About
Dedicated SOC analyst with over 2+ years of hands-on experience in proactively monitoring, analyzing, and responding to security incidents. Proficient in utilizing cutting-edge security tools, threat intelligence, and incident response procedures to safeguard organizational assets. Seeking to leverage my expertise and knowledge to contribute to a dynamic SOC team in a challenging and growth-oriented environment.
Skills & Expertise (24)
Work Experience
SOC Analyst
Flytxt Mobile Solutions
Oct 2022 - Jan 2023
As a part of the 24/7 security monitoring team, I have experience in working with security information and event management tools such as QRADAR and Splunk for real-time monitoring of security events generated across the organization. Ability to write efficient queries in SIEM, EDR and XDR to narrow down the results and ability to create a Dashboard to visualize complex data. Ability to create Ticket templates and Dashboards fetching weekly reports in SNOW ITSM for smooth Incident Management. Ability to understand detection logic in SIEM and EDR and define work flow for any new alert triggers and able to fine-tune wherever necessary. Hands on experience on the Incident Response activities like malware analysis, log analysis, phishing analysis, etc. Experience of log analysis on suspicious case and prepare throughout report on it. Ability to analyze Malware and behavior analytics alert related to endpoint using CrowdStrike and can perform in-depth investigation using CrowdStrike. Good knowledge on networking tools like Firewalls, IDS, IPS, Antivirus, Proxy’s, WAF, Routers and Switches. Good knowledge on OSI Model, TCP/IP Model, Network Architecture, Networking ports and protocols Network Terminologies, Network tools. Incorporating proactive outreach to end users flagged by endpoint alerts, while effectively communicating security best practices to users to enhance their awareness and compliance with security protocols. Good Knowledge on Cybersecurity frameworks like and Incident response framework like NIST and SANS.
SOC Analyst L1
Happiest Minds technologies
May 2023 - Jan 2025
Continuously monitor security alerts, logs, and events from various platforms such as SIEM and XDR in a 24/7 Managed Cyber Security Operations Center (CSOC) to identify potential threats. Investigate and triage security alerts and if it's found to be suspicious then create a ticket in ITSM and update analysis and escalate the same to IR team to take action. Optimizing, managing and monitoring real-time events from devices like firewalls, web proxy and antivirus using Qradar. Document incident details, response actions, and lessons learned for future reference and created SOP, Runbook and playbook. Ensure proper closing of Incidents with adherence to SLA. Recommended finetuning for those alerts that are triggering in high volume by finding the Root Cause which led to a reduction in Alert Fatigue and an increase in Mean time to response. Hands on experience on the Incident Response activities like malware analysis, log analysis, phishing analysis, etc. Experience of log analysis on suspicious case and prepare throughout report on it. Handling CrowdStrike alerts. Spearheaded the development of dynamic presentations and decks for client meetings which consists of WSR to strategically highlight our services and expertise resulting in strengthened client relationships.
Education
Bachelor of Engineering - Kalpataru institute of technology
2016 - 2020 · Afghanistan
