Cybersecurity Portfolio — 2026

FAIZAN
/SHAKIR

SOC Analyst & Threat Hunter specializing in enterprise monitoring, intrusion analysis, and automated threat detection.

↓ check out my featured projects

Honey Encrypt

🔐 Encrypt files with active decoy traps

Email Analyzer

🕵️ Analyze phishing emails & check VirusTotal

operator@fs-soc — terminal ● LIVE

Terminal

Chronicle SIEM

Cortex XDR

Threat Intel

12Alerts Today

482Threats Blocked

99.98%Uptime

3.8mMTTR

Faizan Shakir SecOps Terminal [Version 2.4.0]

Type 'help' to view available operations.

operator@fs-soc:~$

Chronicle Google SecOps Feed - Active Monitoring

Querying YARA-L detection rules database...

Real-time Detections ● LIVE

Kerberoasting AttemptCRITICAL

Suspicious PowerShellMEDIUM

SQL Injection PatternHIGH

Brute Force (SSH)LOW

Alert Activity (Hourly)

09:00 [███████░░░] 70%
10:00 [█████████░] 90%
11:00 [████░░░░░░] 40%
12:00 [██████████] 100%

WARNING: Unresolved alert #9024: Possible lateral movement via WinRM.

Palo Alto Cortex XDR Integration Active

HOST_01: Secure

HOST_02: Alerting

HOST_03: Secure

[02:14:02] Event telemetry initialized.
[02:18:40] Asset registry updated. 104 agents active.
[02:22:15] Analyzed 1,402 files on endpoints.
[02:24:00] Threat Prevention Engine: 0 critical infections found.

Taxii/STIX Threat Intelligence Feeds

Campaigns Tracked

182

New IOC Hashes

Malicious IPs

Latest IOC Feeds Added:

- Hash MD5: 9a01f92e01b34e... (Emotet variant)
- IP: 185.220.101.4 (Known TOR exit node)
- Domain: login-verification-verify.com (Phishing)

Scroll

Education

BACKGROUND
& TRAINING

'26

Currently enrolled & advancing

Pitman Advanced IT Security Engineering Diploma

Currently diving deep into this elite program, mastering 11 cutting-edge cybersecurity courses. Built for the modern threat landscape.

Training for CompTIA Security+ and CySA+ certifications
Cloud expertise — AWS Certified Cloud Practitioner & Microsoft Azure Fundamentals
Advanced skills in threat hunting, penetration testing, and risk mitigation

CompTIA Security+

(ISC)² CC

Google Cyber

AZ-900

AWS CCP

Who I Am

THE
OPERATOR

I'm Faizan Shakir — a Defensive Security Analyst from Pakistan with over 3 years in cybersecurity and SOC operations. Currently working as a SOC Analyst L1 at CyberMarks by TMC, monitoring enterprise environments using Google SecOps (Chronicle).

Proficient in Splunk, ELK Stack, and Chronicle SIEM with hands-on experience in threat hunting, detection engineering, and incident response. I write YARA-L queries, extract IOCs, and run escalation workflows that cut MTTR.

I've deployed Palo Alto Firewalls, simulated Kerberoasting and SQL injection attacks, and built custom Python tools — including the Faizan Email Analyzer with VirusTotal integration — to automate phishing investigation.

SOC Analyst L1 — CyberMarks by TMC

Jan 2026 – Present · Lahore, PK

Jr. SOC Analyst — SecureBytes Solutions

Jun 2025 – Jan 2026 · Lahore, PK

Cybersecurity & Community Support — FiveM Community

Jan 2019 – Sep 2022 · Remote

Years in Cybersecurity

Certifications Earned

30%

DDoS Downtime Reduced

40K

Community Members Protected

Capabilities

SKILL
MATRIX

Threat Detection90%

Incident Response85%

Malware Analysis80%

Phishing Analysis85%

SIEM Operations88%

Tools & Platforms

Splunk Elastic Stack IBM QRadar MS Sentinel CrowdStrike SentinelOne VirusTotal ServiceNow Wireshark Cortex XSOAR MISP AlienVault OpenVAS Graylog TheHive

Verified

CERTIFICATIONS

CompTIA Security+

Security basics, risk management & network protection.

EC-Council CSA

Certified SOC Analyst — monitoring, IR & SIEM ops.

Microsoft SC-200

Security Operations with Microsoft Sentinel & threat defense.

CompTIA CySA+

Threat hunting & vulnerability management specialist.

Google Cybersecurity

Cloud security, risk management & security operations.

(ISC)² CC

Security principles, access controls & network defense.

TryHackMe Lvl 1

Foundational hacking & defense challenges mastered.

TryHackMe Lvl 2

Network security & penetration testing at intermediate level.

BTL1

Blue Team Level 1 — IR, threat hunting & defensive ops.

View on GitHub ↗

SELECTED
PROJECTS

Honey Encrypt (HoneyVault)

A defense-centric encryption system that plants dummy/honey tokens. If access is attempted by a threat actor, it automatically fires alert triggers to the SOC.

PythonCryptographyDeception Sec

Phishing Analysis Toolkit & Email Analyzer

Automated analysis of suspicious email headers and bodies. Features deep IOC extraction and multi-threat intelligence mapping utilizing VirusTotal APIs.

PythonVirusTotalEmail Forensics

SIEM Detection Rules & Logs Parser

A collection of optimized Microsoft Sentinel KQL and Google SecOps YARA-L rules to catch common intrusion chains, brute forces, and credential dumping.

KQLYARA-LThreat Detection

Malware Analysis Sandbox Lab

An isolated testing range configured with FLARE VM, REMnux, Wireshark, and custom logging setups to examine host and network behaviors of file samples securely.

VirtualizationREMnuxHost Auditing

60 Days of SOC Challenge

Over 60 days of documented defensive operational workflows detailing incident handling, log reviews, threat hunting, and report building.

SOC OperationsIncident ResponsePlaybooks

Get In Touch

LET'S
CONNECT

Open to opportunities, collaborations, and threat intel discussions. Reach out on any platform.

linkedin.com/in/muhmmadfaizanshakir github.com/Iamfazi1 tryhackme.com/p/faizanshakir123

// ACCESS GRANTED //

  ██████╗ ██╗    ██╗███╗   ██╗███████╗██████╗ 
  ██╔═══██╗██║    ██║████╗  ██║██╔════╝██╔══██╗
  ██║   ██║██║ █╗ ██║██╔██╗ ██║█████╗  ██║  ██║
  ██║   ██║██║███╗██║██║╚██╗██║██╔══╝  ██║  ██║
  ╚██████╔╝╚███╔███╔╝██║ ╚████║███████╗██████╔╝
   ╚═════╝  ╚══╝╚══╝ ╚═╝  ╚═══╝╚══════╝╚═════╝

You found the Konami Code! You're clearly a person of culture. 🎮

⬆⬆⬇⬇⬅➡⬅➡ B A — Legend has it this unlocks god mode. It doesn't. But you're cool now.

[ CLOSE // ESC ]

● LIVE — soc-analyst online

Pitman Advanced IT Security Engineering Diploma

Tools & Platforms

Project Title