About
Results-driven Security Analyst with over 4 years of experience in Security Operations Center (SOC) environments. Skilled in advanced threat detection, incident response for escalated and complex cases, proactive threat hunting, and strengthening overall security posture. Possesses deep expertise in SIEM platforms (XSIAM, Splunk), EDR solutions (CrowdStrike Falcon, Cortex XDR), and the MITRE ATT&CK framework. Demonstrated success in leading critical incident investigations through comprehensive forensic analysis, crafting custom detection rules, and mentoring junior analysts. Proficient in Python and Bash scripting to automate workflows and enhance SOC operational efficiency.
Skills & Expertise (35)
Work Experience
Sr. Solution Engineer
ACPL Systems
Jan 2022 - Present
Led investigation and response for 1,500+ monthly security incidents via Palo Alto XSIAM, maintaining SLA compliance through AI-driven analytics and automated playbooks. Served as primary escalation point for critical security incidents, resolving 2-3 complex cases monthly through advanced forensic analysis and comprehensive artifact documentation. Uncovered critical findings in stalled investigations—including sophisticated email compromises and fileless attacks—through deep XSIAM querying and malware analysis, providing definitive evidence for resolution. Developed and implemented custom detection rules in XSIAM and CrowdStrike to identify sophisticated threats and adversarial TTPs. Partnered with threat hunting team on hypothesis-driven campaigns; uncovered critical security loopholes that were later validated by third-party ASM vendors. Optimized critical security tools (EDR, SIEM, ASM) through vendor collaboration and configuration tuning. Automated vulnerability remediation for 30,000+ endpoints, achieving 98% compliance and reducing attack surface. Designed operational dashboards and executive reports (weekly/monthly/quarterly) to track security tooling coverage and log source health. Mentored junior analysts on incident response procedures, improving team efficiency by 25% through optimized playbook execution. Documented comprehensive incident findings and lessons learned in ITSM systems and playbooks for continuous improvement.
Cyber Security Intern
PurpleSynapz
Jan 2021 - Jan 2022
Monitored security alerts in a simulated SOC environment, supporting incident response workflows and optimizing tools to reduce false positives. Analyzed security events and logs to identify malicious activity, aligning findings with the MITRE ATT&CK framework. Utilized Bash and Python scripting to automate vulnerability scanning and reporting tasks.
Education
Bachelor of Technology (B.Tech) - Government College of Engineering, Keonjhar
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (35)
Click a skill to find developers with the same skill
