About
Around 6+ Years of hands-on Experience in Security Operations. Incident Response, Endpoint Security, Phishing analysis, Threat Intelligence, Network Security. Good understanding of log formats of various devices such as Web sense, Vulnerability Management Products, IDS/IPS, EDR, Firewalls, WAF, Proxy, Routers, Switches, OS, DB Servers, and Antivirus. Experience in Information Security with emphasis on security operations, Log monitoring, Log management, incident management, and security event analysis through Sentinel & Splunk SIEMs.
Skills & Expertise (47)
Work Experience
Consultant – B2
Capgemini Technology Services India Ltd
May 2025 - Jan 2026
Led CrowdStrike Falcon implementation across CG enterprise networks supporting US and Europe regions, ensuring secure onboarding and policy enforcement. Deployed and managed Endpoints through the CrowdStrike Falcon Console, including sensor rollout, host grouping and prevention policy configuration. Monitored real-time threats and alerts, performing investigation, containment, and remediation using Falcon EDR/XDR capabilities. Troubleshot endpoint, sensor, and connectivity issues across Windows/Linux environments to ensure full protection coverage. Worked closely with global IT & SOC teams to resolve incidents, tune detections, and reduce false positives. Supported compliance and security posture improvement by maintaining endpoint health, asset visibility, and response workflows.
INFORMATION SECURITY ANALYST - SOC
JV HR Management Pvt Ltd
Jul 2018 - Apr 2025
Working in Security Operation Centre (24/7), monitoring of SOC events, Detecting and Preventing the Intrusion attempts. Worked for MNC clients, interacting directly with the customers, presenting SOC status reports and completing the action items according to client request. Real time monitoring of Network Security devices such IPS, Firewall, DLP, Endpoint Security, Operating system, and Email security, servers, VPN etc. Performing the in-depth analysis to identify root cause of the incidents and performing malware analysis to identify behavior of the files. Analyzing the phishing emails which are reported by the employees to the SOC team and identifying whether the reported email is a phishing or spam or legitimate. Performing the phishing campaign and educating the employees. I have a strong understanding of analyzing the cloud logs which comes from Cloudwatch, Cloudtrial, VPC flows logs. Development of Reports and Dashboards in Splunk 3 Sentinel. Performing the vulnerability assessment and coordinating with patching team to remediate the vulnerabilities. I had performed auditing on firewalls to identify the security configuration issues and vulnerabilities using nipper. Using AV and other analysis tools to perform Malware Analysis and complete removal of malware from client's environment. Performing daily health checkup of the SIEM solution to make sure all the log sources are reporting the logs into the SIEM platform. Differentiate the false positives from true intrusion attempts and help remediate / prevent. Support escalation and work closely with stakeholders as required. Document all actions taken during incident investigations and creating the incident report and share to the stake holders. Provide tuning and filtering recommendations to engineering teams. Support requests for data by the customer and other teams analyzing daily, weekly and monthly reports. Taking the appropriate action based on advisories ioc's, identifying threat actor using Mitre ATTACK, etc and coordinating with respective team to block the ioc's. Hunting for the iocs which are provided advisories and identify if there is any suspicious communication attempts. Developing the standard operation procedures based on NIST incident response life cycle. Analyze and investigate the alerts in SOC monitoring tool to report any abnormal behaviors, suspicious activities, traffic anomalies etc. Conduct analysis of network traffic and host activity across wide array of technologies and platforms. Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts.
Education
Bachelor Of Engineering - RKDF Institute Of Science And Technology
- 2020 · Afghanistan
