About
Results-driven Security Analyst with 4+ years strong expertise in Microsoft Sentinel, Defender for Endpoint, Defender for Cloud, Intune, and Entra ID, supporting 24×7 security operations across enterprise environments. Adept at incident response, threat hunting, vulnerability management, and security policy enforcement, with a track record of improving detection accuracy and reducing risk. Aspiring to grow as a Cloud Security professional while delivering measurable security outcomes.
Skills & Expertise (31)
Work Experience
Senior Security Analyst
EMERSON
Oct 2021 - Present
Successfully implemented Microsoft Sentinel SIEM, onboarding multiple log sources (endpoints, IAM, cloud, firewall, Azure, M365) to enable centralized security monitoring. Built and deployed custom KQL-based analytics rules, improving detection of advanced threats and reducing mean time to detect (MTTD). Optimized SOC operations by tuning analytics rules, alert suppression, and watchlists, significantly reducing false positives and alert fatigue. Led end-to-end incident response including triage, containment, escalation, RCA, and closure in alignment with SOC playbooks and SLAs. Conducted proactive threat hunting using KQL, uncovering hidden threats and strengthening security posture. Onboarded 8,000+ endpoints to Microsoft Defender for Endpoint via Intune, Azure Arc, SCCM, and GPO, achieving full EDR coverage. Resolved sensor health and connectivity issues, ensuring 100% endpoint visibility and compliance. Implemented endpoint protection policies (Antivirus, ASR, web protection, device control), reducing malware and attack surface exposure. Executed rapid containment actions such as host isolation, IOC blocking, and file quarantine to minimize incident impact. Performed real-time monitoring and investigation of phishing, malware, ransomware, and credential-theft incidents across SIEM and EDR platforms. Implemented Microsoft Defender for Cloud (CSPM/CWPP), remediating 50+ critical misconfigurations and increasing Secure Score by 20%. Strengthened identity security by administering Microsoft Entra ID, enforcing least-privilege access through Conditional Access, PIM, SSPR, and SSO. Deployed Microsoft Purview DLP across email, collaboration, and endpoint platforms, reducing accidental data leakage incidents. Led vulnerability assessments using Qualys VMDR and MDVM, coordinating remediation and improving patch compliance timelines. Managed and secured 5,000+ endpoints and mobile devices (Windows, macOS, iOS, Android) using Microsoft Intune. Delivered phased rollouts of Intune compliance, configuration, app protection, and update policies, improving endpoint security consistency. Integrated Microsoft Intune with Microsoft Defender, enabling automated onboarding and policy enforcement across endpoints. Supported 24×7 SOC operations using Splunk SIEM, analyzing logs with SPL queries and escalating validated incidents with detailed evidence. Investigated and documented email security incidents using Mimecast & MDO365, improving phishing detection and response quality.
Education
BSC(MECS) - Sri Vivekananda Degree College Challapalli, Krishna University
- · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Relocation
Open to Relocation