environments.

In my current role, I serve as a long-term SIEM SME, owning IBM QRadar administration and leading detection tuning and threat hunting operations for an environment processing ∼25,000 EPS from 3,000+ log sources. I run hypothesis-led threat hunting covering 70+ MITRE ATT—CK hypotheses, fine-tune Splunk detections, and engineered new detections for persistence, credential access, and lateral movement. I also delivered a 6-week onsite GCC telecom SIEM engineering engagement, leading ELK Stack upgrades for ∼600 GB/day ingest, building 7 SOC dashboards and 25 use cases.

I focus on practical, measurable security improvements—expanding adversary visibility while reducing false positives by ∼38% and improving investigation gaps. I author IR playbooks, SOPs, and forensic procedures for ransomware, email compromise, lateral movement, insider threat, and malware scenarios that enterprise SOC teams adopt, backed by hands-on expertise across IBM QRadar, Splunk, ELK Stack, Microsoft Sentinel, SentinelOne XDR, and Wazuh.

Experience

Work history, roles, and key accomplishments

EY Technology Consulting logoEC
Current

Incident Response & Threat Lead

Sep 2024 - Present (1 year 10 months)

Serves as SIEM SME and security advisor for a network services client, owning IBM QRadar administration, detection tuning, and MITRE ATT&CK-aligned threat hunting. Leads onsite SIEM engineering and detection optimization for GCC telecom operations, building dashboards and use cases to support SOC monitoring.

EY Technology Consulting logoEC

Incident Response Associate Consultant

Sep 2023 - Sep 2024 (1 year)

Supported ransomware response and digital forensics across enterprise manufacturing infrastructure, including evidence collection, IOC scanning, Redline analysis, and containment/recovery coordination. Performed host and network investigations, executed QRadar SIEM migration, and led email compromise/phishing investigations with evidence preservation and chain-of-custody.

EY Technology Consulting logoEC

Security Operations Senior Analyst

Aug 2022 - Sep 2023 (1 year 1 month)

Administered internal SOC tooling including Splunk and related monitoring infrastructure, and served as SPOC for a FortiGate firewall migration. Developed ELK/Logstash ingestion pipelines, supported breach and attack simulation and SOC maturity assessments, and contributed to incident response investigations and ISO 27001:2022 audit activities.

Education

Degrees, certifications, and relevant coursework

NE

NSS College of Engineering

Bachelor of Technology, Electronics & Communication Engineering

2018 - 2022

Earned a Bachelor of Technology in Electronics & Communication Engineering from NSS College of Engineering (2018–2022).

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan