About
SOC Analyst with nearly 2 years of hands-on experience in threat detection, SIEM operations, and security automation. Experienced in investigating web application attacks, tuning detection rules, and correlating logs across Wazuh, OpenSearch (ELK), and Microsoft Sentinel. Focused on improving detection accuracy and reducing manual triage through rule tuning and automation using Python and n8n.
Skills & Expertise (33)
Work Experience
SOC Analyst (L1)
CodeMax IT Solutions Pvt Ltd (Client: MoneyNetint)
Jun 2024 - Present
Investigated 15–25 security alerts daily across SIEM, WAF, firewall, and endpoint telemetry while maintaining SLA adherence and escalation accuracy. Investigated web application attacks (SQLi, SSRF, RCE, XSS, LFI/RFI, Command Injection) using multi-source log correlation across WAF, firewall, SIEM, and application logs. Performed proactive threat hunting across Cloudflare WAF, SIEM, and application logs to identify anomaly patterns, attack origin, and potential exploitation paths. Developed and tuned Sigma detection rules and YARA rules to identify malicious activity, improving alert accuracy and reducing false positives. Validated exploit attempts by analyzing response behavior, payload execution, and timing to accurately distinguish true positives from false positives. Automated alert enrichment workflows using Python and n8n, integrating threat intelligence sources such as VirusTotal and AbuseIPDB, improving triage efficiency. Enhanced SIEM pipeline by testing Vector as a Logstash alternative and implementing ECS normalization for improved cross-source correlation. Conducted phishing and malware investigations including IOC extraction, email header analysis, and UEBA-based anomaly detection.
Education
Bachelor of Engineering - Visvesvaraya Technological University (VTU)
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (33)
Click a skill to find developers with the same skill
