About
Cybersecurity analyst specializing in SOC operations, advanced threat detection, and response orchestration, applying multi-SIEM and EDR telemetry to interpret attacker behavior, surface high-fidelity alerts, and strengthen organizational cyber defense posture. Experienced in network & endpoint security telemetry analysis, leveraging data from firewalls, NIDS/HIDS, and endpoint protection platforms to support intrusion validation, event correlation, and informed decision-making during active investigations. Focused on detection quality and security hardening, contributing to reduced alert noise through SIEM tuning, policy refinement, SSL certificate lifecycle governance, and micro-segmentation initiatives that enhance visibility and minimize lateral movement risk. Competent in synthesizing threat intelligence, vulnerability exposures, and operational findings into concise technical documentation and client-ready summaries that drive remediation prioritization, risk mitigation strategy, and continuous improvement of security operations.
Skills & Expertise (32)
Work Experience
Associate Security Analyst
Accenture
May 2021 - Jul 2023
Performed real-time security monitoring and incident management using LogRhythm SIEM and Microsoft EDR solutions. Tuned SIEM policies & alert rules to enhance detection accuracy & suppress repetitive false positives. Investigated recurring detection patterns and recommended improvements to reduce operational overhead. Conducted bi-weekly vulnerability & compliance assessments across organization's infrastructure. Mapped application dependencies and implemented micro-segmentation for 20+ applications using Illumio. Managed SSL certificate issuance via DigiCert, covering external Standard SSL and Multi-Domain SSL requirements. Presented security operation summaries during client review sessions to support decision-making. Mentored onboarded analysts to streamline knowledge transfer & improve operational continuity.
Cybersecurity Analyst Co-op
ISA Cybersecurity Inc.
Jan 2025 - Aug 2025
Analyzed network traffic and IDS alerts to identify intrusion attempts and assess attack vectors. Investigated security events across SIEM platforms (QRadar, Trellix, Splunk, Azure Sentinel) and SentinelOne EDR to determine exploit behavior and indicators. Reviewed logs from firewalls, NIDS, HIDS and system logs to assess severity, containment needs and escalation paths. Executed Tier I/II triage, applying containment and eradication procedures aligned with defined incident response workflow. Maintained detailed incident documentation and provided timely operational updates to leadership throughout the incident lifecycle. Researched emerging threats and vulnerabilities, producing advisory summaries outlining potential impacts, risks and recommended mitigations.
Education
Cyber Security & Computer Forensics - Lambton College
2023 - 2025 · Afghanistan
B.Tech. (Computer Science and Engineering) - Karunya Institute of Technology and Sciences
2017 - 2021 · Afghanistan
