About
Detail-oriented and proactive SOC Analyst with 3 years of hands-on experience in security operations, specializing in L1 SOC monitoring, incident response, and threat detection. Proficient in real-time threat monitoring using Microsoft Sentinel SIEM, endpoint response via Microsoft Defender for Endpoint (EDR), and extended detection through Secureworks Taegis (XDR). Adept at Root Cause Analysis (RCA), vulnerability management with Tenable Nessus, and incident documentation via ServiceNow. Recognized for strong communication, project management, time management, and problem-solving in high-pressure, 24/7 SOC environments. Committed to ensuring the confidentiality, integrity, and availability of organizational IT systems and data.
Skills & Expertise (38)
Work Experience
Security Operations Center (SOC) Analyst
Cynosure Software Solutions Pvt. Ltd.
Mar 2023 - Present
Monitored and analysed security events in real-time using Microsoft Sentinel (SIEM) and Secureworks Taegis (XDR) to identify and respond to potential security incidents while adhering to defined SLAs. Performed alert triage, threat hunting, and advanced investigations using SIEM and XDR dashboards to detect sophisticated attacks and reduce false positives. Investigated and responded to endpoint security alerts using Microsoft Defender for Endpoint (EDR), conducting host-based analysis, containment, and remediation actions. Conducted in-depth Root Cause Analysis (RCA) to determine the scope and impact of security incidents, identifying underlying vulnerabilities and recommending corrective actions. Managed the complete Vulnerability Management lifecycle using Tenable Nessus, including vulnerability scanning, risk prioritization based on CVSS scores, and remediation coordination with IT teams. Monitored logs from multiple sources — network devices, servers, firewalls, and applications — to identify anomalies, suspicious patterns, and Indicators of Compromise (IOCs). Implemented and monitored Data Loss Prevention (DLP) and email security controls to defend against phishing, malware, and Business Email Compromise (BEC) attacks. Monitored and analysed security alerts using SIEM and EDR tools while ensuring adherence to ISO/IEC 27001 information security standards and maintaining proper incident documentation for audit and compliance requirements. Leveraged OSINT techniques and threat intelligence feeds to identify emerging threats, malicious domains, and attacker Tactics, Techniques, and Procedures (TTPs). Applied knowledge of OWASP Top 10 and MITRE ATT&CK framework to assess web application vulnerabilities and recommend targeted security improvements. Documented investigation findings, incident timelines, and remediation actions in ServiceNow, ensuring proper reporting, compliance, and audit readiness. Collaborated cross-functionally with IT, infrastructure, and management teams to support patch management, change management, and continuous security posture improvement. Demonstrated strong time management by prioritizing and resolving multiple concurrent security incidents within SLA windows in a demanding 24/7 environment. Performed advanced threat hunting and log analysis using Kusto Query Language (KQL) in Microsoft Sentinel and Microsoft Defender for Endpoint to identify suspicious activities, anomalous behaviours, and potential Indicators of Compromise (IOCs). Applied effective communication and project management skills to brief stakeholders on incident status, escalation paths, and post-incident findings via written reports and verbal updates.
Education
Bachelor of Technology in Metallurgical Engineering - Jawaharlal Nehru Technological University
- 2023 · Afghanistan