About
Over all 8 Years of IT experience, Senior Cybersecurity Analyst including 4.5+ years in 24×7 SOC operations focused on threat detection and incident response. Hands-on experience with SIEM tools (QRadar, Splunk), EDR, firewall, proxy, and email security solutions. Skilled in incident investigation, log analysis, network traffic monitoring, and root cause analysis. Committed to proactive security monitoring and strengthening organizational cyber resilience.
Skills & Expertise (19)
Work Experience
Associate Engineer
JIO INFOCOMM LTD
Sep 2016 - Nov 2022
Responsible for handling tickets within Security operation also responsible performing regular health checks as per the standard procedure also responsible for creating incidents for Security Operation and providing 24x7 event monitoring and analysis support for proactive trend analysis of events. Providing timely reports to the Customers. Perform real-time monitoring, security incident handling, investigation (includes log analysis), reporting and escalation of critical security incidents to L2. Responsible for managing and experienced with creating new alerts for Security use cases. Hands on experience with automated malware analysis systems (Any run, hybrid Analysis). Responsible for security incidents as L2 analyst (malware infections, unauthorized access, malicious emails, Brute force attacks etc.)
Security Analyst
MOVATE TECHNOLOGIES PVT LTD
Nov 2022 - Feb 2024
Monitoring and analysis of events generated by various security and network tools like Firewalls, Proxy servers, AV, IPS/IDS, load balancer’s database, System Applications, Windows, and Linux servers etc. Security Incident Response: Responsible for monitoring of security alerts. Analysis of logs generated by appliances, investigation, and assessment on whether the incident is false positive or True positive. Use SIEM tools (Q Radar) to detect possible signs of security breaches and perform a detailed investigation to confirm a successful breach. Perform root cause analysis (RCA) and appropriately handle the incident as per the defined Incident Management Framework. Using Active Directory, will check the user’s activity sign-in logs and access privileges. Following end-to-end Incident Investigation and Incident Response process, ensuring closing of the investigation within the defined SLA. Escalation of security incidents to concerned teams and their management and follow-up for closure. Provide shift status and metric reporting. Coordinating with Network team, Server team regarding activities and technical issues. Finding the Critical servers and application inventory from respective business owners and scheduling the scan weekly, monthly, and Quarterly basics. Knowledge sharing session with the team members whenever complex incident issues are raised and lessons learned from other team members.
SOC L2 Analyst
LTI Mindtree
Jul 2024 - Present
Working as Security Analyst for SOC 24*7 environments. Monitor client sources of potential security incidents, health alerts with monitored solutions and requests for information. This includes the monitoring of real-time channels or dashboards, periodic reports, email inboxes, helpdesk or other ticketing system, telephone calls, chat sessions. Security Incident Response: Responsible for monitoring of security alerts. Analysis of logs generated by appliances, investigation, and assessment on whether the incident is false positive or True positive. Follow client and incident-specific procedures to perform triage of potential security incidents to validate and determine needed mitigation. Provide advanced analysis of the results of the monitoring solutions, asses escalated outputs and alerts from Level 1 Analysts. Following end-to-end Incident Investigation and Incident Response process, ensuring closing of the investigation within the defined SLA. Provide advice and guidance on the response action plans for information risk events and incidents based on incident type and severity. Creating tickets in Service Now Tool and tracking the status of the incidents. Provide end-to-end event analysis, incident detection, and manage escalations using documented procedures. Actively seek self-improvement through continuous learning and pursuing advancement to a SOC Shift Lead. Knowledge sharing session with the team members whenever complex incident issues are raised and lessons learned from other team members.
Education
B Tech - Sri Sivani Institute of Technologies
- · Afghanistan