About
Looking for an opportunity as a Cyber Security Analyst where I can utilize my hands-on experience in safeguarding IT infrastructure, implementing security frameworks, and enhancing organizational resilience through effective cybersecurity strategies.
Skills & Expertise (14)
Work Experience
Security Analyst
Cognizant
Oct 2023 - Present
Provide 24x7 Security Operations Centre (SOC) support using Splunk, QRadar, LogRhythm, and ServiceNow for incident detection and response across global environments. Monitor and analyse logs from SIEM, IPS, firewalls, servers, and databases to identify and mitigate threats, suspicious logins, and critical changes. Investigate phishing, malware, and spam incidents using O365 Defender and endpoint tools, escalating validated incidents as per SLA. Perform root cause analysis, implement corrective controls, and generate daily, weekly, and monthly incident reports. Conduct network security health checks, firewall log analysis, and PowerShell-based automation for repetitive tasks. Support ISO 27001 internal audits by reviewing documentation, controls, and policy compliance. Monitor and analyse security alerts using siem tools splunk, IBM Qradar to detect potential cyber security threats. Perform 24/7 security monitoring of enterprise infrastructure including firewalls, IDS/IPS, servers, databases, endpoints and network devices. Investigate and triage security alerts to determine security, impact and appropriate response actions. Conduct threat detection and incident triage based on defined playbooks and security procedures. Analyse window and network logs to identify suspicious activities, unauthorized access and policy violations. Analyse system logs, network traffic, authentication logs and security events to identify suspicious activities. Conduct phishing email analysis using Microsoft365defender and proofpoint to detect malicious links, attachments and spoofed domains. Identify and analyze indicators of compromise (Iocs) and malicious patterns during security investigations. Correlate events across multiple security platforms to defect anomalous behaviour and potential cyber threats. Create and manage incident tickets in servicenow and document investigation details according to soc process. Support incident containment eradication and recovery activities as part of incident response life cycle. Develop and fine tune SIEM correlation rules, dashboards and alerts to improve threat detection capabilities. Perform threat hunting activities to proactively identify hidden threats in the network. Document investigation findings and prepare incident reports, daily monitoring reports, security analysis summaries. Monitor alerts generated by firewalls, IDS/IPS, antivirus, endpoint security tools and email security solutions. Prepare daily, weekly and monthly security incident reports for management and security threats. Stay updated with the latest cyber threats, vulnerabilities, and attack techniques using threat intelligence sources. Participate in client review meetings and coordinate with cross-functional teams for escalation and resolution of high-severity issues.
Education
MBA - JNTUK
2018 - 2020 · Afghanistan
B.Sc. - Dr. B. R. Ambedkar University
- 2017 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
H1B
Relocation
Open to Relocation
