About
Cybersecurity Analyst with nearly 3 years of experience in enterprise and managed SOC environments, specializing in SIEM monitoring, EDR/XDR-based investigations, incident response, and vulnerability management. Experienced in reducing false positives through alert correlation, handling real-time security incidents, and collaborating with cross-functional teams to support remediation. Strong understanding of MITRE ATT&CK, SOC workflows, SLAs, and security standards aligned with ISO 27001 and NIST.
Skills & Expertise (52)
Work Experience
Security Managed Services Engineer
NTT DATA
May 2025 - Present
Investigate and triage 30–40+ security alerts per shift using SIEM and EDR/XDR platforms, ensuring timely incident response. Correlate SIEM, EDR, and XDR telemetry to reduce false positives by 20–25%, improving alert quality and analyst efficiency. Handle malware, phishing, brute-force, and endpoint incidents across branch and office environments, supporting faster containment and recovery. Perform incident analysis and basic root cause analysis, contributing to improved MTTR and accurate escalation to L2/L3 teams. Coordinate with L2/L3 teams and security vendor support by sharing logs and investigation findings for complex incidents. Collaborate with infrastructure, and application teams during incident remediation and vulnerability closure activities. Maintain clear incident documentation, shift handovers, and knowledge base updates, supporting smooth SOC operations and SLA compliance. Contribute to improving SOC workflows by documenting recurring false positives and EDR/XDR investigation patterns. Support team members during shift handovers by explaining alert context, findings, and next steps. Took ownership of small operational tasks, such as improving alert documentation and standard investigation checklists for recurring incidents.
Security Analyst
HCL TECH
Aug 2022 - Jul 2024
Monitored and analyzed enterprise SIEM alerts as part of 24x7 SOC operations. Validated EDR alerts and assisted in malware and suspicious endpoint activity investigations. Supported XDR-style investigations by correlating SIEM and endpoint telemetry to build incident timelines. Performed vulnerability scanning and validation, assisting in remediation tracking and closure for 30+ vulnerabilities across environments. Assisted in phishing investigations and prepared incident reports supporting ISO 27001 and NIST audits. Assisted in knowledge transfer sessions by sharing investigation approaches for malware, phishing, and endpoint alerts with team members.
Education
Bachelor of Technology (Computer Science & Engineering) - Sri Indu College of Engineering & Technology
- 2022 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation