About
Security engineer with 3+ years in enterprise security operations, threat intelligence, and security tools implementation. Expertise in on-premises security infrastructure with progressive cloud adoption across hybrid environments, proficient in SIEM platforms, threat intelligence, deception and security tool integration with demonstrated success in reducing incident response times, false positive and enhancing detection capabilities. Seeking to leverage cybersecurity expertise and automation skills to drive advanced security initiatives.
Skills & Expertise (28)
Work Experience
Senior Executive – Security Engineer
Samsung Data System
Oct 2025 - Present
Lead incident response for security breaches, data leakage, and insider threat investigations across on-premises enterprise infrastructure. Optimize detection rules in Darktrace NDR; reduced false positives by 40% while expanding threat coverage for network anomaly detection. Conduct proactive threat hunting using MITRE ATT&CK framework to identify advanced persistent threats before exploitation. Establish incident response SOPs aligned with Samsung policies and data protection requirements. Prepare daily security posture reports with KPIs on SLAs and risk metrics for leadership review.
Software Engineer
Mindtree Ltd (LTIMindtree)
Jul 2022 - Jan 2023
Developed secure Python applications using Flask/Django with input validation and API security controls.
Senior Analyst – Security Engineer
HCL Technologies
Jan 2023 - Oct 2025
Integrated 1000+ firewall and security controls into Anomali TIP for centralized threat correlation across on-prem/hybrid infrastructure. Deployed deception technology (Zscaler): AD decoys, network decoys, and threat intel decoys and Endpoint decoys for lateral movement detection. Validated security control effectiveness using Mandiant Verodin (BAS); achieved 95% MITRE technique coverage. Developed Python automation for IOC enrichment and SOAR triggers; reduced MTTR by 60%. Performed Incident response in high priority p1 & P2 incidents using tools like CrowdStrike, RSA netwitness, Splunk, Anomali threatstream, NDR. Designed custom IOC sharing rules for TIP integration with SIEM/EDR/PROXY/Fw log analysis; implemented IOC sharing workflows. Remediated application vulnerabilities; implemented security headers per secure coding standards. Performed POC evaluations for TIP, SIEM, and BAS platforms; delivered technical assessment reports. Performed Onprem to Cloud migration security planning and Implementation. Performed Cross tools integration between multiple soc platforms and TIP. Shared security reports of weekly/monthly metrics for leadership dashboards.
Education
B.Tech, Electronics & Communication - SRMS-CET
2018 - 2022 · Afghanistan