About
Accomplished Security Operations Center Analyst seeking a challenging position in a Security Operations Center (SOC), I bring a robust 2 years and 6 months of experience in the cybersecurity domain, underscored by a proactive approach to threat identification and neutralization. Distinguished by my ability to detect and respond to real-world cyber threats, I have excelled in roles requiring rigorous analytical skills, advanced security operations acumen, and clear, effective communication. My tenure in cybersecurity is marked by continuous progression, from hands-on threat resolution to the development of innovative security strategies that have significantly enhanced SOC capabilities. As a vigilant guardian in the evolving digital landscape, I offer a unique blend of technical proficiency, strategic vision, and a relentless pursuit of excellence to stay ahead of potential security breaches.
Skills & Expertise (52)
Work Experience
Associate Security Analyst
SISA Information Security Pvt. Ltd
Dec 2023 - Present
Monitoring the Critical and Serious Severity alerts on a regular basis from sentinel and CrowdStrike and reporting that incident into Critical Observations report. Proficiency in multi-source log analysis, leveraging a sophisticated event correlation framework to expedite the identification and investigation of potential threats, consistently adhering to stringent SLA parameters. Managed 24X7 SOC operations which include detection, tracking, and analyzing incidents, generating daily, weekly, and monthly reports. Reviewing Threat Intel from various available threats Intel sources and work with the available IOC to evaluate potential risk and take steps to re-mediate it. Monitoring and managing endpoint security tools (CrowdStrike). Configured and maintained Tenable Nessus for enterprise-wide vulnerability scanning and assessment. As an L1 SOC Analyst, I have been entrusted with round-the-clock surveillance and comprehensive analysis, delving deeply into the investigation of alerts raised by an array of security tools. Recognized as the standout performer within my team, I have significantly elevated the effectiveness of our Security Operations Center. Monitoring and analyzing logs of different security controls on Splunk ES Defender and triage of events as in SOP. Maintained 100% SLA compliance throughout the project life cycle. Consistently achieved the highest accolades in all performance evaluations to date, reflecting my dedication and superior skill set in the realm of cybersecurity. Additionally, Worked as a SIEM Engineer for three months, focusing on continuous security monitoring using an in-house ELK-based SIEM tool to detect and mitigate potential threats. Integrated and onboarded multiple data sources, including AWS, Azure, firewalls, servers, and databases, ensuring seamless log ingestion and event correlation. Designed and optimized the ELK Stack architecture, performing log parsing, dashboard creation, and use case fine-tuning to enhance visibility and detection accuracy. Acted as the Single Point of Contact (SPOC) for high-priority clients, conducting POCs, demos, and incident response simulations, earning an NPS score of 10/10 and client appreciation. Developed incident response playbooks, automated workflows with SaltStack and Redis, and maintained up-to-date SOPs and compliance reports (PCI DSS) for client operations.
Education
Bachelor of Engineering (BE) - Maharaja Institute of Technology
- 2023 · Afghanistan