About
Experienced SOC Analyst with 3+ years of experience and adept at managing security incidents using tools like IBM QRadar, Splunk, Sentinel, SentinelOne, Carbon Black, Falcon CrowdStrike, Microsoft Defender ATP, Palo Alto firewalls, Proofpoint, Mimecast, Qualys Guard, Symantec Endpoint Protection, TrendMicro, and McAfee. Skilled in network traffic analysis, event log review, and system monitoring. Proficient in ServiceNow and Jira for incident tracking. Dedicated to staying updated on emerging threats and improving incident response workflows. Experienced in managing cloud security in AWS and Azure environments, configuring firewalls like Palo Alto and Zscaler, and administering email security solutions such as Proofpoint, Symantec, and Mimecast.
Skills & Expertise (41)
Work Experience
Cyber Security Analyst
Hexagon
Aug 2022 - Present
Investigated alerts from SIEM tools such as IBM QRadar, Splunk and Sentinel as well as EDR solutions like SentinelOne, Carbon Black, Falcon CrowdStrike, and Microsoft Defender ATP. Gathered and analyzed logs from Palo Alto firewalls, IDS/IPS systems, Windows DC, Cisco appliances, and antivirus/antimalware software (TrendMicro, McAfee) to aid in incident containment and investigation. Utilized other security tools such as IDS, IPS, and DLP for comprehensive threat detection and prevention. Analyzing logs for AWS Services such as VPC, Cloud trail, Cloud Watch, ELB, etc. working on detection and incidents created by the Antimalware solution. Utilized email gateway solutions such as Mimecast, Proofpoint, Cofense, IronPort, and O365 to enhance email security. Engaged in phishing analysis using Proofpoint, identifying malicious emails and assisting in user awareness campaigns. Opened and managed incidents in ITSM platforms such as ServiceNow and Jira, documenting all details related to logs, alarms, and indicators in compliance with SLAs. Analyzed and investigated network traffic, focusing on TCP/IP patterns and event logs to identify and respond to malicious activities. Monitored and analyzed firewall logs from Palo Alto, Zscaler, Fortinet, and Cisco ASA. Conducted regular fine-tuning of security alerts and configurations to reduce the incidence of false positives, streamlining the alerting process and enhancing detection efficiency. Actively engaged in continuous learning and professional development to stay abreast of the latest security trends, vulnerabilities, and attack vectors, thereby strengthening the organization’s defenses. Create and modify Kusto Queries (KQL functions) for Azure Sentinel analysis and investigations. Performed comprehensive investigations of security incidents using CrowdStrike, Carbon Black, Cybereason, and Microsoft Defender ATP for endpoint detection and response. Coordinated with L3 analysts on complex activities and escalations. Performed malware analysis and sandboxing using tools like Falcon CrowdStrike and Cybereason, assessing potential threats to the environment. Stayed updated with the latest cyber threats and vulnerabilities, sharing knowledge and insights with the team. Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources.
Education
B.Tech - Chaitanya Engineering College, Jawaharlal Nehru Technological University
- 2022 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (41)
Click a skill to find developers with the same skill
