About
SOC Analyst with close to 4 years of experience in 24x7 security operations, specializing in monitoring, investigation, and response to security incidents. Skilled in analyzing and escalating alerts across Cortex XDR, Microsoft Sentinel, and Splunk. Experienced in malware triage, cloud security, phishing investigations, DLP incident handling, and KQL-driven threat hunting, with strong focus on incident lifecycle management and collaboration with THR teams for effective containment and remediation.
Skills & Expertise (27)
Work Experience
Cyber Security Analyst
EY Global Delivery Services India LLP
Oct 2022 - Present
Investigated endpoint alerts in Cortex XDR and Microsoft Defender, analyzing process trees, file behavior, and network telemetry to identify malicious activity and initiate containment actions such as host isolation. Conducted log correlation and threat hunting in Microsoft Sentinel and Splunk using KQL to validate alerts, detect lateral movement, and determine incident scope and impact. Led end-to-end investigation of a malware infection incident—performed initial triage, process, and hash analysis, validated IOCs, and collaborated with onsite THR team to isolate and remove compromised host from the environment. Performed static and dynamic malware analysis using Joe Sandbox, PEStudio, and VirusTotal to determine threat behavior and recommend remediation. Conducted end-to-end investigation of Wiz cloud security findings, including vulnerability exploitation risks, cloud misconfigurations, identity and access exposures, and attack paths; validated findings, assessed business impact, and drove remediation efforts with cloud and infrastructure teams. Conducted phishing email investigations using header analysis, URL detonation, and Proofpoint TAP to block malicious domains and prevent user compromise. Investigated DLP incidents across email, web uploads, OneDrive, and removable media using Symantec DLP. Documented evidence and coordinated with Legal/HR for policy enforcement. Partnered with engineering team to tune detection rules, reducing false positives, and improving alert fidelity. Delivered KT sessions for new analysts on Sentinel, phishing triage, and Cortex XDR investigations.
Education
Bachelor of Technology in Electronics and Communication Engineering (E.C.E.) - CMR University
2018 - 2022 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (27)
Click a skill to find developers with the same skill
