About
Results-driven Cybersecurity Analyst with 4+ years of hands-on SOC experience across MSSP and enterprise environments. Proficient in IBM QRadar SIEM — including correlation rule tuning, log source management, and phishing investigation workflows. Proven track record of monitoring high-volume alert queues, reducing false positives, and collaborating with Tier 2 analysts on escalated incidents. Seeking to leverage deep SIEM expertise and growing threat-hunting capability in a SOC Level 2 role.
Skills & Expertise (35)
Work Experience
Security Analyst — SOC L1
Ernst & Young (EY)
Aug 2023 - Present
Enterprise MSSP SOC supporting multiple clients | IBM QRadar environment. Managed 50+ security alerts per day across multi-client environments using IBM QRadar SIEM, maintaining SLA compliance for P1/P2 incident response. Conducted phishing and spear-phishing email campaigns end-to-end — header analysis, URL detonation, sandbox review, and stakeholder notification — reducing average phishing investigation time by 25%. Performed IOC presence checks across network and endpoint telemetry using QRadar, identifying anomalous activity patterns links. Collaborated with L2 analysts on correlation rule fine-tuning, contributing to a reduction in false positives across 3 high-volume use cases. Managed 10+ log sources in QRadar including Windows Event Logs, Cisco ASA, Palo Alto firewalls, and Syslog feeds, ensuring data integrity and coverage continuity. Developed SOPs and runbooks for phishing triage, IOC enrichment, and alert escalation workflows adopted across the SOC team. Provided daily, weekly, and monthly SLA reports to stakeholders, providing metrics on incident volume, resolution times, and trending threat categories. Conducted database health check reports, flagging access anomalies and privileged user activity for compliance review.
Security Analyst — SOC L1
Softcell Technologies
Jun 2021 - Jul 2023
MSSP environment | Wazuh SIEM platform. Utilized Wazuh SIEM, performing drill-down log analysis and incident documentation for escalation. Created custom dashboards and reports in Wazuh to surface key security metrics for client-facing reporting. Managed CDB blacklists for malicious IPs, integrating threat intelligence feeds to proactively block known-bad indicators. Conducted root cause analysis (RCA) on recurring alerts, driving actionable remediation recommendations that reduced repeat alert volume. Performed server health checks and load balancing reviews to ensure SIEM infrastructure uptime and data ingestion reliability.
Education
Bachelor of Science (Information Technology) - University of Mumbai
- 2020 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Open to Relocation
Skills (35)
Click a skill to find developers with the same skill
