About
Experienced as Security Analyst with around 3 years of experience in Information security. Excellent hands-on experience in Splunk SIEM, EDR, Endpoint security administration, and Phishing email analysis.
Skills & Expertise (48)
Work Experience
Security Analyst
HCL Tech
May 2023 - Present
Good knowledge and working experience in central logging, log management, and Splunk SIEM architecture. Expertise in building use cases around the NIST and MITRE ATT&CK frameworks to enable detection at various stages of a cyber-attack. Strong experience in managing Endpoint Agents over Windows and Linux operating systems, Active Directory integrations, and Windows Event Logs. Managing the PIM and PAM access using the Azure Entra admin center. Experience in Data Analytics, Advanced Data Analytics, Visualizations, Advanced visualization, Dashboard Customization, and Advanced Dashboard Customization in Splunk. Experience in handling technical administration and troubleshooting activities related to the M365 Defender suite. Monitor various security tools (Email Gateway, IDS/IPS, EDR, SIEM, etc.). for security events and triage of security incidents. Experienced in identifying, detecting, and responding to security incidents and threats, in accordance with the defined policies and procedures in Security Operations. Handling SPAM/Phishing email submissions from the end-users and taking containment steps by further investigating domains and IPs to recommend proper blocking, and creating SPF, DKIM, and DMARC records for the domains to protect against spoofing. Experienced in analyzing phishing emails, user-reported mails, and malware emails by using Office 365 and Defender verdicts. Investigate malicious phishing emails, domains, and IPs using open-source tools, and recommend proper blocking based on analysis.
Education
E.C.E - B.V.C.E College of engineering
- 2023 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation