About
Detail-oriented Anti-Spam and Anti-Phishing Analyst with 2.7 years of experience analyzing malicious emails, URLs, and security threats. Skilled in phishing investigation, sandbox analysis, detection rule creation, and incident response. Strong experience working with KEStudio and ProdDMS tools while maintaining high accuracy, quality, and client satisfaction.
Skills & Expertise (15)
Work Experience
Associate Data Engineer
Centific Global Technologies
Jun 2023 - Present
Handling client calls regarding to discuss latest threat identification techniques. Analysed phishing and spam emails by checking email headers, authentication results (SPF, DKIM, DMARC), and sender details to identify threats. Reviewed and interpreted complex data clearly to support accurate threat detection and reporting. Identified and prioritized high-risk phishing emails by examining message paths, spoofing signs, and suspicious content. Investigated suspicious URLs using static and dynamic methods to detect phishing pages, malware downloads, and harmful redirects. Used tools like VirusTotal, centralops, whois to safely analyse suspicious links, legit domains, files, and attachments. Examined various attachment types (PDF, HTML, ZIP, DOCX, JS, etc.) to find malicious URLs, scripts, and phishing content. Reviewed and analysed phishing and spam emails reported by users to confirm if they were harmful. Performed basic threat intelligence and threat-hunting activities to find new or recurring attack patterns. Analysed non-executable files (PDF, HTML, EML, JS, TAR, JAR, LNK) to detect malicious behaviour and provide accurate classifications. Applied advanced malware analysis techniques to identify hidden threats and suspicious activity. Worked closely with cross-functional teams and clearly communicated detection gaps and areas for improvement. Identified patterns and trends in phishing attacks to support better detection logic. Safely extracted and decoded attachment content to find hidden URLs, redirect chains, encoded elements, or credential-stealing pages. Used sandbox and forensic tools to simulate user actions and identify malicious behaviours like autoredirects, macros, or silent downloads. Created detection rules and signatures to help identify phishing campaigns, spoofed senders, and unusual email activity. Partnered with security teams to improve DMARC enforcement, update filtering rules, and increase user awareness about phishing threats.
Education
Bachelor of Computer Science - Kasturba Gandhi Degree and PG College for Women
2019 - 2022 · Afghanistan