About
I have over 3+ years of experience in IT as a Security Researcher and Analyst. I would love to work in a company where I can utilize my skills and improve my career path. Security Analyst in Security Operation Center (SOC) environment on Splunk/Indexer/search head and EDR (Carbon Black). Specialized in proactive network monitoring of SIEM (Splunk)/Azure Sentinel and EDR Carbon Black. Have a deep knowledge in identifying and analyzing suspicious event.
Skills & Expertise (16)
Work Experience
SOC Analyst
BNYM
May 2023 - Aug 2024
SOC analysts are responsible for investigating potential security incidents, determining their severity, and implementing responses to mitigate threats. Identify and ingest indicators of compromise (IOCs), e.g. malicious IPs/URLs, e.g., into network tools/applications. Stay up to date with current vulnerabilities, attacks, and countermeasures with security blogs and internal news reporting from CISA, DHS. Monitor real-time security events on Carbon Black EDR & Microsoft Defender and Event Analysis and Investigating and mitigation. Perform static malware analysis on isolated virtual servers recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information. Perform incident monitoring, response, triage and initiate investigations Create and track incidents and request using ticketing tool: (Service Now). Analyze security event data from the network (IDS, SIEM). Monitor security events and logs such as proxy logs, IPS/IDS events, Firewall, Active Directory (user verification), Vulnerability scans, Anti-Malware events, Endpoints Security, Web Application Firewall, Net Flow, Packet Capture, Computer log files, to maintain situational awareness. Investigate all reported suspicious emails and determine whether the emails are malicious, non-malicious or legitimate and reply to the user who reported the suspicious email with a message reporting the findings and any recommendations. Identification of the false positive/ True positive events and take action accordingly as per KOPs. We used to receive Spam email from the DB users, and we use to co-ordinate with messaging Team to block mail. We used to receive the Virus alert for outbound and inbound and use to co-ordinate with Antivirus team. Recommended security strategies based on real time threats.
SOC Analyst
MINDTREE
Jun 2024 - Present
Worked in a 24x7 Security Operations Center. Conduct log analysis using Splunk SIEM Tool. Monitor real-time security events on Carbon Black EDR & Microsoft Defender and Event Analysis and Investigating and mitigation. Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis. Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analysis of relevant event detail and summary information. Perform static malware analysis on isolated virtual servers recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information. Analyze security event data from the network (IDS, SIEM). Perform incident monitoring, response, triage and initiate investigations Create and track incidents and request using ticketing tool: (Service Now). Monitor security events and logs such as proxy logs, IPS/IDS events, Firewall, Active Directory (user verification), Vulnerability scans, Anti-Malware events, Endpoints Security, Web Application Firewall, Net Flow, Packet Capture, Computer log files, to maintain situational awareness. Investigate all reported suspicious emails and determine whether the emails are malicious, non-malicious or legitimate and reply to the user who reported the suspicious email with a message reporting the findings and any recommendations.
Education
Diploma Engineering: Civil Engineering Technology - Nittur Polytechnic College
- 2016 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Depends on Offer
Skills (16)
Click a skill to find developers with the same skill
