About
SOC Analyst with 3+ years of experience in Security Operations, specializing in SIEM engineering support, endpoint threat detection using CrowdStrike, and enterprise vulnerability management via Qualys VMDR. Experienced in incident investigation, threat hunting, use-case tuning, and reducing security risk exposure through proactive detection optimization. Strong understanding of MITRE ATT&CK, incident response lifecycle, and risk-based vulnerability prioritization. Well-versed in email security operations using Proofpoint, phishing analysis, and data protection controls. Adept in IDS/IPS, DLP monitoring, threat intelligence, and SOC automation support.
Skills & Expertise (23)
Work Experience
SOC Analyst
Amazon
Nov 2024 - Nov 2025
Investigated 120+ security alerts per month across Microsoft Sentinel, Splunk ES, and IBM QRadar environments. Performed advanced log analysis including Windows Security Logs, Sysmon, Firewall logs, Proxy logs, and AD events. Reduced false positives by 30% through correlation rule tuning and threshold optimization. Developed and modified SIEM use cases aligned to MITRE ATT&CK techniques. Onboarded new log sources and validated parsing accuracy and created dashboards and executive-level incident trend reports. Conducted proactive threat hunting using KQL and SPL queries and performed root cause analysis for high-severity security incidents. Participated in P1 incident bridge calls and containment coordination and documented incident playbooks and response workflows. Conducted endpoint investigations using CrowdStrike Falcon process tree analysis. Analyzed suspicious parent-child process relationships and command-line artifacts. Executed host isolation during confirmed compromise scenarios and validated malware detections and eliminated false positives. Investigated lateral movement, privilege escalation, and persistence mechanisms and performed IOC-based threat hunting across enterprise endpoints. Reviewed behavioral detections and custom IOA alerts. Assisted in ransomware simulation validation and containment readiness testing. Developed and optimized KQL queries for threat detection and security analytics. Managed authenticated and unauthenticated scans using Qualys VMDR. Analyzed CVSS scores and exploitability metrics for risk-based prioritization. Validated false positives before remediation assignment. Coordinated with infrastructure teams to ensure patch compliance within SLA. Reduced critical vulnerability exposure by 35% over 6 months. Generated executive vulnerability posture reports. Performed patch validation scans post-remediation. Tracked aging vulnerabilities and enforced remediation timelines. Investigated phishing, spear-phishing, and BEC attempts. Performed email header analysis (SPF, DKIM, DMARC validation). Analyzed malicious URLs and attachments via sandbox reports. Coordinated user awareness communication for phishing campaigns. Reduced repeat phishing incidents through detection tuning. Monitored DLP alerts for potential insider data exfiltration. Investigated USB-based and email-based data transfer attempts. Assisted in DLP policy tuning to reduce false positives. Performed endpoint isolation, remediation, and post-incident analysis.
Senior Software Engineer (SOC)
HCL Tech
May 2022 - Apr 2024
Monitored and validated security events using IBM QRadar and Splunk SIEM platforms, ensuring timely identification of suspicious activity. Assisted in tuning SIEM correlation rules, reducing false positives and improving alert accuracy. Investigated endpoint detections using CrowdStrike Falcon and supported containment activities. Reviewed Zscaler Internet Access logs for malware, policy violations, and suspicious web traffic. Performed vulnerability scanning using Qualys and tracked remediation with infrastructure teams. Followed incident response playbooks and documented actions in ticketing systems.
Education
B.Com - Computers - Kakatiya University
- 2019 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Relocation
Open to Relocation
