About
Incident Responder with 3+ years of experience in security operations, specializing in incident investigation, root cause analysis (RCA), and threat detection using SIEM and XDR platforms. Experienced in analyzing security alerts, correlating events, and executing containment and remediation actions to mitigate threats. Proficient in Microsoft Sentinel, Defender XDR, and Trend Micro, with working knowledge of MITRE ATT&CK, DFIR practices, and basic malware analysis. Focused on improving detection efficiency by reducing false positives and strengthening overall security posture.
Skills & Expertise (22)
Work Experience
Incident Responder L1
Network Intelligence
Mar 2025 - Present
Working as an Incident Responder, monitoring and analyzing malicious threats using Microsoft Defender XDR, Microsoft Sentinel(SIEM), Remedy, Wiz. KQL, ELK (SIEM) with strong expertise in identifying the root cause of security alerts. Investigate and respond to security incidents including malware infections, phishing attacks, and unauthorized access using Microsoft Sentinel and Defender XDR. Perform in-depth root cause analysis (RCA) and map attack behavior using MITRE ATT&CK framework. Analyze logs from endpoints, firewalls, IDS/IPS, and cloud environments to identify attack patterns. Execute containment and remediation actions to prevent further impact of confirmed threats. Correlate alerts from multiple security tools to detect multi-stage attacks. Reduce false positives by tuning detection rules and recommending whitelisting strategies. Develop and enhance incident response playbooks to improve response efficiency. Ensure all incidents are handled within SLA timelines and properly documented.
Security Analyst L1
Eventus Techsol
Feb 2023 - Feb 2025
Security Analyst with experience in monitoring and analyzing cyber threats using Trend Micro Tools, specializing in threat detection and incident investigation. Skilled in log analysis and threat hunting to identify malicious activities. Monitored and analyzed security alerts using Trend Micro XDR and SIEM tools. Investigated suspicious activities and escalated high-severity incidents to L2/L3 teams. Conducted log analysis and network traffic analysis to detect malware and phishing activity. Created detailed Root Cause Analysis (RCA) reports for security incidents. Performed basic malware analysis to understand threat behavior. Collaborated with DFIR team to improve incident investigation and response processes. Maintained SLA and prepared daily, weekly, and monthly security reports.
Education
Master of Science in Cyber Security - National Forensic Sciences University
2021 - 2023 · Afghanistan
Bachelor of Science in Information Technology - GLS University
2018 - 2021 · Afghanistan
Certifications
Introduction to Cyber Security
Cisco Networking Academy · 2021
Smart Hacks
EICT Academy · 2021
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Open to Relocation
Skills (22)
Click a skill to find developers with the same skill
Similar Profiles
Durga sree K
Cybersecurity Analyst – SOC | SIEM, EDR & Incident Response
Nagaraj I
SOC Operations | Incident Response | Threat Hunting
sreeharsha kuchana
Cyber Security and Incident Response Analyst
Chinmay Mendse
SOC Analyst | TryHackMe SAL-1 Certified | Blue Team | SIEM • Threat Detection • Incident Response | Ex-Software Developer