About
Proactive Cyber Security Analyst with 2+ years of intensive SOC operations expertise in 24x7 security monitoring, incident lifecycle management, and forensic analysis. Specialized in SIEM platform administration (Wazuh, Splunk, Microsoft Sentinel), EDR operations (CrowdStrike Falcon), and advanced threat analysis. Consistently meets/exceeds SLA requirements (90-95%) while maintaining high detection fidelity. Proficient in DLP management, log analysis, and creating automated incident response workflows. Expert in threat modeling using MITRE ATT&CK framework, risk assessment, and root cause analysis of security incidents. Skilled at correlating multi-source security data to identify advanced threats, lateral movement, C2 communications, and data exfiltration patterns. Strong background in disaster recovery planning, stakeholder coordination, and security awareness training.
Skills & Expertise (26)
Work Experience
Associate Consultant – Cyber Security
Rhym Technologies LLP
Jul 2024 - Present
Managed 24x7 SOC operations—monitored P1, P2, P3 priority alerts across multiple security platforms with consistent SLA adherence (90-95%); escalated validated incidents to SOC Lead with comprehensive log documentation in ITSM (JIRA/Cortex). Performed advanced forensic analysis on security incidents—investigated unauthorized access attempts, conducted root cause analysis, and created detailed incident reports with remediation recommendations for audit compliance. Acknowledged, analyzed, and validated security incidents from SIEM platforms (Wazuh, Splunk, Microsoft Sentinel); applied advanced analytics to identify emerging threat patterns and anomalies in multi-source log data. Managed CrowdStrike Falcon EDR platform—investigated detections using file behavior analysis, network telemetry, and process execution context; identified and remediated malware, ransomware, and advanced threats on Windows/Linux endpoints. Conducted first-stage false positive analysis; developed and deployed suppression rules across SIEM platform to reduce alert noise while preserving critical detection fidelity, improving SOC operational efficiency by 25%.
Junior Penetration Tester Intern
Narayana Technologies
Dec 2023 - Mar 2024
Performed vulnerability assessments and penetration testing using Nessus; conducted network and web application VAPT identifying misconfigurations and OWASP Top 10 exploitable weaknesses. Documented security findings with comprehensive impact analysis, risk ratings, and prioritized remediation recommendations for stakeholder review. Developed proficiency in Linux environments for security testing, vulnerability exploitation, and threat simulation.
SIEM, EDR & Ticketing Contract
Junosys Networking Pvt. Ltd.
Apr 2024 - Jun 2024
Deployed and configured multinode Wazuh SIEM environment integrating Windows/Linux servers, Sophos & FortiGate firewalls, and multi-platform endpoints (macOS/Windows/Linux) for comprehensive security visibility. Integrated Shuffle SOAR platform with Wazuh for real-time endpoint monitoring and automated incident response; established seamless ITSM ticketing workflows for efficient incident management. Developed custom Wazuh correlation rules and decoders tailored to client threat landscape; improved detection accuracy and aligned detection capabilities with compliance requirements.
Education
Master of Science – Forensic Science - Sage University
2021 - 2023 · Afghanistan
Bachelor of Science – Forensic Science - Sage University
2018 - 2021 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Depends on Offer
Skills (26)
Click a skill to find developers with the same skill
