About
Cyber Security professional with 4.5 years of hands-on experience in SOC operations, SIEM monitoring, incident response, vulnerability management, endpoint security, and email security across enterprise environments. Proven expertise in Azure Sentinel, IBM QRadar, LogRhythm, Splunk, Qualys, Nessus, Proofpoint, FortiGate, EDR tools, and ServiceNow. Adept at threat detection, incident investigation, MITRE ATTCCK mapping, SIEM tuning, and compliance-driven security operations. Strong experience working in 24x7 SOC environments supporting global clients.
Skills & Expertise (39)
Work Experience
Security Analyst
Capgemini
Oct 2022 - May 2023
Provided SOC operations support using IBM QRadar. Monitored security events and performed initial incident analysis. Analyzed security alerts and differentiated false positives from real threats. Maintained detailed incident documentation and SOP adherence. Collaborated with network and endpoint teams for threat containment. Supported SOC operations and security monitoring activities. Conducted vulnerability scans using Qualys and coordinated remediation with IT teams. Ensured log onboarding and health checks for firewalls, servers, databases, and applications. Managed email security controls using Proofpoint. Blocked malicious IPs, domains, and file hashes across firewalls and EDR platforms. Generated vulnerability and SOC reports for senior management. Supported SIEM dashboard troubleshooting and performance optimization.
Senior Security Analyst
Kennametal Shared Services Private Limited
Jun 2023 - Jan 2025
Monitored and analyzed security events using LogRhythm SIEM and Splunk. Investigated incidents including phishing, malware infections, unauthorized access, and policy violations. Performed alert triage, severity classification, and escalation based on business impact. Created and updated incident response playbooks, reducing MTTD and MTTR. Tuned false positives by refining correlation rules, regex, and log parsing. Developed custom AI Engine rules for brute force, lateral movement, and privilege escalation. Integrated threat intelligence feeds and conducted proactive threat hunting. Utilized UEBA to identify insider threats and anomalous user behavior. Prepared detailed investigation reports and presented weekly security summaries to stakeholders.
Senior Security Analyst
EY Global Delivery Services India LLP
Feb 2025 - Present
Working as L2 Security Analyst in SOC using Azure Sentinel, IBM QRadar, and LogRhythm. Monitor, analyze, and investigate real-time security alerts across network, endpoint, cloud, and email environments. Perform end-to-end incident management lifecycle including identification, containment, eradication, RCA, and preventive controls. Conduct vulnerability assessments using Qualys, Nessus, and Nmap; identify critical risks and coordinate remediation. Analyze phishing and spam emails using header, body, and URL analysis; block malicious domains and senders in O365 and Proofpoint. Manage firewall rule updates including IP blacklisting and whitelisting. Tune SIEM correlation rules, dashboards, and alerts to reduce false positives and improve detection accuracy. Map SIEM alerts and detections to the MITRE Attack framework. Prepare daily, weekly, and monthly SOC reports for management and compliance audits. Handle ServiceNow tickets ensuring SLA adherence and proper documentation. Mentor junior analysts and support SOC process improvements. Customized SIEM correlation rules and reports. Integrated MITRE ATT&CK mapping into Azure Sentinel SIEM for structured threat analysis and reporting.
Education
Bachelor of Technology - Sai Spurthi Institute
2014 - 2018 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation
