About
Having 3+ Years of Security Analyst Experienced with years of working in the area of security operation Including Incident Management, and log analysis through SIEM. Performing Log analysis & analysing the crucial alerts at immediate basis. Experience in Security Monitoring and Operation. Experience in Incident Response Life Cycle. Experience on SIEM (Security Information and Event Management) tools like Monitoring real-time events using tools like Microsoft Azure sentinel and Ibm Qradar. Preparing Metrics report for vulnerabilities attend weekly meetings with Infrastructure and cloud team. Reporting weekly / monthly dashboards to customer. Preparing daily, weekly and monthly report as per client requirement. Preparing documents & templates for escalations. Provide first level of threat response for Security Event Management team at Security Operation Centre (SOC). Hands on Experience on Incident response activities - Malware Analysis, Brute force Analysis, Phishing Email Analysis. Perform ongoing monitoring threat analysis. Creating alarms for incident detection.
Skills & Expertise (18)
Work Experience
Security Analyst (L1)
Hinduja Global Solutions
Oct 2022 - Present
Working on the Microsoft Azure sentinel and Microsoft Qradar (console & web console) providing operations support at the Security Operations Canter for different member firms. Handling the complete incident management framework cycle right from incident identification, incident containment, performing root cause analysis, suggestion and implementation of preventive and corrective controls and perform network analysis as needed on a case to case basis. Participate in weekly and monthly review calls with Customer. Monitoring and identify positive security events from Microsoft Azure sentinel dashboard, Orion during the shift hours and take necessary action for the critical events that is seen during each shift’s hours with deviations for all the environments that we support. Security Incident Response and closure of Incidents within SLA using Service Now. Analysing Phishing and Spam related activities and notifying to the users. Preparing daily and weekly dashboard on the security threats. Served as Analyst in SOC operations for real-time monitoring, analysing logs from various security/Industrial appliances. Administrating various incidents/security alerts triggered in SIEM tool. Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from multiple log sources. Understanding the incident based on to determine whether it’s false or true positive. Troubleshooting SIEM dashboard issues when there are no reports getting generated or no data available. Determine the scope of security incident and its potential impact to Client network recommend steps to handle the security incident with all information and supporting evidence of security events. Creation of reports and dashboards and rules fine tuning. Handling multiple customers globally analysing the customer networks for potential security attacks. Support security incident response processes in the event of a security breach by providing incident reporting.
Education
Bachelor of Arts - Dr.B.R. Ambedkar University
- 2020 · Afghanistan
