About
SOC Analyst with 4.8 years of experience in Security Operations, SIEM Engineering, Threat Detection, and Incident Response within 24x7 MSSP environments. Proven expertise in IBM QRadar, Splunk, Microsoft Sentinel, and advanced security tools including CrowdStrike, Defender for Endpoint, Proofpoint, and Cortex XSOAR. Strong hands-on experience in log source onboarding, correlation rule creation, threat hunting (MITRE ATT&CK), and incident lifecycle management. Adept at reducing false positives, improving detection use cases, and providing actionable security insights to enterprise clients.
Skills & Expertise (24)
Work Experience
SOC Analyst
Accenture
Aug 2021 - Present
Administer and manage IBM QRadar, Splunk, and Microsoft Sentinel for enterprise clients. Onboard and normalize logs from cloud, SaaS, endpoint, firewall, proxy, and custom applications. Develop and fine-tune correlation rules, alerts, dashboards, and use cases. Perform advanced threat hunting using MITRE ATT&CK framework and behavioral analysis. Investigate and respond to security incidents across endpoints, network, and email vectors. Handle complete incident lifecycle (triage → investigation → escalation → closure). Integrate threat intelligence feeds (IOC ingestion via APIs) to enhance detection capability. Reduce false positives by optimizing detection logic and tuning SIEM rules. Monitored SIEM tools (QRadar/Splunk) for real-time security alerts and performed alert triage, classification, and initial investigation. Investigated endpoint alerts using CrowdStrike and Defender and conducted phishing analysis and email threat investigation. Escalated confirmed incidents with detailed analysis to L2/L3 teams. Performed log analysis across firewall, proxy, and endpoint sources. Supported log onboarding and parsing activities in SIEM. Conducted vulnerability assessments using Qualys and Nessus and maintained incident tickets (ServiceNow) ensuring SLA compliance. Followed SOC playbooks and ensured proper documentation. Assisted in improving detection rules and reducing false positives. Analyze phishing emails using Proofpoint and header analysis techniques. Perform malware analysis using sandboxing tools and endpoint telemetry. Create and manage SOC SOPs, runbooks, and incident response procedures. Support Cortex XSOAR automation playbooks for incident response workflows. Conduct risk assessments and log analysis for suspicious activities. Monitor DLP incidents and enforce data protection policies. Collaborate with clients as Primary POC for security incidents and advisory. Prepare and present monthly security reports and metrics dashboards. Perform WAPT testing using Burp Suite & Acunetix and share remediation reports.
Education
M.Sc – Bio Chemistry - Jawaharlal Nehru Technological University
- 2012 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (24)
Click a skill to find developers with the same skill
