About
Experienced as Security Engineer with 5.9 years of experience in Cyber security. Excellent hands-on experience in Splunk SIEM, EDR, Endpoint security administration, and Phishing email analysis. Possess strong problem-solving skills and knack for logical thinking. Adapt quickly to new technologies and work well in collaborative team environments. Communicate effectively, ensuring clarity in project requirements and feedback. Eager to leverage analytical abilities and creativity to contribute to innovative security solutions.
Skills & Expertise (36)
Work Experience
Security Consultant
Virtusa
Jun 2021 - May 2023
Splunk SIEM monitoring includes licence monitoring, indexer storage volume monitoring, Splunk application daily health-check monitoring, and event and incident monitoring. Hands-on experience in installation, configuration, and management of Microsoft Exchange Servers 2016 and above. Configure and manage dashboards, notebooks, data connectors, and playbooks in Azure Sentinel. Hunt security threats using Azure Sentinel.
Security Engineer
Accenture
Feb 2023 - Present
Performed 24/7 real-time monitoring of security alerts using SIEM platforms including Splunk, QRadar, and Azure Sentinel. Monitored logs from firewalls, endpoints, Windows/Linux servers, IDS/IPS, email security systems, and cloud platforms. Conducted initial alert triage by validating source/destination IP, ports, usernames, hostnames, timestamps, and event types. Identified false positives and true positives through event correlation and log analysis. Created and managed incident tickets in ServiceNow ensuring SLA compliance. Led investigation and response for High and Critical (P1/P2) security incidents across enterprise network, endpoint, cloud, and email environments within a 24/7 SOC operation.
Security Analyst
Standav Corp
Dec 2020 - Jun 2021
Experienced in conducting investigations of static analysis and dynamic analysis of IOCs using sandbox environments. Working experience in a SOC environment with hands-on experience using the SIEM Splunk tool, which includes log analysis, fine-tuning existing correlation rules to reduce false positives, and responding to incidents.
Security Analyst
ASK Consulting
Dec 2019 - Aug 2020
Working in the Security Operation Centre (24x7), monitoring SOC events, and detecting and preventing intrusion attempts. Monitoring, analysing, and responding to infrastructure threats, and vulnerabilities. Collecting the logs of all the Windows, Linux, and network devices, and analysing the logs to find suspicious activities.
Education
B.S.C: Computer Science - Osmania University
- · Afghanistan