About
CompTIA Security+ certified SOC analyst with hands-on experience in SIEM-based threat detection and incident investigation. Built enterprise SOC lab using Splunk to analyze 1,200+ attack logs and create detection queries for brute-force attacks. Hands-on in log analysis, SPL query development, and incident documentation aligned with MITRE ATT&CK. Seeking SOC L1 roles to contribute to 24/7 security operations.
Skills & Expertise (27)
Work Experience
SOC Analyst
Enterprise SOC Lab
Jun 2025 - Present
Designed and deployed a multi-VM lab featuring Splunk (SIEM), Windows 11, Kali Linux, Windows Defender Firewall, Sysmon, and Windows Event logs, verified by consistent log ingestion from the Windows 11 endpoint into the Splunk. Troubleshot log forwarding pipelines and resolved system permission and ingestion issues until data flow was stable and consistent. Created custom field extractions, improving log searchability and usability in Splunk. Investigated 1,200+ custom SSH authentication logs to identify brute-force patterns based on repeated failures and successful logins. Developed SPL correlation rules to detect repeated failed attempts followed by successful authentication. Mapped detected activity to MITRE ATT&CK framework and documented investigation findings with supporting evidence.
Education
Bachelor of Technology (ECE) – Partial completion
- 2023 · Afghanistan
High School Diploma - CBSE
- · Afghanistan
Certifications
CompTIA Security+
CompTIA Tech Career Academy · 2025
CompTIA Security+ (SY0-701) validates foundational skills required for SOC roles, including security monitoring, threat detection, incident response, and risk management. It covers core areas such as network security, log analysis, vulnerability management, and security operations, making it directly relevant to entry-level Security Analyst and SOC positions.
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Current Company
Independent SOC Projects
Visa Status
Citizen
Relocation
Depends on Offer
