About
Results-driven SOC Analyst with 1.7+ years of experience in 24x7 security monitoring, incident response, threat hunting, and vulnerability management. Skilled in analyzing and mitigating security threats using SIEM and EDR platforms including Splunk, IBM QRadar, Wazuh, CrowdStrike, and Microsoft Defender. Proven ability to reduce incident response time, strengthen client security posture, and deliver actionable Threat Advisory and Root Cause Analysis (RCA) reports.
Skills & Expertise (11)
Work Experience
Security Analyst
BLAZECLAN TECHNOLOGIES brand of ITC Infotech
Dec 2023 - Jun 2025
Working in Security Operation Center (24x7), monitoring of SOC events, detecting and preventing the Intrusion attempts. Prepared and delivered Threat Advisory Reports tailored to client-specific requirements, ensuring timely identification and mitigation of emerging threats. Manage ticketing processes using Freshservice and previously Jira, ensuring timely follow-ups and resolution. Monitor and review the events generated through Splunk, QRadar, Wazuh, EDR CrowdStrike, and CloudSEK tools in real time and generate alerts for threats to the organization. Perform real-time monitoring, investigation, log analysis, reporting, and escalation of security events from multiple log sources. Create filters, active channels, queries, rules, dashboards, etc. in Splunk for monitoring purposes. Monitor security alerts and raw logs, as well as alerts triggered in SIEM tools integrated with various devices like IDS/IPS, Firewalls, and Endpoint tools to ensure all company assets are protected from external attacks. Monitor 24x7 security alerts and targeted phishing sites using SIEM tools with the help of technologies such as Watermark, Referrer, Abuse mailbox, and similar sounding domains. Conduct website anti-malware and defacement monitoring with real-time alerting based on detected anomalies. Work on EDR tools by evaluating detections to identify risks and track findings for mitigation and remediation of threats and malware. Analyze email security threats including phishing and spam emails by: Investigating email headers Examining attachments and URLs Blocking malicious URLs and IPs at Proxy and Firewall Blocking malicious senders and domains in the Email Gateway Perform threat hunting and automated event detection to identify suspicious or malicious activity across the enterprise and continuously improve detection processes and related technology components. Review, analyze, and respond to security events triggered through security monitoring systems according to internal security procedures for cyber incidents. Escalate security incidents based on client SLAs by performing in-depth analysis of event payloads and providing meaningful mitigation recommendations to ensure business security. Fill and maintain the Daily Health Checklist to ensure operational security readiness. Send daily, weekly, and monthly reports to customers containing details about internet security, configuration changes, deny logs, failed logons, alert summaries, machines without antivirus protection, and overall network security status.
Education
Bachelor of Technology
2019 - 2022 · Afghanistan
Diploma
2015 - 2019 · Afghanistan
SSC
- 2015 · Afghanistan
