About
SOC Analyst with 4.7 years of hands-on experience in 24x7 security monitoring, alert triage, and incident handling across enterprise environments. Proficient in SIEM-based log analysis and alert investigation using IBM QRadar, Splunk, and Microsoft Sentinel. Experienced in endpoint detection and response (EDR) monitoring and remediation using Symantec Endpoint Protection and CrowdStrike Falcon. Skilled in phishing analysis, email security investigations, and IOC-based blocking using Proofpoint and Symantec Email Security. Familiar with vulnerability assessment, ticket management, and SOC processes aligned with InfoSec, MSS, and GSOC operations.
Skills & Expertise (24)
Work Experience
Associate Team Lead (SOC)
Accenture
Oct 2021 - Present
Working on the Splunk, Qradar, Azure SIEM (console & web console) providing operations support at the Security Operations Center for different member firms. Performed continuous 24x7 monitoring of security alerts and events across SIEM platforms including IBM QRadar, Splunk, and Microsoft Sentinel. Investigated and triaged security incidents related to malware, phishing, suspicious logins, and endpoint threats. Analyzed logs from endpoints, email systems, and network devices to identify indicators of compromise (IOCs). Monitored and responded to endpoint alerts using Symantec Endpoint Protection and CrowdStrike Falcon. Conducted phishing email analysis and supported remediation actions using Proofpoint and Symantec Email Security. Assisted in implementing IOC-based blocking across email security, endpoint protection, and firewall controls. Supported vulnerability scanning activities using Nessus and Qualys and tracked remediation status. Raised, updated, and managed security incidents and service requests using ServiceNow. Prioritized incidents based on severity, impact, and SLA requirements in alignment with SOC procedures. Followed incident response and event lifecycle processes to ensure accurate documentation and closure. Collaborated with internal teams and senior analysts during security investigations and escalations. Maintained clear incident notes, evidence, and investigation findings for audit and compliance purposes. Supported InfoSec, MSS, and GSOC operational activities to ensure timely detection and response to security threats. Investigated phishing and spam incidents using Microsoft O365 Defender, notifying end users and coordinating remediation. Performed detailed alert investigation including timeline analysis, log correlation, and validation of true positives versus false positives across SIEM and EDR platforms. Executed containment actions such as endpoint isolation, malicious process termination, hash blocking, and IOC enforcement based on investigation findings. Conducted user and entity behavior analysis (UEBA) using SIEM data to identify abnormal authentication patterns, lateral movement, and suspicious access activity. Tuned alert thresholds and suppression rules under guidance to reduce alert noise and improve detection efficiency within SIEM tools. Independently handled medium-severity (P2/P3) incidents end-to-end, including investigation, response, documentation, and closure within defined SLAs. Managed the complete incident lifecycle including identification, triage, containment, root cause analysis, remediation.
Education
B.Sc - Computers - Aditya Degree College
- 2016 · Afghanistan
MBA – Human Resource - Rajiv Gandhi Institute of Management & Science
- 2019 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (24)
Click a skill to find developers with the same skill
