About
I am a Cybersecurity SOC Analyst with 4 years of experience working in 24/7 Security Operations Center environments, where I have been actively involved in monitoring, detecting, and responding to security incidents across enterprise networks. Over the years, I have developed strong hands-on experience in working with SIEM tools like Microsoft Azure Sentinel, Splunk, IBM QRadar, and SentinelOne SIEM to analyze alerts, perform investigations, and ensure timely response to potential threats. In my current role, I regularly perform alert triage, classify incidents based on severity, and investigate suspicious activities using logs, threat intelligence, and correlation techniques. I have practical experience writing KQL and SPL queries to dig deeper into security events and identify hidden threats. I also have good exposure to threat hunting and mapping attacker behavior using the MITRE ATT&CK framework. I have worked extensively on EDR tools such as CrowdStrike Falcon, SentinelOne, and Microsoft Defender for Endpoint, where I analyze endpoint alerts, review process activities, and take necessary actions like isolating compromised systems and supporting incident containment. I am also experienced in handling phishing and email-related threats using Microsoft O365 Defender and Trend Micro Email Gateway, including email header analysis, identifying spoofing attempts, and removing malicious emails from user mailboxes. Apart from this, I have hands-on experience with DLP tools like Zscaler and Forcepoint, where I investigate data leakage alerts and enforce security policies. I have also supported Privileged Access Management using BeyondTrust, managing secure access and monitoring privileged sessions. Along with security operations, I have worked on user access management in Active Directory and Azure AD, handling account-related issues and ensuring proper access control. I am comfortable working with ticketing tools like ServiceNow and ManageEngine, where I document incidents, track progress, and coordinate with different teams for resolution. I also have a good understanding of networking fundamentals, including TCP/IP, DNS, VPN, and general security concepts. I hold certifications such as SC-200 (Microsoft Security Operations Analyst) and CEH, and I am always eager to learn and improve my skills in cybersecurity. I am now looking for an opportunity where I can contribute my experience, grow further, and be part of a strong security team.
Skills & Expertise (45)
Work Experience
IT Security Analyst (SOC L1)
INFINX Technology Solutions Private Limited
Mar 2022 - Mar 2026
Monitored security alerts 24x7 across Microsoft Azure Sentinel, Splunk ES, Sentinel One SIEM, and IBM QRadar, ensuring timely detection and triage of threats within defined SLA windows. Performed first-level alert triage — classified alerts as true positive, false positive, or benign, and assigned severity levels (Critical / High / Medium / Low) based on asset impact and threat context. Conducted log monitoring and event correlation to identify anomalies, suspicious patterns, and indicators of compromise (IOCs) across enterprise environments. Wrote and executed KQL queries in Microsoft Azure Sentinel to investigate incidents, hunt threats, and analyze logs across connected data sources. Authored SPL (Search Processing Language) queries in Splunk Enterprise Security to perform log analysis, event correlation, and ad-hoc threat investigations. Leveraged Sentinel UEBA (User Entity Behaviour Analytics) to detect insider threats, compromised accounts, and anomalous access patterns. Performed security event triage by analyzing alerts, investigating suspicious IP addresses, domains, and file hashes using Virus Total, Abuse IPDB, and threat intelligence platforms.
Education
Master of Business Administration (MBA) - Garden City University
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Relocation
Depends on Offer
Skills (45)
Click a skill to find developers with the same skill
