About
SIEM Engineer & Senior Security Analyst with 3+ years of experience in 24/7 SOC environments, including 2 years in incident response and threat hunting and 1 year in Microsoft Sentinel deployment and engineering. Skilled in log onboarding, KQL-based detection, analytics tuning, dashboard creation, and automation. Proven track record in resolving high-severity incidents, performing root cause analysis, and optimizing SIEM operations across cloud and enterprise environments.
Skills & Expertise (37)
Work Experience
Senior Security Analyst (SOC & SIEM Engineering)
CYBERSECURITY NxxT PRIVATE LIMITED
Jan 2023 - Present
Deployed and configured Microsoft Sentinel in Azure environments, supporting end-to-end SIEM setup from initial design to operational readiness. Designed Sentinel architecture including Log Analytics Workspaces, data retention policies, and cost considerations. Integrated multiple log sources using built-in and custom connectors, including Azure resources, Windows and Linux servers, firewalls, and network devices. Implemented custom log ingestion using Data Collection Rules (DCR) and Log Analytics agents where native connectors were not available. Developed and optimized KQL queries for detections, investigations, and proactive threat hunting. Created and maintained custom analytics rules (Scheduled and Near Real-Time) aligned with SOC use cases. Tuned analytics rules to reduce false positives and improve alert quality for SOC analysts. Built automation workflows and response actions using Sentinel Playbooks (Logic Apps) to support alert enrichment, ticket creation, and containment steps. Integrated threat intelligence feeds and maintained watchlists for IPs, domains, and user entities. Supported UEBA-based detections to identify anomalous user and entity behavior. Built workbooks and dashboards for SOC visibility, operational monitoring, and management reporting. Performed log normalization and field mapping to ensure consistent analytics across different data sources. Conducted routine health checks and troubleshooting of Sentinel components, connectors, and ingestion pipelines. Worked closely with cloud, network, and endpoint teams to onboard log sources and resolve integration issues.
Cyber Security Analyst
G-INFO TECHNOLOGY SOLUTIONS PVT. LTD
Sep 2021 - Jan 2023
Conducted Vulnerability Assessment and Penetration Testing (VAPT) for 25+ clients, including government and enterprise organizations. Performed web, network, and mobile application security testing using Black Box, White Box, and Gray Box methodologies. Identified and reported critical and high-risk vulnerabilities, providing actionable remediation guidance. Delivered professional reports including Security Assessment, Revalidation, Closure, Network, and OSINT reports. Successfully completed the CERT-In Empanelment VAPT Practical Skill Test.
Education
Bachelor of Computer Engineering (B.E.) - ISBM College of Engineering
2019 - 2022 · Afghanistan
Diploma in Computer Science - Vitthal Patil Polytechnic College
2016 - 2019 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Open to Relocation
Skills (37)
Click a skill to find developers with the same skill
