Abdul Hafidh K A
@abdulhafidhka
Incident response and threat hunting consultant delivering DFIR, SIEM engineering, and SOC advisory for enterprise security teams.
What I'm looking for
I’m an Incident Response and Threat Hunting Consultant with nearly 4 years of experience delivering enterprise-scale DFIR, threat hunting, SIEM engineering, and SOC advisory engagements across telecom, banking, fintech, manufacturing, government, and critical infrastructure sectors. I specialize in ransomware response, digital forensics, threat containment, and MITRE ATT—CK-aligned hunting across Windows, Linux, and hybrid enterprise environments.
In my current role, I serve as a long-term SIEM SME, owning IBM QRadar administration and leading detection tuning and threat hunting operations for an environment processing ∼25,000 EPS from 3,000+ log sources. I run hypothesis-led threat hunting covering 70+ MITRE ATT—CK hypotheses, fine-tune Splunk detections, and engineered new detections for persistence, credential access, and lateral movement. I also delivered a 6-week onsite GCC telecom SIEM engineering engagement, leading ELK Stack upgrades for ∼600 GB/day ingest, building 7 SOC dashboards and 25 use cases.
I focus on practical, measurable security improvements—expanding adversary visibility while reducing false positives by ∼38% and improving investigation gaps. I author IR playbooks, SOPs, and forensic procedures for ransomware, email compromise, lateral movement, insider threat, and malware scenarios that enterprise SOC teams adopt, backed by hands-on expertise across IBM QRadar, Splunk, ELK Stack, Microsoft Sentinel, SentinelOne XDR, and Wazuh.
Experience
Work history, roles, and key accomplishments
Serves as SIEM SME and security advisor for a network services client, owning IBM QRadar administration, detection tuning, and MITRE ATT&CK-aligned threat hunting. Leads onsite SIEM engineering and detection optimization for GCC telecom operations, building dashboards and use cases to support SOC monitoring.
Supported ransomware response and digital forensics across enterprise manufacturing infrastructure, including evidence collection, IOC scanning, Redline analysis, and containment/recovery coordination. Performed host and network investigations, executed QRadar SIEM migration, and led email compromise/phishing investigations with evidence preservation and chain-of-custody.
Administered internal SOC tooling including Splunk and related monitoring infrastructure, and served as SPOC for a FortiGate firewall migration. Developed ELK/Logstash ingestion pipelines, supported breach and attack simulation and SOC maturity assessments, and contributed to incident response investigations and ISO 27001:2022 audit activities.
Education
Degrees, certifications, and relevant coursework
NSS College of Engineering
Bachelor of Technology, Electronics & Communication Engineering
2018 - 2022
Earned a Bachelor of Technology in Electronics & Communication Engineering from NSS College of Engineering (2018–2022).
Availability
Location
Authorized to work in
Job categories
Interested in hiring Abdul?
You can contact Abdul and 90k+ other talented remote workers on Himalayas.
Message AbdulGet matched with your dream remote job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
