About
SOC Analyst with 4+ years of experience in Security Operations Center (SOC) operations, specializing in SIEM monitoring, EDR investigations, incident response, and threat hunting. Currently supporting enterprise security operations using CrowdStrike Next-Gen SIEM and CrowdStrike Falcon, handling 4–5 high-severity incidents daily escalated by L1 teams. Reduced false positives by 25% through alert fine-tuning and playbook optimization. Experienced in phishing and BEC investigations using Proofpoint TAP, while maintaining 98%+ SLA compliance in a 24x7 SOC environment.
Skills & Expertise (24)
Work Experience
Network Security Engineer
Mynd Integrated Solutions Pvt LTD.
Sep 2024 - Present
Monitoring and investigating security alerts across enterprise SIEM platforms within a 24x7 SOC environment. Performing Endpoint Detection & Response (EDR) investigations including process analysis, containment, remediation support, and forensic artifact review. Utilizing SOAR workflows to automate response actions and extract forensic artifacts during endpoint investigations. Handling 4–5 medium to Critical & high severity incidents daily and which are escalated by the L1 teams as per escalation matrix. Providing technical updates during incident bridge calls and collaborating with NOC, IT, and business teams for timely containment and remediation. Supporting implementation of incident response playbooks and managing end-to-end incident lifecycle from detection to closure, including documentation, artifact validation, follow-ups, and root cause analysis. Minimized false positive alerts by 20% through SIEM use-case fine-tuning, alert validation, and detection optimization. Monitoring and validating behavioral detections and managed threat intelligence alerts (Overwatch) to identify suspicious activities. Leveraging AI-assisted investigation tools such as DropZone AI to accelerate alert triage, validate false positives, and enhance threat analysis efficiency. Performing detailed log correlation across firewalls, domain controllers, endpoints, servers, and network devices to identify anomalous patterns. Monitoring SIEM health including log ingestion status, EPS utilization, and log volume deviations to ensure continuous visibility and compliance. Investigating phishing, BEC, and email-based attacks using enterprise email security platforms (Proofpoint TAP), including attachment and URL defense analysis. Managing SOC security mailbox, investigating user-reported security concerns, validating suspicious emails/URLs/files, and providing remediation guidance while maintaining SLA adherence. Conducting proactive threat hunting using OSINT-based IOCs and internal threat intelligence feeds to identify threats in the Environment. Monitoring real-time XDR alerts and endpoint behavioral detections to identify threats. Monitoring risky sign-ins, privileged access, and user activity in cloud identity platforms (Microsoft Entra ID). Supporting DLP and USB monitoring by tracking sensitive data access and blocking unauthorized device usage, reducing potential data exfiltration risks by approximately 20%. Supporting vulnerability management by escalating web application vulnerabilities and tracking remediation through Jira and ServiceNow. Maintaining Incident, False Positive, USB Activity, and IOC trackers and preparing Daily/Weekly SOC reports while maintaining 98%+ SLA adherence.
SOC Analyst – Azure
Sarag Systems Pvt LTD.
Jul 2021 - Aug 2024
Monitoring security events from SIEM, firewalls, and email security gateways in a 24x7 SOC environment. Performing initial alert triage, validation, and categorization based on severity. Conducting basic log analysis and event correlation before escalating to L2/L3 teams. Escalating high-severity incidents as per defined escalation matrix. Validating and blocking IOCs received from threat intelligence feeds. Maintaining Incident Tracker, False Positive Tracker, and Whitelisting records. Preparing Daily and Weekly SOC operational reports. Coordinating with IT and NOC teams for initial investigation support. Ensuring SLA adherence while handling security alerts.
Education
B. Tech in Mechanical Engineering - VGNT – Vignan Institute of Technology and Sciences
- 2021 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Relocation
Open to Relocation
Skills (24)
Click a skill to find developers with the same skill