About
SOC Analyst with 1+ years of experience in Security Operations Centre environments. Expertise in monitoring, analysing, and responding to security incidents using SIEM tools (SPLUNK, CORTEX XSIAM), endpoint protection via SENTINEL-ONE and MICROSOFT DEFENDER, and email gateway security with Abnormal AI. Proficient in incident response, Threat intelligence, Email analysis and malware analysis, IOC enrichment, and MITRE ATT&CK-based threat analysis, NIST. A methodical problem-solver who works well across teams and under pressure.
Skills & Expertise (39)
Work Experience
SOC Analyst L1
APQOR Technologies
Mar 2025 - Present
Monitored and analysed real-time security alerts in Splunk SIEM, ensuring accurate incident triage, timely escalation, and effective response. Maintained SLA compliance by resolving incidents promptly and efficiently. Run log analysis across multiple platforms to identify anomalies, suspicious behaviour, and potential threats. Performed in-depth phishing and malware investigations, mitigating email-based threats. Researched indicators of compromise using OSINT sources and recommended appropriate endpoint blocking strategies. Generated SOC reports on a daily, weekly, monthly, and quarterly basis to track trends, KPIs, and overall security performance. Managed the full incident lifecycle in ServiceNow, ensuring accurate documentation, tracking, and timely ticket closure. Used SPL and KQL for advanced log extraction, threat correlation, and analysis. Carried out proactive threat hunting in Microsoft Defender and Sentinel-One, identifying risks before exploitation. Collaborated with SOC engineering teams to onboard and decommission log sources in Splunk, maintaining data integrity and relevance. Used Abnormal Security AI for advanced detection and prevention of sophisticated, targeted email attacks. Monitored and investigated DLP alerts to identify potential data leakage, including unauthorised file transfers, email exfiltration, and sensitive data sharing. Validated DLP incidents by reviewing user activity, file types, and policy violations before escalating to senior teams. Participated in daily SOC shift handovers, supporting seamless knowledge transfer and consistent incident tracking across teams. Ensured day-to-day SOC operations aligned with the organisation’s cybersecurity strategy and compliance requirements. Worked closely with cross-functional teams and stakeholders to remediate incidents and reduce overall risk exposure. Actively contributed to war-room calls during high-severity incidents, providing real-time analysis and supporting containment efforts.
SOC Analyst Intern
APQOR Technologies
Dec 2024 - Feb 2025
Monitored and reviewed security alerts in Splunk SIEM to support initial incident triage and escalation. Analysed phishing emails and malware incidents to reduce security risks. Conducted log analysis to identify suspicious activities and potential threats. Supported senior analysts in researching indicators of compromise using open-source intelligence tools. Monitored and investigated DLP alerts to identify potential data leakage, including unauthorised file transfers, email exfiltration, and sensitive data sharing. Validated DLP incidents by reviewing user activity, file types, and policy violations before escalating to senior teams. Maintained incident documentation and updated security tickets in ServiceNow under supervision. Participated in SOC shift handovers and team discussions to support smooth incident tracking and knowledge sharing.
Education
B.Tech. in Cybersecurity - St. Mary’s Engineering College, JNTU
- 2025 · Afghanistan
Diploma in Electrical and Electronics Engineering - Arjun College of Technology & Science, JNTU
- 2019 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
OPT
Relocation
Not Open to Relocation
Skills (39)
Click a skill to find developers with the same skill
