About
Cyber Security professional with 4 years of experience in Security Operations (SOC), Incident Response, Threat Hunting, Malware Analysis, SIEM & SOAR investigations, and enterprise security monitoring. Skilled in Windows/Unix log analysis, IDS/IPS alerts, DLP, EDR telemetry, and Firewall analysis. Strong expertise in Proofpoint, Microsoft Defender, Securonix, Splunk, QRadar, CrowdStrike, Netskope, Palo Alto, OSINT, Threat Intelligence, and MITRE ATT&CK aligned investigations.
Skills & Expertise (23)
Work Experience
Security Delivery Senior Analyst
Phantez Tech
Sep 2024 - Present
Analyze real-time security violations using Cyber Kill Chain methodology in Securonix SOAR. Investigate high-criticality alerts in Microsoft Defender EDR (MDC/MDO). Perform malware analysis and signature hunting using Defender Advanced Hunting. Handle high-severity phishing alerts in Proofpoint and extract IOCs. Perform deep forensic analysis using Proofpoint TAP and block/purge via TRAP. Monitor DLP alerts in Netskope/Proofpoint; handle GDPR, HIPAA, PCI, PII incidents. Analyze Palo Alto Panorama logs and request blocking of malicious IPs/domains. Monitor domain-squatting alerts via BlackKite and coordinate takedowns with the legal team. Use OSINT tools and collaborate with Threat Intel teams for investigations. Track dark-web alerts from CrowdStrike and SOC Radar to protect user credentials. Monitor Armis IoT alerts and report findings to asset owners. Review MITRE ATT&CK techniques and update TTP mappings. Conduct internal security knowledge sessions. Participate in internal risk audits and drive incident response workflows. Work with clients to define processes, workflows, and SOP improvements.
Cyber Security Consultant
Helson Software Solutions pvt.
Jun 2022 - Sep 2024
Investigate QRadar/Splunk alerts from Palo Alto IDS/IPS, SonicWall, CrowdStrike, and Windows logs. Perform triage and create incidents in ServiceNow based on severity levels. Monitor SIEM log sources and troubleshoot ingestion issues. Develop custom SIEM use cases and correlation rules. Investigate CrowdStrike endpoint alerts for malicious activity and downloads. Generate vulnerability assessment reports using Rapid7. Document SOPs and use-case documentation as per client requirements. Analyze UBA alerts to identify abnormal user activities. Perform threat hunting by analyzing vulnerable ports and suspicious activities. Collaborate with onsite teams for root-cause investigations.
Education
Bachelor of Technology (B.Tech) - NIRMT University
- 2015 · Afghanistan
Certifications
CyberBit Intermediate Program
· 2023
Advanced Cyber Security Program
IIIM Bangalore · 2023
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (23)
Click a skill to find developers with the same skill
