About
Expert in information security with around 5 years of experience as a security Engineer, celebrated for enhancing detection capabilities and fortifying overall security posture through hands-on expertise in SIEM, EDR, and endpoint security administration.
Skills & Expertise (60)
Work Experience
Security Engineer
TCS
Oct 2021 - Mar 2026
Good knowledge and working experience in central logging, log management, and Splunk SIEM architecture. Strong experience in managing Endpoint Agents over Windows and Linux operating systems, Active Directory integrations, and Windows Event Logs. Managing the PIM and PAM access using the Azure Entra admin centre. Experienced in identifying, detecting, and responding to security incidents and threats in accordance with the defined policies and procedures in Security Operations. Experience in creating runbooks, SOPs, and documents supporting Security Operations. Monitor, respond to, and analyse trends in workstations, servers, and security-related events. Monitor various security tools (Email Gateway, IDS/IPS, EDR, SIEM, etc.) for security events and triage of security incidents. Handling SPAM and phishing email submissions from the end-users and taking containment steps by further investigating domains and IPs to recommend proper blocking, and creating SPF, DKIM, and DMARC records for the domains to protect against spoofing. Experience in supporting, fine-tuning, and troubleshooting correlation searches in Splunk SIEM and Azure Sentinel. Experience in working on host isolation and advanced threat analysis using the EDR Microsoft Defender ATP. Implementation of use cases using SPL/KQL, with complex correlation across different data sources. Experienced in preparing detailed analyses of external cyber threats, including new vulnerabilities, exploits, intrusion patterns, and malware behaviours, based on information proactively checked with the vendor to deploy the signatures for collected IOCs. Expertise in building use cases around NIST and MITRE ATT&CK framework to enable detection at various stages of a cyber attack. Experience in onboarding and offboarding Windows Server 2016 R2 and 2019 by installing the MMA/unified agent and troubleshooting server-level issues.
Education
B.Sc in Computer Science - B.V. Raju College
- 2021 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (60)
Click a skill to find developers with the same skill
