About
Experienced Cybersecurity Analyst with 3+ years of hands-on experience in monitoring, investigating, and responding to security incidents. Skilled in log analysis, threat hunting, and strengthening security controls to proactively defend against evolving cyber threats. Known for a detail-oriented approach and a strong ability to identify vulnerabilities, mitigate risks, and enhance overall security posture.
Skills & Expertise (18)
Work Experience
Cybersecurity Analyst
ITC Infotech
Mar 2025 - Present
Monitored and triaged alerts via SIEM tools IBM QRadar for advanced correlation and compliance reporting, and Wazuh for endpoint log analysis and intrusion detection preparing incident reports and providing actionable mitigation steps. Operated in a 24×7 SOC for a leading finance sector client, performing continuous monitoring, incident triage, and proactive threat hunting to protect critical financial systems and sensitive customer data. Conducted phishing email analysis, validating SPF, DKIM, and DMARC records to identify spoofing attempts and malicious campaigns. Used CrowdStrike Falcon for EDR and threat containment, leveraged CloudSEK threat intelligence for deep and dark web monitoring, brand/reputation tracking, and context-driven analysis; acted as first responder for security incidents. Created 50+ MITRE ATT&CK-based runbooks and 10 custom use cases to enhance threat detection and response. Delivered weekly Threat advisories and client reports to stakeholders. Used Freshservice and Jira for incident and service request ticketing, tracking, and escalation to ensure timely resolution. Prepare and deliver comprehensive monthly security reports to clients, highlighting incidents, trends, and actionable insights.
Cyber Security Engineer
Alif Cloud Consulting PVT.LTD
Apr 2024 - Feb 2025
Investigated security offenses on various SIEM tools, identifying threats, vulnerabilities, and unauthorized activities in real-time. Reviewed incidents and provided quality improvement recommendations to customers, including weekly reports and threat-hunting insights. Collaborated with integration teams to resolve parsing/mapping issues and suggested automation for repetitive alerts to reduce manual efforts. Analyzed logs from multiple sources (Firewalls, IDS/IPS, Windows, Cisco, antimalware, and email security) for potential security incidents. Managed security incidents based on severity, recommending fine-tuning for false positives and creating incidents for true positives.
Security Operations Center Analyst
Security HQ
Apr 2023 - Dec 2023
Coordinated event collection, log management, and security monitoring activities. Monitored and analyzed security events from QRadar health reports like GSOC and ENOC. Conducted console searches and monitored system health, disk utilization, and EPS allocation. Utilized Nagios for server, switch, firewall, and platform monitoring. Investigated security alerts, phishing emails, domains, and IPs using open-source tools to determine true threats or false positives. Reviewed and ingested IOCs from threat intelligence feeds into security controls. Fine-tuned SIEM rules to reduce false positives and improve detection accuracy. Worked in a 24x7 SOC, performing shift handovers and maintaining situational awareness.
Education
Bachelors of Engineering - Dr. DY Patil College of Engineering
2017 - 2020 · Afghanistan
Diploma - JSPM
2015 - 2017 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Open to Relocation
Skills (18)
Click a skill to find developers with the same skill
