About
SOC Analyst with 4+ years of experience in SIEM monitoring, incident response, threat hunting, phishing analysis, and vulnerability management. Skilled in Microsoft Sentinel, IBM QRadar, Splunk Enterprise Security, Microsoft Defender for Endpoint, and KQL. Proven ability to reduce false positives, improve incident response efficiency, and support enterprise SOC operations in 24x7 environments. Experienced in log analysis, use case tuning, alert correlation, MITRE ATT&CK mapping, and root cause analysis. Proficient in investigating malware, ransomware, insider threats, and advanced persistent threats (APTs). Strong knowledge of endpoint security, email security, network traffic analysis, and threat intelligence integration.
Skills & Expertise (31)
Work Experience
Security Analyst
IBM
Feb 2024 - Present
Performed 24x7 SOC monitoring and real-time analysis of security events using IBM QRadar and Splunk Enterprise Security to detect, investigate, and remediate cyber threats. Monitored intrusion attempts, unauthorized access, malware, phishing, and anomalous activities across firewalls, IDS/IPS, endpoints, servers, Active Directory, DNS, proxy, and cloud environments. Conducted threat hunting and advanced analysis to identify IOCs, IOAs, and TTPs aligned with MITRE ATT&CK. Executed end-to-end incident response including triage, containment, eradication, recovery, root cause analysis, and forensic log review. Developed and tuned correlation rules, detection use cases, dashboards, and automated reports to improve detection accuracy and reduce false positives. Performed vulnerability assessments and coordinated remediation with infrastructure, network, and application teams. Leveraged threat intelligence and VirusTotal for IOC enrichment and validation. Documented incidents, remediation actions, and lessons learned to support compliance, audits, and continuous improvement. Collaborated with global cross-functional teams to implement security controls and strengthen organizational security posture. Maintained SLA/KPI adherence while contributing to security automation, process standardization, and SOC operational scalability.
Security Analyst
TCS
Jan 2022 - Dec 2023
Investigated suspicious authentication activity, impossible travel events, and abnormal account behavior to detect compromised identities and unauthorized access attempts. Monitored DNS, web proxy, VPN, and firewall telemetry to identify command-and-control traffic, beaconing patterns, and potential data exfiltration. Created and maintained custom KQL queries and hunting dashboards in Microsoft Sentinel to uncover hidden threats and improve visibility. Performed endpoint and user behavior analysis to detect privilege misuse, policy violations, and insider threat indicators. Validated malware hashes, domains, IP addresses, and URLs using VirusTotal and open-source intelligence sources. Coordinated with email, network, and endpoint teams to isolate affected systems and block malicious indicators across security controls. Conducted retrospective searches across historical logs to determine the scope and duration of security incidents. Developed knowledge base articles and investigation checklists to standardize analyst workflows and accelerate onboarding. Tracked security trends and operational metrics, including incident volume, false-positive rates, and response effectiveness. Supported audit and compliance activities by providing evidence, control documentation, and incident records aligned with organizational policies.
Education
Bachelor of Commerce (B.Com) - Sri Krishnadevaraya University
- 2019 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (31)
Click a skill to find developers with the same skill
