About
Results-driven cybersecurity professional with 7+ years of experience in threat detection, vulnerability management, and incident response. Certified in CompTIA Security+ and CEH (Certified Ethical Hacker). Skilled in SIEM operations, EDR (CrowdStrike), DLP (Forcepoint), and vulnerability assessments (Nessus). Experienced in L2 security operations, forensic analysis, and audits aligned with SOC 2, ISO 27001, HIPAA, and PCI DSS. Proven collaborator across teams to enhance security posture and ensure compliance. Committed to proactive threat hunting and continuous improvement.
Skills & Expertise (23)
Work Experience
Application Security Analyst
Tata Consultancy Services Pvt Ltd
Sep 2019 - Jun 2021
Provided technical support for mobile applications, focusing on security aspects such as secure authentication, data encryption, and vulnerability patching in Android/iOS environments. Collaborated on incident resolution using Jira, identifying security flaws in app code and recommending fixes to prevent exploits. Assisted in early-stage security audits, including compliance checks for health-related apps, gaining foundational experience in regulatory frameworks. Monitored application logs with basic SIEM tools, escalating potential security events to senior analysts.
Information Security Analyst (L2)
Data Marshall Pvt Ltd
Jun 2025 - Present
Monitored and analyzed security events using SIEM tools like Seceon and Qradar, correlating logs from diverse sources to detect advanced persistent threats (APTs) and insider risks, reducing mean time to detect (MTTD) by 25%. Conducted Weekly vulnerability scans with Nessus on critical infrastructure, identifying and prioritizing high-severity issues (e.g., CVE exploits), and collaborated with IT teams to apply patches and mitigations within SLAs. Managed CrowdStrike EDR deployments for endpoint protection, performing threat hunts on suspicious activities, isolating infected hosts, and generating forensic reports to support incident resolution. Implemented and fine-tuned Forcepoint DLP policies to prevent data leaks, monitoring outbound traffic for sensitive information (e.g., PII, intellectual property), and responding to alerts with root cause analysis and user education. Handled L2 day-to-day activities including triage of high-priority alerts from IDS/IPS and O365 Defender, phishing email investigations via Proofpoint, and escalation to Management and respective spocs for complex incidents. Participated in SOC 2 Type 2 and ISO 27001 audits, preparing evidence artifacts, conducting gap assessments, and implementing controls to achieve compliance certification. Utilized ServiceNow for ticketing, tracking incident metrics, and generating weekly reports on security posture improvements. Led SIEM operations with Seceon and Qradar, developing custom parsers for non-standard log sources and automating alert workflows to streamline threat response processes. Performed in-depth Nessus vulnerability assessments on cloud and on-premises environments, remediating findings such as misconfigurations in AWS/EC2 instances and outdated software vulnerabilities. Oversaw CrowdStrike implementations, configuring real-time indicators of compromise (IOCs) and conducting simulated attacks to validate detection efficacy, enhancing overall endpoint security resilience.
Information Security Analyst
CDW Corporation
Jun 2021 - Aug 2023
Deployed and optimized ArcSight SIEM for enterprise-wide monitoring, creating correlation rules to detect lateral movement and privilege escalation attempts, resulting in a 30% reduction in false positives. Conducted regular Nessus scans across 500+ assets, analyzing results to produce executive summaries and remediation roadmaps, focusing on critical vulnerabilities like Log4j exploits. Utilized CrowdStrike for proactive threat hunting, identifying and neutralizing hidden malware through behavioural analytics and integration with other EDR tools like Trend Micro. Administered Forcepoint DLP solutions to safeguard sensitive data in transit, setting up custom classifiers for industry-specific compliance (e.g., financial data under PCI DSS). Performed L2 analyst duties including real-time alert investigation from IDS/IPS, phishing triage with Proofpoint, and collaboration on incident response playbooks. Supported SOC 2 Type 2 audits by documenting security controls, performing internal assessments, and recommending enhancements to access management protocols. Handled ServiceNow incidents, from initial triage to post-mortem analysis, improving team efficiency through knowledge base contributions.
Junior System Administrator
My Home Industries Pvt Ltd
Jan 2017 - Sep 2019
Managed system administration tasks including user access controls, patch management, and basic network security configurations. Supported vulnerability scanning initiatives using tools like Nessus (introductory level), identifying and resolving system weaknesses. Handled day-to-day IT operations, including troubleshooting endpoints and implementing basic DLP measures to protect company data. Participated in ISO 27001 audit preparations, documenting processes and assisting in control implementations. Utilized ticketing tools like ServiceNow for issue tracking, building skills in incident management workflows.
Education
Bachelor of Engineering in Electronics and Communication Engineering (ECE) - LakiReddy Balireddy College of Engineering
- 2014 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Depends on Offer
Skills (23)
Click a skill to find developers with the same skill
