About
Cyber Security professional with 6+ years of experience in Security Operations (SOC), Incident Response, Threat Hunting, Malware Analysis, SIEM & SOAR investigations, and enterprise security monitoring. Skilled in Windows/Unix log analysis, IDS/IPS alerts, DLP, EDR telemetry, and Firewall analysis. Strong expertise in Proofpoint, Microsoft Defender, Securonix, Splunk, QRadar, CrowdStrike, Netskope, Palo Alto, OSINT, Threat Intelligence, and MITRE ATT&CK aligned investigations.
Skills & Expertise (34)
Work Experience
Security Delivery Senior Analyst
Accenture
Sep 2023 - Present
Analyze real-time security violations using Cyber Kill Chain methodology in Securonix SOAR. Investigate high-criticality alerts in Microsoft Defender EDR (MDC/MDO). Perform malware analysis and signature hunting using Defender Advanced Hunting. Handle high-severity phishing alerts in Proofpoint and extract IOCs. Perform deep forensic analysis using Proofpoint TAP and block/purge via TRAP. Monitor DLP alerts in Netskope/Proofpoint; handle GDPR, HIPAA, PCI, PII incidents. Analyze Palo Alto Panorama logs and request blocking of malicious IPs/domains. Monitor domain-squatting alerts via BlackKite and coordinate takedowns with the legal team. Use OSINT tools and collaborate with Threat Intel teams for investigations. Track dark-web alerts from CrowdStrike and SOC Radar to protect user credentials. Monitor Armis IoT alerts and report findings to asset owners. Review MITRE ATT&CK techniques and update TTP mappings. Conduct internal security knowledge sessions. Participate in internal risk audits and drive incident response workflows. Work with clients to define processes, workflows, and SOP improvements.
SOC Specialist
Genpact India Pvt. Ltd.
Sep 2019 - Dec 2021
Monitor security logs in QRadar and ArcSight for firewalls, IDS/IPS, antivirus, and endpoints. Conduct incident triage, investigation, and escalation within SLA. Monitor and maintain dashboards in SIEM platforms. Collect, preserve, and analyze digital evidence during investigations. Generate daily, weekly, and monthly client security reports. Update and maintain security process documentation. Provide reporting on operational security status. Prepare weekly, monthly, and quarterly SOC performance reports.
Cyber Security Consultant
Genpact India Pvt. Ltd.
Dec 2021 - Dec 2023
Investigate QRadar/Splunk alerts from Palo Alto IDS/IPS, SonicWall, CrowdStrike, and Windows logs. Perform triage and create incidents in ServiceNow based on severity levels. Monitor SIEM log sources and troubleshoot ingestion issues. Develop custom SIEM use cases and correlation rules. Investigate CrowdStrike endpoint alerts for malicious activity and downloads. Generate vulnerability assessment reports using Rapid7. Document SOPs and use-case documentation as per client requirements. Analyze UBA alerts to identify abnormal user activities. Perform threat hunting by analyzing vulnerable ports and suspicious activities. Collaborate with onsite teams for root-cause investigations.
Education
Bachelor of Technology (B.Tech) - JNTU University
- 2016 · Afghanistan
Certifications
CyberBit Intermediate Program
· 2023
Advanced Cyber Security Program
IIIM Bangalore · 2023
