About
Diligent Cyber Security Engineer with seven years of experience in Cybersecurity profile for providing security services to high value clients with hands on experience on Threat Analysis, Security Monitoring, Incident Response & Reporting. Also, one years of experience in Windows domain.
Skills & Expertise (36)
Work Experience
System Administrator / Desktop Support Engineer
Adxor technologies Private Limited
Oct 2017 - Oct 2018
Installed and configured Windows Server 2003, 2008, and 2012 on physical and virtual servers, including Dell PowerEdge and HP ProLiant. Installed, configured, and managed Windows Server roles such as Active Directory, DNS, and DHCP. Performed server upgrades and supported RAID configuration activities. Created and managed Active Directory objects, including user accounts, security groups, and computer accounts. Provided end-user support for server and desktop-related issues. Installed and supported enterprise software such as antivirus solutions, Microsoft Office, AutoCAD, and other applications. Performed hardware troubleshooting for desktops, laptops, and servers. Supported basic network setup, including LAN cable crimping and connectivity troubleshooting. Configured printers, Microsoft Outlook, and joined systems to the Active Directory domain. Maintained inventory records for servers, desktops, and laptops. Supported video conferencing setup, including creation and configuration of BlueJeans meeting IDs.
Security Engineer (Windows & Security Operations)
Inknowtech Private Limited
Nov 2018 - Oct 2019
Monitored Qradar SIEM dashboards to identify security alerts, system anomalies, and compliance-related events. Performed Windows Server patching using WSUS, ensuring systems remained compliant with security and update policies. Supported achievement of ~99% compliance for antivirus and Windows patching, aligning with organizational security standards. Conducted daily system health checks and compliance validation activities across Windows servers. Performed privileged access reviews for internal audits by validating user and admin-level access on servers. Raised and tracked change requests for planned maintenance, patching, and security-related activities as per change management process. Restarted servers as part of approved patching and compliance activities, following maintenance windows. Implemented Windows Server hardening configurations based on security baselines and best practices. Managed and reviewed NTFS permissions on shared drives to ensure least-privilege access. Configured and maintained MAC address binding on DHCP servers to control unauthorized device access on the network.
Security Analyst
NLB Services Pvt. Ltd
Mar 2023 - Jan 2024
Monitoring and investigation the security alert by using Azure sentinel, CrowdStrike, Cisco Umbrella, Proofpoint, CASB, Duo Authenticator, Symantec AV. Analysing user-reported phishing and suspicious emails using Proofpoint (TRAP and TAP modules) and followed defined remediation procedures. Monitoring and analysis of authentication and MFA logs using Duo to identify suspicious login activity. Performing vulnerability and security scans for newly onboarded and production servers using Rapid7 and get it remediated before the move in production. Security assessment of user-requested software based on scan results and security guidelines. Review the DLP report generated by Digital Guardian. Executed domain block-listing and allow-listing tasks in Cisco Umbrella as per the incident response and approved requests. Used ServiceNow for incident, request, and change management, ensuring accurate ticket updates and documentation. Followed defined escalation procedures and coordinated with senior teams for high-severity or complex incidents. Assisted in onboarding and integration of log-sources into SIEM platforms.
Senior Security Analyst
Futurismtechnology Pvt. Ltd
Jan 2024 - Present
Worked as a Senior Security Analyst and acted as a shift lead, coordinating day-to-day SOC activities during assigned shifts. Provided operational support to team members during the shift and ensured alerts and incidents were handled as per SOPs. Continued to work as an individual contributor, actively monitoring and analysing security alerts across multiple security tools. Investigated and triaged security incidents using Azure Sentinel, QRadar, Splunk, Microsoft Defender, Proofpoint, Cybereason, and Cisco Umbrella. Analysed user-reported suspicious emails and performed security validation using Proofpoint and Microsoft Defender for Office 365. Monitored Azure AD sign-in and audit logs to identify suspicious or anomalous user activity. Performed incident response actions such as machine isolation, antivirus full scan, IOC blocking, session revocation, and user account disablement as per playbooks. Performed SIEM use-case tuning to reduce false positives and improve alert quality. Created and updated detection rules based on predefined use cases and threat scenarios. Used ServiceNow for incident, request, and change management and ensured timely ticket updates. Monitored aging incidents and escalated them to relevant teams according to defined escalation procedures. Supported investigation of leaked credentials on the dark web using Kaseya tools and followed remediation steps. Assisted in onboarding and integration of log sources into SIEM platforms. Prepared weekly and monthly security reports and shared findings with internal and client stakeholders.
Security Analyst
SecurView System Pvt Ltd
Dec 2019 - Mar 2023
Worked across multiple security monitoring channels within the Security Operations Center (SOC). Performed initial review and triage of security incidents generated by SOC tools, based on priority and impact related to network, servers, applications, and end users. Conducted continuous monitoring of security events using QRadar, Splunk, Microsoft Defender, CrowdStrike, and Cisco AMP to identify potential suspicious activity. Used SIEM platforms to review alerts, perform basic research, and support reporting activities. Followed defined escalation procedures for high-priority or multi-user–impacting incidents and kept stakeholders informed as per process. Ensured accurate and complete ticket documentation, recording observations, actions taken, and updates in ticketing systems. Used SecHub365, Footprints, and Symphony for incident handling, collaboration, and ticket updates. Performed basic historical and offline log searches to support investigations and shared findings with senior analysts. Monitored systems and devices using Nagios to identify availability or health-related alerts and escalated issues when required. Assisted with Windows Server patching activities under guidance and followed standard change management procedures.
Education
Bachelor of Engineering in Mechanical Engineering - RGPV Bhopal University
- 2015 · Afghanistan
HSC With Mathematics - Madhya Pradesh Board of Secondary Education
- 2010 · Afghanistan
SSC With Common Subject - Madhya Pradesh Board of Secondary Education
- 2008 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Current Company
Other
Visa Status
Citizen
Relocation
Open to Relocation
