About
Results-driven IT Security Analyst with 3.7 years of hands-on experience in security monitoring, incident response, and threat analysis across enterprise environments. Skilled in leveraging SIEM, EDR, and cloud security tools to detect, analyze, and contain threats efficiently. Adept at triaging alerts, conducting in-depth investigations, and escalating incidents with precision. Experienced in threat hunting, malware analysis, and use case fine-tuning to enhance detection capabilities. Strong understanding of MITRE ATT&CK mapping and security best practices. Proven ability to develop and maintain SOPs/Runbooks for operational excellence. Committed to improving security posture and supporting SOC operations from L1 to L2 responsibilities.
Skills & Expertise (27)
Work Experience
Security Analyst
KPMG
Mar 2022 - Present
Monitored and analyzed security events in SIEM platforms including QRadar, Splunk, and LogRhythm by validating alerts, correlating logs, and identifying false positives. Conducted endpoint triage using CrowdStrike Falcon and SentinelOne by reviewing detections, analyzing timelines, and confirming suspicious activity. Performed AWS Cloud Security monitoring by reviewing GuardDuty findings, CloudTrail logs, and IAM anomalies for misconfigurations or unauthorized access. Investigated Zscaler and Netskope DLP alerts by validating policy triggers, reviewing user behavior, and escalating potential data leakage attempts. Reviewed Qualys VM scan results by identifying high-severity vulnerabilities, validating asset exposure, and supporting remediation prioritization. Conducted basic threat hunting using SIEM queries, EDR indicators, and MITRE ATT&CK techniques to identify anomalies and validate suspicious behavior. Performed initial malware analysis using sandboxing and static indicators to identify malicious behavior, IOCs, and infection vectors. Analyzed phishing emails through header inspection, URL detonation, and attachment validation to determine credibility and escalate threats. Followed SOPs and Runbooks for consistent incident handling, ensuring accurate triage steps, classification, and escalation workflows. Documented all investigations thoroughly in ServiceNow, ensuring all evidence, timestamps, and reasoning were recorded for audit and senior review.
Education
B.Com – Computers - Aditya Degree College
- 2021 · Afghanistan
