About
Cybersecurity Analyst with nearly 3 years of experience in IT security operations, specializing in real-time monitoring, log analysis, and incident response. Proven ability to analyze logs from SIEM tools including Splunk, QRadar, and Microsoft Sentinel, and troubleshoot logging issues. Experienced in handling and investigating alerts from EDR tools such as Microsoft Defender, SentinelOne, and CrowdStrike. Expertise in incident handling, threat detection, network traffic monitoring, identifying and classifying attempted compromises, and applying the MITRE ATT&CK framework to understand attacker behavior. Responsible for escalating security incidents to L2/L3 analysts and ensuring timely closure, contributing to effective threat hunting and security posture enhancement.
Skills & Expertise (27)
Work Experience
Data Security Analyst
Alorica
Mar 2023 - Dec 2025
Performed real-time monitoring, investigation, analysis, reporting, and escalation of security events across SIEM tools including IBM QRadar, Splunk, and Microsoft Sentinel within a 24/7 SOC environment, contributing to threat hunting and vulnerability assessments. Escalated security incidents based on client SLAs, providing detailed analysis and actionable recommendations to enhance customer security posture and mitigate threats. Performed initial triage of security incidents, identifying and categorizing threats for further investigation using analytical and problem-solving skills with meticulous attention to detail. Analyzed crucial alerts and performed in-depth log analysis using SIEM tools, identifying malicious URLs and suspicious IPs from IDS events, and blocking malicious websites on proxies to prevent virus downloads. Prepared daily, weekly, and monthly security reports as per client requirements, ensuring clear communication of security status and adherence to SLAs. Investigated and created cases for security threats, forwarding them to the Onsite SOC team for further action, demonstrating strong case management skills. Handled and investigated alerts from EDR tools such as Microsoft Defender, SentinelOne, and CrowdStrike, performing detailed threat analysis and contributing to vulnerability management. Monitored and analyzed network traffic and events generated by various security and network tools including Firewalls, Proxy servers, AV, IPS/IDS, Cloud platforms (Amazon, Azure, Google), Windows, and Linux servers, demonstrating strong networking fundamentals and Operating Systems knowledge. Utilized ServiceNow for recording and managing security investigations and incidents, ensuring efficient case management and adherence to Playbooks. Managed the escalation of security incidents to L2/L3 teams, ensuring follow-up for timely closure and adherence to security operations protocols and continuous improvement. Coordinated with Network and Server teams regarding security activities and technical issues, creating vulnerability and remedy reports for users, and troubleshooting technical issues. Reduced false positives by 20% and improved overall response time through meticulous log analysis and SIEM tuning, enhancing operational efficiency and supporting root cause analysis. Executed containment actions, including endpoint isolation, account disabling, and blocking malicious domains and IP ranges, to neutralize threats and support incident response. Managed security incidents end-to-end, encompassing preparation, detection, containment, eradication, recovery, and documenting lessons learned for continuous improvement and SOC evolution. Followed end-to-end Incident Investigation and Incident Response processes, ensuring investigations were closed within defined SLAs and contributing to security operations. Adhered to SOC playbooks and response procedures, supporting threat hunting activities during investigations and leveraging analytical skills for threat analysis. Reduced response time by 30% by leveraging SOAR automation for streamlined incident handling and efficient security operations, demonstrating advanced technical skills.
Education
Bachelor's Degree - Kakinada Institute of Engineering and Technology
- 2021 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
