About
Security Analyst with 2.3 years of experience in Security Operations Center (SOC) environments, specializing in threat detection, incident response, and log analysis. Proficient in using SIEM tools (Splunk, IBM QRadar) and EDR solutions (CrowdStrike, Microsoft Defender) to identify and mitigate cybersecurity threats in real time. Experienced in tuning detection rules, reducing false positives, and improving alert accuracy. Strong analytical skills in log correlation, event investigation, and providing actionable insights to strengthen an organization’s security posture.
Skills & Expertise (15)
Work Experience
Security Analyst
Aeries Technology Pvt. Ltd.
Feb 2026 - Mar 2026
Monitor 24/7 SOC operations to detect, analyze, and respond to security incidents using SIEM (Splunk, IBM QRadar) and EDR (CrowdStrike, Microsoft Defender). Investigate and triage alerts for suspicious logins, malware detections, and anomalous network activity. Perform log analysis from multiple sources (Firewall, IDS/IPS, Proxy, WAF, EDR, and servers) to identify malicious behavior. Execute incident response including containment, eradication, and recovery. Document incidents and generate daily, weekly, and monthly SOC reports. Conduct phishing email analysis, including header inspection, URL decoding, and attachment sandboxing. Collaborate with IT and network teams to remediate security incidents and apply necessary patches. Perform threat hunting using the MITRE ATT&CK framework to identify hidden threats. Create and manage incident tickets in ServiceNow and communicate updates to clients. Use threat intelligence platforms (VirusTotal, AbuseIPDB, MXToolbox, URLScan) to investigate and validate Indicators of Compromise (IOCs). Monitor Azure AD alerts, review sign-in and audit logs, and escalate identity-related incidents. Reduced false positives by 30% through optimized SIEM/EDR rule tuning, improving alert accuracy and analyst efficiency.
Security Analyst
Unified Points Tech Pvt. Ltd. – Accenture
Dec 2023 - Jan 2026
Monitor 24/7 SOC operations to detect, analyze, and respond to security incidents using SIEM (Splunk, IBM QRadar) and EDR (CrowdStrike, Microsoft Defender). Investigate and triage alerts for suspicious logins, malware detections, and anomalous network activity. Perform log analysis from multiple sources (Firewall, IDS/IPS, Proxy, WAF, EDR, and servers) to identify malicious behavior. Execute incident response including containment, eradication, and recovery. Document incidents and generate daily, weekly, and monthly SOC reports. Conduct phishing email analysis, including header inspection, URL decoding, and attachment sandboxing. Collaborate with IT and network teams to remediate security incidents and apply necessary patches. Perform threat hunting using the MITRE ATT&CK framework to identify hidden threats. Create and manage incident tickets in ServiceNow and communicate updates to clients. Use threat intelligence platforms (VirusTotal, AbuseIPDB, MXToolbox, URLScan) to investigate and validate Indicators of Compromise (IOCs). Monitor Azure AD alerts, review sign-in and audit logs, and escalate identity-related incidents. Reduced false positives by 30% through optimized SIEM/EDR rule tuning, improving alert accuracy and analyst efficiency.
Education
Bachelor’s Degree in Computer Science Engineering
- · Afghanistan