About
Experienced in Security Operations with 3 years of hands-on experience in monitoring, analyzing, and responding to security incidents, leveraging Information Security fundamentals and the MITRE ATT&CK framework to improve threat detection. Strong expertise in Threat Intelligence, Threat Hunting, Incident Response, and Vulnerability Management, with practical experience using SIEM and EDR tools to analyze security events and support detection use cases. Proven ability to protect organizational assets through intelligence driven analysis, automation enhanced detections, and effective cross functional collaboration.
Skills & Expertise (28)
Work Experience
Senior Engineer
HCLTech
Jan 2023 - Present
Conducted threat intelligence collection and analysis using OSINT, commercial feeds, and deep/dark web sources to identify emerging threats, threat actor activity, and campaigns, applying strong IT security fundamentals. Performed Cyber Threat Intelligence and Security Analysis by analyzing adversary TTPs using the MITRE ATT&CK framework, converting intelligence into event analysis–driven hunt hypotheses and structured incident analysis. Performed proactive threat hunting across network, endpoint, and cloud environments using SIEM hunting queries and EDR telemetry on Windows and Linux operating systems. Developed and maintained threat hunting queries and playbooks, leveraging log analysis and attacker behavior to uncover stealthy activity and improve detection use cases. Created, enriched, and managed Indicators of Compromise (IOCs) including IPs, domains, URLs, and file hashes to support detection and investigation workflows. Integrated threat intelligence feeds into SIEM platforms, improving security event correlation, alert accuracy, and operational insights for SOC teams. Executed alert triage and incident analysis, correlating intelligence with logs from firewalls, IDS/IPS, servers, and endpoints. Investigated endpoint-based security events using EDR tools, analyzing malware and brute force attacks such as credential abuse and lateral movement. Applied networking fundamentals (TCP/IP, DNS, HTTP, VPN) to analyze command-and-control traffic, malicious infrastructure, and abnormal network behavior. Supported phishing, malware, ransomware, and APT investigations by providing contextual threat intelligence and actionable intelligence to SOC and Incident Response teams. Assisted in incident response and escalation, providing root-cause findings and remediation recommendations aligned with response playbooks. Documented threat hunts, intelligence reports, IOC advisories, and investigation outcomes, delivering structured reports and briefings. Carried out vulnerability assessments, investigated findings, and worked with technical teams to track remediation and risk acceptance. Collaborated closely with SOC, Incident Response, and Security Engineering teams to translate threat intelligence into operational insights and detection improvements. Continuously monitored global cyber threat landscape, emerging attack techniques, and threat actor campaigns, strengthening proactive defense capabilities.
Education
Bachelor of Engineering in Electronics and Communication Engineering - Chaitanya Bharathi Institute of Technology
2019 - 2022 · Afghanistan
Diploma in Electronics and Communication Engineering - Government Polytechnic for women
2016 - 2019 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation