About
Security Operations Engineer with 6 years of experience including 4+ years in 24×7 SOC environments specializing in SIEM monitoring, incident response, threat intelligence integration, and security operations optimization. Experienced in proactive threat detection, log analysis, escalation management, and false positive reduction across enterprise environments. Understanding of MITRE ATT&CK, Cyber Kill Chain, and structured incident response lifecycle aligned with NIST principles. Proven ability to monitor security alerts, investigate suspicious activity, respond to incidents within SLA, document response actions, and continuously enhance detection capabilities through tuning and automation support.
Skills & Expertise (12)
Work Experience
Information Security Analyst
WNS Global Services
May 2024 - Sep 2024
Conducted 24×7 monitoring of IBM QRadar Cloud SIEM, analyzing logs across endpoints, servers, and network devices. Investigated endpoint alerts using CrowdStrike Falcon EDR, identifying malicious processes, suspicious parent-child relationships, and persistence mechanisms. Performed phishing and malware investigations using Microsoft Defender, validating payload behavior and IOCs. Leveraged Rapid7 InsightVM for vulnerability intelligence and risk prioritization. Reduced false positives through SIEM rule fine-tuning and threshold adjustments aligned with current threat landscape. Documented incident response workflows in ServiceNow and supported knowledge-sharing initiatives within SOC. Prepared daily and weekly threat analysis reports for management review.
Desktop Engineer
Green & Wise
Feb 2019 - Aug 2021
Provided 24×7 antivirus support for bank servers, ensuring endpoint security. Performed antivirus installation, updates, and troubleshooting. Managed backups, hardware inventory, and endpoint security configurations. Installed and configured new setups on Linux servers.
IT Security Analyst
Alchemy Techsol
Dec 2021 - Mar 2024
Monitored and analyzed security events in IBM QRadar SIEM to detect brute force attempts, privilege escalation, and suspicious authentication patterns. Investigated and mitigated DDoS attacks using Radware Anti-DDoS solutions. Managed enterprise email security via Trend Micro IMSVA, detecting phishing campaigns and malicious attachments. Conducted structured log analysis across firewall, server, and proxy logs to identify anomalies. Supported incident documentation, reporting, and escalation workflows aligned with SOC best practices.
Security Engineer
Hitachi systems India Pvt ltd
Apr 2025 - Present
Perform continuous security monitoring and analysis of security alerts using IBM QRadar SIEM, identifying anomalous activity and validating true positives. Investigate and respond to security incidents including suspicious traffic patterns, malware indicators, and policy violations. Conduct network traffic analysis using RSA NetWitness to detect exploit attempts, command and control patterns, and abnormal outbound communications. Used threat intelligence including IBM X-Force and VirusTotal into investigations to enhance detection accuracy. Optimize firewall security posture using AlgoSec, reducing misconfigurations and improving policy governance. Investigate ransomware indicators, suspicious authentication attempts, and privilege escalation events. Support continuous improvement initiatives by identifying gaps in detection logic and recommending tuning enhancements.
Education
Bachelor of Computer Applications - BAMU University Aurangabad
- 2020 · Afghanistan
H.S.C - Maharashtra State Board
- 2014 · Afghanistan
S.S.C - Maharashtra State Board
- 2012 · Afghanistan