About
SOC & IT Security Analyst with 4 years of experience in monitoring, triaging, analyzing, and responding to security incidents across diverse enterprise environments. Skilled in incident triage, log analysis, and applying the Security Incident Response, NIST (800-61), MITRE ATT&CK framework to identify attack patterns and improve detection. Hands-on experience with threat intelligence, endpoint security, and network traffic analysis to support proactive defense measures. Strong understanding of incident response workflows, documentation standards, and coordination with SOC and IR teams for timely resolution. Proficient in using SIEM tools like MS Sentinel and LogRhythm for real-time alert analysis, correlation, and escalation.
Skills & Expertise (23)
Work Experience
IT Security Analyst
PCLogiq Computers LLC
Sep 2019 - Nov 2021
Performed basic IOC lookups using VirusTotal and threat intelligence sources. Reviewed reported phishing emails, analyzed headers, URLs, and attachments, and classified them accurately. Assisted in email remediation activities including email purge, sender/domain blocking, and user awareness notifications. Documented phishing investigation outcomes and recommended follow-up actions. Maintained accurate incident records in ticketing systems such as ServiceNow. Followed incident response playbooks and contributed to improving documentation quality. Analyzed logs from Windows Event Viewer, Linux systems, firewalls, and proxy devices to detect anomalies. Reviewed authentication logs, process execution events, and network traffic for signs of compromise. Supported containment activities such as user isolation, account locking, and IOC blocking under guidance from senior analysts. Collected and preserved incident evidence including logs, screenshots, and email headers for further analysis. Assisted in security incident investigations involving phishing emails, malware alerts, brute-force login attempts, and suspicious network activity. Identified false positives and escalated confirmed security incidents to senior analysts following defined SOPs. Performed initial alert triage by validating events, checking indicators of compromise (IOCs), and determining severity.
SOC Analyst – L1
PCLogiq Computers LLC
Dec 2021 - Sep 2022
Performed initial triage and analysis of alerts, identifying false positives and escalating genuine incidents for deeper investigation. Analyzed firewall, proxy, endpoint, and server logs to identify Indicators of Compromise (IOCs) and potential attack patterns. Supported incident response by collecting evidence, isolating affected systems, and coordinating with relevant teams for containment. Conducted threat intelligence checks using VirusTotal, AbuseIPDB, and AlienVault OTX for validation of malicious IPs, URLs, and hashes. Assisted in preparing incident reports, maintaining investigation records, and updating the SOC ticketing system. Participated in phishing email investigations and helped implement preventive measures such as domain and IP blocking. Provided feedback for SIEM rule tuning and contributed to improving alert accuracy and detection efficiency. Collaborated with Network, IT, and Endpoint Security teams to ensure timely response and remediation. Ensured continuous monitoring during assigned shifts and maintained accurate handover notes for 24×7 operations.
Education
Master of Science (M.Sc.) - Osmania University
- 2019 · Afghanistan
