About
Security Analyst with around 4 years of advancing experience in cyber security, specializing in risk assessment and compliance analysis across diverse business systems. Adept at identifying vulnerabilities and regulatory gaps, and crafting long-term security strategies that strengthen organizational resilience and safeguard critical assets.
Skills & Expertise (30)
Work Experience
Security Analyst
Cognizant
Aug 2022 - Present
Good knowledge and working experience in central logging, log management, and Splunk SIEM architecture. Experience in working on host isolation and advanced threat analysis using EDR Microsoft Defender ATP. Hands-on experience in creating playbooks, notebooks, runbooks, and automation roles using Azure Sentinel. Experience in creating Log Analytics workspaces, creating conditional access policies, and detection rules using Defender 365 and Azure Sentinel. Experienced in writing correlation rules with respect to KQL and SPL languages. Experience in configuring and tuning ASR policies in the Microsoft 365 Defender portal. Knowledge of email security threats and security controls, including experience analysing email headers. Good hands-on experience in creating virtual machines, deploying endpoint agents on them, and managing IAM roles in an AWS environment. Monitored network traffic for suspicious activity to prevent cyberattacks and data breaches. Experience in AIR (Automated Investigations and Remediation) policies and their implementation. Investigate malicious phishing emails, domains, and IPs using open-source tools, and recommend proper blocking based on analysis. Monitoring the triage of insider threats and User Entity Behavioral Analytics (UEBA), creating reports and dashboards, and fine-tuning rules (alert fine-tuning). Analysis of phishing emails reported by users to identify the type of attack and take immediate remediation. Integrated Defender for Endpoint with Microsoft Sentinel to centralise alert management and automate remediation workflows. Strong experience in managing Endpoint Agents over Windows and Linux operating systems, Active Directory integrations, and Windows Event Logs. Experience in adding and deploying a client onboarding configuration file; Configuration Manager can monitor deployment status, and Microsoft Defender ATP agent health. Monitor, respond to, and analyse trends in workstations, servers, and security-related events. Perform daily, weekly, and monthly scheduled tasks for Defender ATP. Conducted advanced threat hunting using Defender's telemetry and KQL queries, identifying lateral movement and zero-day exploits. Hands-on experience in analysing the device timeline logs and pulling reports by using advanced hunting in KQL.
Education
B.Tech in Mechanical - Aditya College of Engineering & Technology
- 2019 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (30)
Click a skill to find developers with the same skill
