About
Security Engineer with around 5+ years of experience in endpoint/cloud security, SIEM, and SOC operations. Skilled in threat monitoring, malware analysis, incident response, and vulnerability management. Committed to innovative solutions and industry compliance.
Skills & Expertise (30)
Work Experience
Security Engineer
Tech Mahindra
Oct 2021 - Present
Experience in handling and deploying the Defender agents onto servers to onboard into Defender, and troubleshooting agent connectivity issues using the MDE Client Analyser. Handling spam and phishing email submissions from end-users, taking containment steps by further investigating domains and IPs to recommend proper blocking, and creating SPF, DKIM, and DMARC records for the domains to protect against spoofing. Experience in working on host isolation and advanced threat analysis using the EDR Microsoft Defender ATP. Escalating security incidents based on the client's SLA and providing meaningful information related to security incidents by performing in-depth analysis of events, which ensures the customer's business remains safe and secure. Expertise in Splunk enterprise architecture such as search heads, indexers, deployment server, licence master, and heavy/universal forwarders. Provides regular monitoring, triage, and incident response to automated security alerts using security tools such as SIEM, Splunk, and Azure Sentinel. EDR, antivirus, and email security. Implementation of use cases using KQL with complex correlation across different data sources in Azure Sentinel. Experience in monitoring, responding to, and analysing trends in workstations and servers for security-related events. Perform daily, weekly, and monthly scheduled tasks for MS Defender ATP. Experience in analysing advanced system-based threats using EDR Defender for Endpoint. Experience in AIR (Automated Investigations and Remediation) policies and their implementation. Experience with system security concepts, tools, implementation, DLP, CASB, and integration with various data sources and application stacks. Experience in providing end-to-end support to enterprise counterparts, identifying the root cause of sophisticated enterprise initiatives, with endpoint security solutions such as Microsoft Defender ATP. Performed security event monitoring of heterogeneous networks, such as firewalls, IDS/IPS, and DLP devices using Splunk. Experience in creating, tracking, and responding to support cases raised with Defender ATP Support.
Education
B.Tech in ECE - ASR College of Engineering
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
OPT
Relocation
Open to Relocation
Skills (30)
Click a skill to find developers with the same skill
