About
Security Analyst with a total of 3 years of professional experience, including 2+ years in Security Operations Centre (SOC) environments, 6 months of hands-on experience in Vulnerability Assessment and Penetration Testing (VAPT), and 6 months of experience as a Java Developer. Proven expertise in Alerts monitoring, alert triage, incident analysis, SIEM rule tuning, and detection engineering using Splunk and ArcSight. Experienced in threat hunting aligned with the MITRE ATT&CK framework and SIEM use-case development. Hands-on experience as an administrator in Splunk UBA implementation, including configuration, tuning, and behavioural analytics. Strong understanding of security monitoring, attack techniques, and proactive threat detection.
Skills & Expertise (43)
Work Experience
Cyber Security Trainee
TATA Strive
May 2023 - Dec 2024
Supported VAPT activities including vulnerability scanning, manual validation, exploitation basics, and security report documentation aligned with OWASP Top 10. Tested web applications for SQL Injection, XSS, CSRF, and phishing attacks using SQLMap, Burp Suite.
SOC Analyst
Sattrix Information Security
Jan 2024 - Present
Monitored and triaged security events in and Splunk Enterprise, Splunk Cloud, Google SecOps & ArcSight ESM analysing logs from firewalls, IDS/IPS, EDR, antivirus, proxy, Windows, Linux, and cloud environments. Performed in-depth investigations to distinguish true positives vs false positives, escalating validated incidents with evidence, PCAPs, and remediation actions. Created and fine-tuned usecases rules, dashboards, SPL searches, and automated reports to improve detection accuracy and reduce alert fatigue. Detected and analysed attacks related to phishing, malware, brute force, DDoS, SQL injection, ransomware, suspicious process execution, lateral movement, privilege escalation, and C2 activity. Performed incident documentation following NIST/ISO standards including RCA, timeline creation, evidence preservation, and post-incident reporting. Collaborated with SOC L2/L3, security engineering, incident response, and network teams for containment, eradication, and recovery of critical incidents. Administered and implemented Splunk User Behaviour Analytics (UBA), including initial setup, data source integration, model configuration, and system tuning to enable advanced behavioural threat detection. Configured and maintained UBA data ingestion from Splunk Enterprise, ensuring accurate user, device, and event correlation for insider threat and anomaly detection.
Education
Bachelor of Engineering (Computer Science) - Silver Oak College of Engineering & Technology
2019 - 2023 · Afghanistan
Certifications
Splunk Essentials
· 2025
Certified Cybersecurity Analyst
Tata Strive · 2023
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation