About
Experienced Cyber Security Analyst with over 4 years of success in 24/7 Security Operations Centre (SOC) environments, delivering full-spectrum incident response-from triage and escalation to remediation. Skilled in Microsoft Sentinel, Defender and Splunk with a strong grasp of threat detection, root cause analysis, network protocols, and Azure cloud security. Proven ability to anticipate and neutralize threats, improve SOC workflows, and maintain high-quality service across rotating shifts. Adept at building collaborative relationships across teams and stakeholders.
Skills & Expertise (44)
Work Experience
Security Operations Centre Analyst
CyberOne Ltd
Nov 2022 - Oct 2025
Monitored, triaged, and investigated security alerts across multiple clients using Microsoft Sentinel, Defender for Endpoint in a 24/7 SOC environment. Acted as an escalation point for L1 analysts, validating alerts, conducting deep-dive investigations, and recommending containment or remediation actions. Developed KQL detection queries, correlation rules, and automated SOAR playbooks, enhancing incident detection and reducing analyst workload. Led incident response efforts, performing root cause analysis, evidence collection, and forensic investigation to identify attacker techniques and entry points. Configured Azure Sentinel SIEM rules, playbooks, and automation workflows to improve incident response efficiency by 30%. Conducted threat hunting and proactive monitoring activities leveraging MITRE ATT&CK techniques to detect and disrupt advanced persistent threats (APTs). Collaborated with infrastructure and endpoint teams to address security gaps, ensuring consistent policy enforcement and patch compliance across hybrid environments. Maintained detailed incident documentation and reporting for governance, compliance, and continuous improvement. Mentored L1 analysts by sharing investigation methods, improving triage accuracy, and streamlining SOC workflows through updated SOPs and playbooks. Delivering security awareness training, phishing simulations, and business continuity planning. Led threat hunting activities leveraging KQL, log analytics, and MITRE ATT&CK mapping to detect advanced threats. Contributed to SOC process enhancements, improving response times and ensuring alignment with NIST and ISO 27001 frameworks.
Cyber Security Analyst
KryptoKloud Ltd
Apr 2022 - Nov 2022
Working in a 24x7 Security Operations Centre. Investigating incidents using With-Secure EDR Platforms. Tracks performance metrics and provides timely updates to CSOC management. Perform network traffic analysis using raw packet data, network flow, Intrusion Detection Systems (IDS), and custom sensor output from communication networks. Works with clients to implement system security measures, assists with computer security plans and documentation, and provides technical guidance and training. Investigate malicious phishing emails, domains and IPs using Splunk and other Open-Source tools and recommend proper blocking based on analysis. Identification of vulnerability and patch management. Experience in using Hive Platform for investigation purpose. Also performs real-time monitoring, investigation, analysis, reporting, and escalations of security events from multiple log sources. Provide technical and operational leadership for cyber-security incident response. Assist with triage, prioritisation and response to cyber-security events and incidents. Provides incident remediation and prevention documentation.
Education
Master of Science in Cyber Security with Advance Research - University Of Hertfordshire
2019 - 2021 · Afghanistan
Bachelor of Science in Cyber Forensic - Mahatma Gandhi University
2016 - 2019 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
