About
SOC Analyst (L2) with 3+ years of experience in Security Operations, Threat Detection, and Incident Response across MSSP environments. Hands-on expertise in IBM QRadar, Microsoft Azure Sentinel (KQL), SIEM monitoring, Devo, and Swimlane. Skilled in threat hunting, log analysis, IOC mapping, and incident handling aligned with MITRE ATT&CK, NIST, and SANS frameworks. Proven ability to reduce false positives, improve detection use cases, and maintain SLA-driven response in 24/7 SOC environments. Currently upskilling in advanced SIEM and SOAR use case development, threat hunting, and cloud security (Azure).
Skills & Expertise (36)
Work Experience
Level 1 SOC Analyst
Capgemini
Aug 2022 - Oct 2025
This project provides 24/7 monitoring services for 16 clients, including both internal and external customers, all integrated on a single SIEM platform. Reduced incident detection and response time (MTTD) by 25% by fine-tuning correlation rules and optimizing alert thresholds. Maintained SLA compliance above 90% across all assigned accounts and ensured accurate alert categorization. Monitored security events for 16 clients on a unified IBM QRadar platform. Performed initial triage of events, categorized incidents, and escalated validated threats to the L2 team. Conducted regular health checks on log sources and performed log gap analysis to ensure complete visibility. Generated daily and weekly security incident reports with detailed findings and remediation suggestions. Coordinated with internal stakeholders and clients to ensure clear communication and timely updates.
Level 2 / Shift Lead
Capgemini
Aug 2022 - Oct 2025
Worked as part of the SOC team supporting the IKEA environment, responsible for continuous security monitoring, alert triage, incident handling, and escalation of suspicious activities. Supported critical incident handling by coordinating with resolver teams and ensuring timely updates during high-priority security events. Acted as a point of contact during major incidents, facilitating communication between SOC and internal technical teams. Ensured operational efficiency during shifts by maintaining alert queues, SLA compliance, and effective incident escalations. Prioritized and managed P1/P2 critical incidents with immediate attention and timely escalation. Conducted bridge calls during high-severity incidents and coordinated with cross-functional teams for effective resolution. Shared relevant logs, IOCs, and investigation findings with resolver teams to support remediation and closure. Ensured accurate documentation and end-to-end tracking of alerts and incidents in line with client and SOC standards.
Level 2 SOC Analyst
Capgemini
Aug 2022 - Oct 2025
Client: Leading automotive manufacturing MNC (Europe). Awarded 'Performance Excellence 2024' for outstanding performance. Improved detection efficiency by tuning SIEM rules and reducing false positives. Designed and implemented incident response playbooks. Investigated and escalated true positives identified by L1 team, ensuring timely response and stakeholder communication. Reduced false positives by optimizing correlation rules, fine-tuning use cases, and integrating IOCs. Developed and implemented incident response playbooks aligned with MITRE ATT&CK, NIST, and SANS frameworks. Utilized advanced KQL in Azure Sentinel for threat detection, anomaly identification, and pattern analysis.
Education
B.E. in Electronics and Telecommunications - Channabasaveshwara Institute of Technology
- · Afghanistan
Higher Secondary Education - Vijaya PU College
- · Afghanistan
Secondary Education - Don Bosco High School
- · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Open to Relocation
