About
Results-driven SOC L2 Analyst and Security Engineer with 3+ years of hands-on experience in Security Operations Centre (SOC) environments. Specializing in alert triage, L2 escalation handling, threat hunting, incident response, log correlation, SIEM administration, and detection engineering. Managed 50+ daily alerts and investigated 15+ high-severity incidents per month at Deloitte, improving detection coverage by 30% and reducing MTTR by 25%. Proficient in IBM QRadar, Splunk SPL/AQL, Cortex XSOAR, Trend Micro Vision One XDR, AWS cloud security, Zero Trust architecture, MITRE ATT&CK use case development, Check Point Firewall, Wireshark, Nessus, and Metasploit.
Skills & Expertise (85)
Work Experience
Security Engineer – SIEM, XDR & Automation (SOC L2)
Deloitte
Aug 2023 - Present
Served as the L2 escalation point for complex incidents from L1 analysts; independently investigated high-fidelity alerts requiring deep log correlation across endpoint, network, and cloud telemetry. Managed alert triage for 50+ daily alerts; maintained SLA compliance through disciplined escalation, documentation, and resolution tracking in ServiceNow ITSM. Investigated 15+ high-severity incidents per month; conducted root cause analysis and IOC enrichment via threat intelligence feeds, and delivered post-incident reports to stakeholders. Designed and implemented 40+ SIEM detection rules aligned to MITRE ATT&CK, improving detection coverage by 30% and reducing false positives by 20%. Developed and automated incident response workflows using Cortex XSOAR playbooks integrated with ServiceNow ITSM, reducing MTTR by 25%. Integrated Trend Micro Vision One XDR with SIEM for unified threat visibility; deployed UEBA baselines across 40,000+ accounts to detect insider threats and compromised credentials. Onboarded 50+ enterprise log sources (firewalls, EDR, AWS CloudTrail, Windows/Linux) into SIEM; developed correlation rules for cloud-native threats including IAM abuse and unauthorized API calls. Implemented Zero Trust access controls with micro-segmentation and identity-based rules, reducing the lateral movement attack surface.
Cybersecurity Intern – SOC & VAPT
Purplesynapz
Feb 2023 - Jul 2023
Supported vulnerability assessments and web application penetration testing (OWASP Top 10) for enterprise clients; documented findings and remediation steps in formal VA reports. Assisted SOC analysts with SIEM alert triage, network traffic analysis, and anomaly detection using Windows and Linux event logs. Managed incident documentation, escalation procedures, and ITSM ticket management following structured SOC workflows.
Senior Market Research Analyst
Martlenz Knowledge Services
Mar 2021 - Nov 2022
Managed and executed research projects, ensuring data accuracy, quality, and timely delivery. Supervised and trained a team of analysts on data analysis, reporting, and process improvement; skills directly transferable to SOC reporting and monitoring. Developed dashboards and reports summarizing trends and patterns for stakeholders, delivering actionable insights to support strategic decision-making. Conducted data collection, trend identification, and report preparation, building analytical and problem-solving skills applicable to cybersecurity operations. Coordinated cross-functional activities, strengthening organizational, analytical, and communication skills.
Education
Master of Business Administration (MBA) – Marketing - Sinhgad Institute of Management
2018 - 2020 · Afghanistan
Bachelor of Engineering – Information Technology - Savitribai Phule Pune University
2012 - 2016 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Relocation
Depends on Offer
Skills (85)
Click a skill to find developers with the same skill
