About
Results-driven SOC Analyst with a proven track record of delivering exceptional productivity and efficiency in identifying and mitigating cyber threats. Specializing in threat intelligence analysis, incident response, phishing detection, and proficient in utilizing SIEM tools. Known for strong critical thinking, advanced problem-solving abilities, and effective communication skills, consistently driving peak performance in the protection of organizational assets and the swift resolution of security incidents.
Skills & Expertise (17)
Work Experience
SOC Analyst
Tata Consultancy Services
Nov 2020 - Present
Optimized SIEM Detection Rules to Achieve a 60% Reduction in False Positives, leading to a significant decrease in alert noise and enhancing the accuracy of security alerts. Monitored and analyzed real-time security events and network traffic in a 24/7 Security Operations Centre (SOC) using IBM QRadar SIEM, proactively identifying and responding to potential threats and breaches to ensure client infrastructure security and compliance. Performed in-depth phishing email analysis using static and dynamic techniques to evaluate user-reported threats. Led incident response efforts by identifying malicious indicators, recovering compromised accounts, and implementing mitigation strategies to prevent further breaches. Designed and documented comprehensive Standard Operating Procedures (SOPs) for phishing email analysis and SIEM alert triage, standardizing incident response workflows to ensure consistent, efficient, and auditable security operations. Leveraged Microsoft Entra ID (formerly Azure AD) to investigate user activity logs, analyze risky sign-ins, and identify anomalous behavior patterns, contributing to timely detection and mitigation of identity-based threats. Collected and analyzed logs from network devices—including firewalls, IDS/IPS, and proxies—to detect suspicious activities and potential threats. Investigated network flow data to identify anomalies and malicious behavior, and raised actionable incidents via ServiceNow to drive timely remediation within network infrastructure. Performed initial triage and investigation of EDR detections, executing containment, prevention, and recovery measures. Collected IOCs from threat intelligence sources to support daily threat hunting and incident response. Researched emerging threats, identified malicious activity, and implemented firewall blocks to mitigate risks. Prepared daily, weekly and monthly SOC reports highlighting key findings, incident trends, and threat patterns, delivering actionable insights to upper management. Monitored data file usage and regulated access to safeguard sensitive information. Ability to prioritize, organize, make decisions, and solve problems while working under pressure.
Education
Bachelor of Engineering in Computer Science
2016 - 2020 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (17)
Click a skill to find developers with the same skill
