About
3.2 + years of experience in Information Security with a strong understanding of IT. Proficient in proactive network monitoring using Splunk SIEM. Experienced in incident response. Solid understanding of network services and protocols. Knowledge in cyber attacks and attack vectors. Familiar with security solutions like Anti-virus, Firewall, IPS/IDS, Email Gateway, Proxy. Strong grasp of networking concepts (OSI Model, TCP/IP, DNS, DHCP). Skilled in Malware Analysis, Threat Hunting, and phishing email analysis. Exposure to frameworks and compliances like MITRE ATT&CK, OWASP. Quick learner with the ability to independently learn new technologies.
Skills & Expertise (23)
Work Experience
Security Analyst
INTENSO TECH SOLUTIONS pvt .ltd
Nov 2022 - Present
Operate in a 24x7 Security Operations Center. Monitor customer networks using Splunk SIEM. Provide first-level support for security issues. Analyze real-time security incidents to determine true positives or false positives. Perform real-time monitoring, investigation, analysis, reporting, and escalation of security events from multiple log sources. Raise true positive incidents to the respective team for further action, by reducing response time by 30% each week from previous ones. By average monitoring 90 cases per week. Create and manage tickets in ServiceNow, ensuring follow-up until closure. Escalate security incidents based on client SLAs, providing meaningful information. Directly contact customers for high-priority incidents and assist in attack mitigation. Investigate malicious phishing emails, domains, and IPs using open-source tools and recommend proper blocking. Create dashboards and reports in Splunk. Develop correlation searches/rules in Splunk.
Education
Bachelor of Technology in Computer Science and Engineering - RGPV University
2011 - 2015 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Depends on Offer
