About
Self-driven and proactive SOC Analyst with 3.4 years of experience specializing in threat detection, incident response, and cybersecurity operations. Skilled in monitoring, analyzing, and mitigating security threats to protect organizational information systems and networks. Experienced in implementing security controls, conducting thorough investigations and managing incident response processes to minimize risks and ensure compliance. Strong analytical and problem-solving abilities combined with effective communication and teamwork skills. Proven track record in enhancing security posture, reducing vulnerabilities, and preventing data breaches through continuous monitoring and proactive threat management.
Skills & Expertise (44)
Work Experience
SOC Analyst L1
UNITRANS INFOTECH SERVICES PVT LTD.
Sep 2022 - Mar 2025
24/7 real time monitoring in SIEM tools like Splunk and analysis of true/false positive alert. Experienced in understanding TCP/IP and TLS/SSL protocol, OSI model, DNS, DHCP, Proxy server and active directory. Familiar with cyber kill chain process, MITRE ATTACK frameworks. Strong knowledge of cyber attacks, and techniques, threat vectors. Handling the alerts on SIEM dashboard by creating ticket and then analyze the threats by taking the events from firewall, End points and IPS/IDS to identify a true/false alerts. Performed log analysis and root cause analysis to identify anomalies, security threats and identify of compromise (IOC). Conducted in-depth analysis of phishing mails to identify malicious content, links or attachments. Investigating, analyzing events in end point detection and response Tool & then taking required action. Regularly communicate with customer IT teams to inform about the Issues and remediate actions. and Generating the tickets for validated incidents. Prepared and presented comprehensive weekly and monthly security reports to clients. Understanding of security frameworks like NIST, ISO 27001, compliance and OWASP TOP 10 Vulnerabilities. Shift handover to next shift with important updates and pending action.
SOC Analyst L1
SCHIMA SYSNET AND SYSTEMS PVT LTD.
Apr 2025 - Present
Performed 24/7 real-time monitoring using SIEM tools such as FortiSIEM, Rapid7, Splunk, analyzing and validating true/false positive alerts. Conducted in-depth investigations on escalated incidents from SOC Level 1 analysts and added context by analyzing data from multiple tools and log sources. Investigated and responded to endpoint threats using Sophos EDR, and other Antivirus/EDR platforms including FortiEDR. Executed threat containment and remediation actions such as host isolation and malicious file removal via EDR consoles. Provided actionable remediation recommendations for confirmed malicious, suspicious, or high-risk incidents. Contacted customers directly during high-priority incidents to guide them through mitigation processes. Collaborated with L3/Engineering teams to develop, test, and refine new detection use cases and correlation rules. Fine-tuned SIEM detection rules, alert logic, and correlation policies to reduce false positives and increase detection accuracy. Maintained and updated detection rule databases and ensured continuous optimization of monitoring workflows. Managed end-to-end SOC operations including detection, tracking, threat analysis, escalations, and improvements. Generated and delivered daily, weekly, and monthly incident reports with accurate summaries, visualizations, and actions taken. Created and maintained SOC Runbooks, SOPs, and other documentation to standardize response procedures. Participated in weekly SOC meetings to review major incidents, analyze trends, assess risks, and recommend improvements. Engaged in daily client calls to provide incident updates, discuss ongoing investigations, and collaborate on remediation efforts. Supported customers during incident remediation with clear communication and technical guidance. Assisted SOC management with operational reporting and continuous improvement activities. Coordinated smooth shift handovers by reviewing critical incidents and ensuring uninterrupted SOC coverage. Designed, automated, and maintained SOAR workflows and incident response playbooks, streamlining detection, investigation, and remediation processes. Supported internal and external audits, ensuring SOC operations complied with NIST, ISO 27001, and PCI-DSS requirements. Demonstrated strong priority management in a fast-paced 24/7 operations environment with strict SLA adherence. Trained SOC analysts on tools, processes, and best practices to improve overall team capability. Exhibited excellent written and verbal English communication skills.
Education
Mechanical Engineering - BLDEA'S College of Engineering & Technology
- · Afghanistan
