About
Cybersecurity professional with 3.6 years of experience in Security Operations, specializing in high-volume alert triage, incident investigation, and threat detection across enterprise environments. Experienced in analyzing multi-source security logs, identifying adversary behaviors, and responding to endpoint and cloud-based threats using SIEM and EDR platforms such as Microsoft Sentinel, Sumo Logic, Splunk, and Defender for Endpoint. Strong exposure to detection engineering concepts, including KQL-based rule development and MITRE ATT&CK mapping. Proven ability to reduce false positives, improve detection accuracy, and enhance SOC visibility through proactive monitoring and rule tuning.
Skills & Expertise (40)
Work Experience
Security Analyst
Amazon
Oct 2022 - Present
Monitored and triaged 40–60+ security alerts daily across SIEM platforms (Microsoft Sentinel, Sumo Logic, Splunk) covering endpoint, network, and cloud environments. Investigated 800+ alerts monthly, identifying true positives related to phishing, malware execution, suspicious authentication, and lateral movement. Performed L1/L2 incident triage, validating alerts, enriching with contextual data, and escalating high-confidence incidents. Conducted endpoint investigations using Microsoft Defender for Endpoint, including process tree analysis, command-line review, and file/hash reputation checks.
Education
B.Tech – Electronics & Communication Engineering (ECE) - Malla Reddy Institute of Engineering and Technology (MRIET)
2019 - 2022 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (40)
Click a skill to find developers with the same skill
