LogRhythm Co-Pilot Imran Hafeez

Imran Hafeez

Senior Analytic Co-Pilot Consultant

My Role

I am a passionate blue team enabler. I support organizations with optimizing their security operations by providing expert guidance in the configuration, tuning, and long-term service of the LogRhythm Advanced Threat Analytics. My role as a Co-Pilot assists in the set up and ongoing use of specific Threat Analytics Suites such as MITRE ATT&CK, LogRhythm Network Detection & Response (NDR), and LogRhythm User End Behavior Analytics (UEBA).

I am frequently researching emerging threats in this ever-changing landscape of cybersecurity. I focus on practicing Detection Engineering and Threat Emulation with the ambition to also assist our customers with custom analytics and techniques for hunting advanced tactics, techniques, and procedures in their environments.

My Story

My journey in cybersecurity started in 2014 when I joined an Abuse Desk Team for an internet service provider in the UK. My role included investigation, analysis, and prioritization of all internet abuse complaints received by the team—dealing with incoming intelligence reports from law enforcement and the security operations center. I worked on high-priority campaigns such as Heartbleed, Gameover Zeus, Cryptolocker, Open DNS resolvers, and many more. Following this, I moved to an IT Security Team with another company, where my path to becoming a blue team defender began. All things, SIEM! Security monitoring, collaborating with red teams to enrich detection capabilities, alerting, and prevention of cyberthreats to the organization.

In 2017, I joined LogRhythm and worked in the UK office as part of the Technical Support team, troubleshooting and knowledge-sharing with our customers. I also gained insight into how different security operations utilized LogRhythm SIEM and learned terrific strategies to improve security postures and further augmentation of the SOC. In 2018, I moved to the Co-Pilot team and relocated to the Dubai office, where I could work alongside customers and become an extension of their teams.

I believe in the following: “If you do what you love, you’ll never work a day in your life.” For me, every day is an opportunity to learn something new, share knowledge, and contribute to the InfoSec community.

My Qualifications

BTEC National Diploma – Information Technology & Business

Comp TIA – Security+

Comp TIA – Cybersecurity Analyst (CySA+)

SANS – SEC599 – Defeating Advanced Adversaries – Purple Team Tactics & Kill Chain Defenses

MITRE Cyber Intelligence & SOC Assessments