About
Information Security Analyst with 2.9+ years of hands-on SOC experience in real-time security monitoring, incident investigation, and threat detection across enterprise environments. Strong expertise in SIEM (Splunk), EDR & Falcon (CrowdStrike), phishing email analysis, and vulnerability management using Nessus, AV, DNS, TCP. Proven ability to analyze security alerts from IDS/IPS, firewalls, proxy, and endpoint tools, investigate threats, and escalate incidents as per SLA. Actively involved in improving detection capabilities, reducing security risks, and supporting 24x7 security operations. Seeking SOC Analyst / Information Security Analyst roles to further strengthen organizational cyber defense. Conduct threat hunting activities to identify potential security vulnerabilities in organization. Adopt threat hunting methods with emerging trends & techniques used my cybercriminals. Data Loss Prevention (DLP) policies to prevent unauthorized data ex-filtration while minimizing false positive for organization.
Skills & Expertise (34)
Work Experience
Information Security Analyst
Tata Consultancy Services (TCS)
Jun 2023 - Present
Perform 24x7 real-time security monitoring using Splunk SIEM, analyzing alerts generated from IDS/IPS, firewalls, endpoint, and proxy tools. Investigate and respond to security incidents including malware infections, phishing attacks, and suspicious network activities, following defined incident response procedures. Analyze raw logs and security events from multiple sources to identify potential threats, false positives, and anomalies. Work extensively on CrowdStrike (EDR & Falcon) to evaluate detections, track malicious activity, and support remediation actions. Conduct phishing email analysis by examining email headers, URLs, attachments, and sender reputation; take corrective actions by blocking malicious IPs, URLs, domains, and senders at email gateway, proxy, and firewall levels. Perform vulnerability scanning using Nessus across servers and enterprise assets; generate reports and support risk mitigation activities. Escalate confirmed security incidents within SLA and coordinate with internal teams for containment and resolution. Prepare and share daily, weekly, and monthly security reports covering alerts summary, failed logins, deny logs, AV status, and configuration changes. Support continuous improvement of detection rules, monitoring processes, and security operations effectiveness. Conduct threat hunting activities to identify potential security vulnerabilities in organization. Adopted threat hunting methods with emerging trends & techniques used my cybercriminals. Conduct root cause analysis on escalated tickets to determine entry point.
Education
Bachelor of Engineering (Mechanical Engineering) - Shivaji University
- 2018 · Afghanistan
