About
SOC Analyst with 3+ years of hands-on experience in security monitoring, incident response, and threat analysis. Proficient in SIEM platforms, including Splunk Enterprise Security, EDR solutions such as CrowdStrike Falcon, and ticketing tools like ServiceNow, with expertise in detecting, analyzing, and mitigating cyber threats. Skilled in log and network analysis, malware investigation, phishing response, and alert triage, applying frameworks such as MITRE ATT&CK, Cyber Kill Chain, and NIST CSF to strengthen organizational security posture. Collaborative team player with a proven record of reducing false positives, improving incident response efficiency, and enhancing overall security operations.
Skills & Expertise (20)
Work Experience
Senior Software Engineer (SOC Analyst)
Capgemini Technology Service
Mar 2022 - Present
Round-the-clock monitoring of security events, logs, and alerts for continuous protection. Assess and prioritize incidents based on severity, impact, and relevance; initiate investigations and escalate cases as needed. Use SIEM tool Splunk to detect possible signs of security breaches and perform detailed investigation to confirm successful breach. Perform root cause analysis (RCA) and appropriately handle the incident as per defined Incident Management Framework. Correlated logs and security data from multiple sources to detect suspicious behaviors, policy violations, and potential threats using MITRE ATT&CK, strengthening overall security posture. Following end to end Incident Investigation and Incident Response process, ensuring to close the investigation within defined SLA. Escalation of security incidents to concerned teams and their management and follow-up for closure. Analysis of daily and monthly reports for incident management and compliance. Worked on email analysis (Header, URL, and attachment analysis) for detecting threats such as phishing and other social engineering attacks. Managing all the alerts and providing the approvals to whitelist the URL/Domains at EDR and Firewall level. Knowledge sharing session with the team members when complex incident issues are raised and lessons learned from other team members. Collaborate with incident responders and Level 2 analysts to mitigate threats and conduct deep incident investigations. Assisting with vulnerability management using Nessus and coordinating with remediation teams to close security gaps. Documenting incidents, preparing RCA reports, creating tickets in ServiceNow, and escalating incidents per client SLAs with actionable insights to ensure customer security.
Education
Bachelor of Science (B.Sc.) in Computer Science - Sree Vidyanikethan Degree College
2018 - 2021 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
