About
Detail-oriented Cybersecurity Analyst with 3+ years of experience in security operations, incident response, and threat analysis. Proficient in SIEM platforms including Microsoft Sentinel and Splunk, with strong expertise in log analysis, alert triage, and network protocol monitoring. Demonstrated ability to detect and respond to threats such as malware, phishing, ransomware, and DDoS. Experienced with firewalls, IDS/IPS, EDR tools, endpoint and cloud security (Azure). Familiar with MITRE ATT&CK; framework, vulnerability management, and security best practices. Pursuing CySA+ certification to further strengthen analyst capabilities.
Skills & Expertise (52)
Work Experience
Security Operations Centre (SOC) Analyst
Tata Consultancy Services
Mar 2024 - Present
Monitored and analyzed security alerts using Microsoft Sentinel and Microsoft Defender XDR in a 24x7 SOC; triaged L2 incidents and validated true positives across endpoint, identity, and email layers. Investigated incidents involving malware, phishing, ransomware indicators, suspicious authentications, and BEC using Microsoft Defender and Microsoft Entra ID, following MITRE ATT&CK-aligned runbooks. Performed log analysis and correlation using KQL in Sentinel across systems, servers, and network devices to detect anomalies, DDoS patterns, and advanced threat behaviors. Conducted phishing and email threat analysis (malware, spoofing, BEC) leveraging Defender for Office 365 and email security platforms including Mimecast, Proofpoint, and Cofense. Managed complete incident lifecycle in ServiceNow — including documentation, containment, recovery steps, and escalation to L3/IR teams — maintaining >95% SLA compliance. Tuned SIEM detection rules and use cases, reducing false positives by ~25–35% and improving overall alert fidelity and SOC efficiency. Enriched threat intelligence using VirusTotal, AbuseIPDB, and AlienVault OTX; developed Sentinel watchlists, dashboards, and workbooks to support proactive threat hunting and risk analysis. Identified vulnerabilities and assisted in recommending remediation actions; collaborated with cross-functional teams to implement security controls and maintain security documentation and incident reports.
Email Security Administrator (Mimecast and Fortimail)
Tata Consultancy Services
Aug 2022 - Mar 2024
Administered and optimized Mimecast and FortiMail solutions by fine-tuning anti-phishing, safe links, and attachment protection policies. Managed email security incident response by performing root cause analysis and supporting remediation efforts. Executed disaster recovery, system upgrades, and capacity planning for improved security resilience. Collaborated with vendors, stakeholders, and internal teams to deploy and maintain robust email security configurations. Improved communication flow and reduced email response delays by 30% through project delivery optimization.
Education
Master of Computer Application (MCA) - Mahakal Institute of Technology, Ujjain, India (RGPV)
2020 - 2022 · Afghanistan
Bachelor of Computer Application (BCA) - Lokmanya Tilak College, Ujjain, India (RGPV)
2016 - 2019 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
Skills (52)
Click a skill to find developers with the same skill
