About
Cloud-focused Senior SOC Analyst with 5+ years of experience in Security Operations, SIEM Engineering, Incident Response, and Cloud Threat Detection. Proven expertise in Microsoft Sentinel, KQL-based threat hunting, EDR integration, and automation using Logic Apps. Experienced in managing enterprise-scale SOC operations for global clients while ensuring SLA adherence, regulatory compliance, and security posture enhancement.
Skills & Expertise (50)
Work Experience
System Engineer
CENTORRINO TECHNOLOGIES Pvt Ltd
Sep 2019 - Feb 2021
Experienced SOC Analyst with expertise in monitoring and defending against cyber threats to secure organizational assets. Proficient in comprehensive incident response, including threat identification, containment, eradication, and recovery. Experienced in conducting vulnerability assessments and implementing effective remediation strategies. Knowledgeable in threat intelligence analysis, leveraging threat feeds and intelligence sources for proactive risk mitigation. Effective team player with strong communication skills, experienced in collaborating with cross-functional teams to enhance security posture.
Security Engineer
Aarvee Associates Pvt Ltd
Mar 2021 - Mar 2022
Monitored endpoint and cloud security events using CrowdStrike Falcon. Investigated lateral movement, credential dumping, and suspicious PowerShell execution. Performed containment and remediation actions. Documented incidents in ServiceNow ensuring SLA compliance. Assisted in detection rule optimization.
Senior MS Engineer- Security
NTT Data
Aug 2022 - Oct 2025
Led advanced incident investigations (L2) including ransomware, lateral movement, phishing campaigns, credential compromise. Developed complex KQL queries for threat hunting, anomaly detection, and forensic investigations. Integrated Sentinel with Microsoft Defender, CrowdStrike, Azure AD, and third-party security tools. Created automation playbooks using Azure Logic Apps to automate containment actions (endpoint isolation, user disablement, IP blocking). Mentored L1 analysts and conducted knowledge-sharing sessions. Reduced Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) through automated workflows. Built executive dashboards and security workbooks for compliance and reporting. Led high-severity cloud incident investigations including suspicious Azure AD sign-ins, privilege escalation attempts, ransomware indicators, data exfiltration attempts. Managed CrowdStrike Falcon deployment across enterprise cloud-hosted workloads and endpoints. Conducted advanced endpoint investigations using process tree, registry, and network telemetry analysis. Tuned detection policies and reduced false positives. Performed IOC sweeps across cloud and on-prem environments. Supported Azure security posture improvements using log-driven insights. Monitored Forcepoint DLP alerts for sensitive data movement across cloud storage and email. Investigated insider threat and data exfiltration attempts. Tuned DLP policies to balance compliance and operational efficiency. Monitored Netskope CASB for shadow IT detection and SaaS risk management. Mentored L1 analysts and improved SOC triage quality. Managed SLA compliance for global managed services client. Supported audit and compliance activities (ISO, enterprise security standards). Documented SOPs, runbooks, and response procedures.
Education
Bachelor of Engineering - MallaReddy Institute of Technology and Science
- · Afghanistan
