About
Cybersecurity Specialist with strong hands-on experience in SIEM, EDR, and Vulnerability Assessment. Skilled in ArcSight SIEM, SentinelOne, CrowdStrike Falcon, incident response, threat hunting, and MITRE ATT&CK–based detection to improve security posture and reduce risk. 4+ years of Dedicated Security Analyst able to respond to a wide range of challenges with a focused and creative approach. Highly effective at problem solving and decision making Total 10+ YEARS of progressive IT& Telecom ISP experience.
Skills & Expertise (40)
Work Experience
Cyber Security Specialist
Arsenal Infosolution Pvt. Ltd.
Sep 2025 - Present
Monitored and investigated SentinelOne EDR alerts using Storyline attack timelines. Investigated advanced endpoint threats using Storyline attack visualization in SentinelOne to determine full attack scope and impact. Executed rapid endpoint isolation, process kill, quarantine, rollback, and remediation to stop active compromises. Performed malware behavior and persistence analysis to identify C2 activity, privilege escalation, and lateral movement. Led end-to-end incident response including triage, containment, eradication, recovery, and post-incident RCA. Developed and tuned SIEM correlation rules, alerts, and dashboards to strengthen real-time threat detection. Correlated EDR, SIEM, firewall, and authentication logs to validate incidents and reduce false positives. Contributed to HLD/LLD design, detection tuning, and SOC process improvement for stronger security architecture. Supported proactive threat hunting, IOC enrichment, and MITRE-aligned detection engineering to enhance defense maturity. Detected and contained malware, ransomware, fileless attacks, and LOLBins abuse across enterprise environments.
Security Operations, Technical Security Support & Network Support
Link Quest Global South Africa (Pty) Ltd.
Sep 2019 - Feb 2025
Installed, configured, and upgraded ArcSight ESM, Logger, SmartConnectors, and ArcMC. Integrated log sources from Windows, Linux, Firewalls, WAF, Databases, and Cloud. Developed and tuned correlation rules, filters, and dashboards for phishing, brute force, and malware alerts. Performed ArcSight health checks (EPS monitoring, CPU/memory utilization, license usage, DB performance). Conducted ArcSight backup and recovery for ESM/Logger configurations and active channels. Validated event flow end-to-end (Log Source → Connector → ESM → Active Channel → Dashboard → SOAR). Developed FlexConnectors and MITRE ATT&CK–aligned correlation rules. Tuned rules, filters, and active channels to reduce false positives. Automated dashboards and reports for SOC leads. Created XSIAM UEBA dashboards to detect anomalous user and entity behavior.
Technical Support & NOC Support
Link Quest Telecom Pty Ltd.
Jan 2016 - Jan 2019
Monitored and analyzed network performance (LAN/WAN) to ensure uptime and reliability. Monitored telecom and IT networks for uptime, latency, and performance issues. Performed KPI and RF drive test analysis to optimize telecom network coverage and performance. Investigated call drops, signal issues, and QoS-related concerns in telecom networks. Maintained network documentation and escalated unresolved issues to senior engineers.
RF Engineer
Uniinfo Telecom Services Ltd.
Jan 2013 - Jan 2015
RF Engineer responsibilities.
Education
B.Tech(ECE) - RGPV University
- 2012 · Afghanistan
