About
Information Security professional with 2.2+ years of experience in Security Operations Center (SOC) specializing in real-time threat monitoring, incident investigation, and security event analysis. Experienced in analyzing security alerts using SIEM tools such as Splunk and IBM QRadar, performing incident triage, log correlation, and root cause analysis to detect and respond to cyber threats.
Skills & Expertise (30)
Work Experience
Information Security Analyst L1
Accenture
Feb 2024 - Present
Working in a 24×7 Security Operations Center (SOC) environment monitoring enterprise security infrastructure. Monitoring and analyzing real-time security alerts using SIEM tools such as Splunk and IBM QRadar. Investigating security alerts generated from SIEM, EDR, IDS/IPS, firewall, and proxy solutions. Performing incident triage and detailed investigation of security incidents including malware, phishing, and suspicious login activities. Conducting root cause analysis (RCA) for identified security incidents. Using CrowdStrike EDR and Microsoft Defender for endpoint threat detection and investigation. Correlating logs from multiple sources such as servers, endpoints, and network devices to identify attack patterns. Escalating high-severity incidents to higher-level security teams and coordinating remediation. Creating and managing incident tickets in ServiceNow and tracking them until closure. Preparing daily, weekly, and monthly security monitoring reports for management and clients. Using MITRE ATT&CK and Cyber Kill Chain frameworks to analyze attacker behavior and improve detection capabilities.
Education
Bachelors of Engineering in Electronics and Telecommunication
- · Afghanistan
