About
Security analyst with JIO over 4.4 years of experience in incident response, forensics. Proven ability to lead and manage investigations, identify and mitigate threats, and secure systems against attack. Experienced in collaborating with executive-level staff to develop and implement security strategy.
Skills & Expertise (45)
Work Experience
Security Engineer
Jio Platforms Limited
Dec 2025 - Apr 2026
Creating the reports, maintaining the shift handover timings, and initiating the calls. Made recommendations to improve security procedures and systems. Implemented security measures to protect systems from malware, phishing, and other cyber threats. Perform health checks for AV infrastructure and distribute reports regularly. Provided technical support, resolving queries and issues raised by system users. Experience in creating and maintaining the daily, weekly, and monthly reports of device health status using Defender ATP. In-depth understanding of networking concepts, protocols, and knowledge of infrastructure, identity, and endpoint security technologies such as AD, Azure AD, Next Gen Firewall, IDS, AV, EDR, CASB, WAF, DLP, ATP, SIEM, and Proxy. Experienced in identifying, detecting, and responding to security incidents and threats according to the defined policies and procedures in Security Operations. Strong understanding of security tools and processes such as SIEM, IDS, XDR, SOAR, malware analysis, attack simulation tools, and vulnerability scanners. Strong hands-on experience with cloud providers (AWS, GCP), virtual machines, and onboarding those instances into Defender 365. Deploy, configure, and maintain EDR agents on Windows, macOS, and Linux endpoints. Proactively perform monitoring, investigation, and analysis of SIEM alerts received from multiple devices, which include servers, firewalls, and Office 365. Good hands-on experience in analysing risky user behaviour in Azure AD, revoking user sessions, and resetting passwords if required. Good hands-on experience in troubleshooting agent connectivity issues and deploying onboarding packages on Defender. Continuously monitoring and interpreting threats using the IDS and SIEM tools.
Security Associate
IBM
Nov 2023 - Jun 2025
Strong knowledge and professional experience in central logging, log management, and QRadar, Splunk SIEM architecture. Strong experience in managing Endpoint Agents over Windows and Linux operating systems, Active Directory integrations, and Windows Event Logs. Experience in working on host isolation and advanced threat analysis using the EDR, MS Defender ATP. Prepare Endpoint Compliance reports and initiate the remediation activities wherever required. Experience in adding and deploying a client onboarding configuration file; Configuration Manager can monitor deployment status, and Microsoft Defender ATP agent health. Experienced in creating log-analytics rules based on the client's requirements by configuring different data tables using KQL language. Experience in troubleshooting Zscaler client connector issues and ZIA website access. Experience in Data Analytics, Advanced Data Analytics, Visualisation, Advanced Visualisation, Dashboard Customisation, and Advanced Dashboard Customisation in Splunk. Strong knowledge and working experience in Office 365 email gateway solutions. Completely own, manage, monitor, and administer the email security stack and policies for both on-premises and cloud environments, including Office 365 email security solutions. In-depth understanding of networking concepts, protocols, and knowledge of infrastructure, identity, and endpoint security technologies such as AD, Azure AD, Next Gen Firewall, IDS, AV, EDR, CASB, WAF, DLP, ATP, SIEM, and Proxy. Experienced in identifying, detecting, and responding to security incidents and threats according to the defined policies and procedures in Security Operations. Strong understanding of security tools and processes such as SIEM, IDS, XDR, SOAR, malware analysis, attack simulation tools, and vulnerability scanners. Handling SPAM and phishing email submissions from end-users and taking containment steps by further investigating domains and IPs to recommend proper blocking, and creating SPF, DKIM, and DMARC records for the domains to protect against spoofing. Investigate malicious phishing emails, domains, and IPs using open source tools, and recommend proper blocking based on analysis. Perform daily, weekly, and monthly scheduled tasks for MS Defender ATP. Implementation of use cases using KQL with complex correlation across different data sources in Azure Sentinel. Experience in AIR (Automated Investigations and Remediation) policies and their implementation.
Security Analyst
BNP Paribas
Dec 2022 - Nov 2023
Analyse and investigate alerts in the SOC monitoring tool to report any abnormal behaviours, suspicious activities, or traffic anomalies. Analyse malicious campaigns and evaluate the effectiveness of security technologies. Analysing the phishing emails reported by the employees to the SOC team, and identifying whether the reported email is phishing, spam, or legitimate. Monitoring the triage of insider threats and User Behavioural Analytics (UBA) via broadsheet by using the Tableau tool, creating reports and dashboards, and fine-tuning rules (alert fine-tuning). Blocking and enabling the warning/unsecure Smart Screen alerts for end users regarding detected phishing URLs, malware files, and IPs on Defender. Creating an incident ticketing system, analysing, managing, and tracking security incidents to closure by coordinating with different teams. Leading operations and monitoring security components 24/7, identifying real-time alerts, events, log analysis, and investigating incidents on a daily basis for a better workflow environment. Creating and fine-tuning conditional access policies, and ASR rules in Intune. Hands-on experience in creating use cases and custom detection rules using the KQL and SPL languages. Managing the PIM and PAM access using the Azure Entra admin centre. Working experience in a SOC environment with hands-on experience using the SIEM Splunk tool, which includes log analysis, fine-tuning existing correlation rules to reduce false positives, and responding to incidents. Monitor various security tools (Email Gateway, IDS/IPS, EDR, SIEM, etc.). For security events and triage, security incidents. Knowledge of email security threats and security controls, including experience analysing email headers. Monitoring the dashboards and assigning tickets using Splunk. Creating the reports, maintaining the shift handover timings, and initiating the calls. Made recommendations to improve security procedures and systems. Implemented security measures to protect systems from malware, phishing, and other cyber threats. Perform health checks for AV infrastructure and distribute reports regularly. Provided technical support, resolving queries and issues raised by system users. Experience in creating and maintaining the daily, weekly, and monthly reports of device health status using Defender ATP. Expertise in building use cases around the NIST and MITRE ATT&CK frameworks to enable detection at various stages of a cyber-attack. Implemented database management techniques to ensure data integrity, and security.
Security Analyst
incentaHEALTH
Jul 2021 - Nov 2022
Performed authenticated and unauthenticated scans to identify system, application, and network vulnerabilities, with accurate risk scoring. Integrated Microsoft Purview with security tools such as Microsoft Sentinel to enhance threat detection, incident response, and compliance visibility. Configured and managed scheduled vulnerability scans in Rapid7 InsightVM, including scan templates, scan engines, asset groups, and scan frequencies. Analysis of Phish emails reported by users to identify the type of attack, and take immediate remediation. Good understanding of Azure Active Directory, Azure MFA, and conditional access. Experience in providing end-to-end support to enterprise counterparts, identifying the root cause of sophisticated enterprise initiatives, with endpoint security solutions such as Microsoft Defender ATP. Monitor, respond to, and analyse trends in workstations, servers, and security related events. Perform daily, weekly, and monthly scheduled tasks for Defender ATP. Experienced in writing correlation rules with respect to KQL and SPL languages. Experienced in examining suspicious emails for malicious content, and providing recommendations on remediation actions using Office 365. Experience in managing Defender firewall policies, device exceptions, and other security rules via the Defender Intune portal. File blocking, virus definition reporting, and endpoint reporting.
Education
B.Tech, E.E.E - DNR College of Engineering and Technology
- 2021 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Relocation
Open to Relocation
Skills (45)
Click a skill to find developers with the same skill
