About
Results-driven SOC Analyst with 4+ years of hands-on experience in real-time threat detection, security event monitoring, and end-to-end incident response within 24x7 enterprise SOC environments. Proficient in SIEM platforms (Splunk, Microsoft Sentinel, Rapid7 InsightIDR), EDR tools (CrowdStrike Falcon, Cortex XDR), and network security monitoring tools (Wireshark, tcpdump). Experienced in phishing analysis, malware triage, firewall log analysis (Palo Alto, Checkpoint), and MITRE ATT&CK-aligned threat hunting. Proven track record of reducing false positives, tuning detection rules, and collaborating with clients during high-priority P1 incidents. Recognized with the IMPACT AWARD for excellence in client satisfaction and SOC operations.
Skills & Expertise (29)
Work Experience
SOC Analyst (L1)
CitiusTech
Nov 2021 - Present
Monitored and analyzed 50+ daily security alerts in real time using Splunk, Microsoft Sentinel, IDS/IPS, Active Directory servers, web servers, and databases. Performed end-to-end incident response following the framework detection, triage, containment, eradication, recovery, and post-incident reporting adhering to defined SOC playbooks and SLAs. Designed, developed, and continuously tuned SIEM correlation rules and detection logic to reduce false positive rates, improving overall SOC alert fidelity and analyst efficiency. Investigated phishing and malicious email campaigns using ANY.RUN and Hybrid-Analysis sandboxes; blocked malicious IPs, domains, URLs, and file hashes per SOPs. Utilized CrowdStrike Falcon and Cortex XDR for endpoint threat detection and response (EDR); performed root cause analysis on endpoint alerts and coordinated remediation. Conducted network traffic analysis using Wireshark and tcpdump to identify anomalies, unauthorized access attempts, lateral movement, and data exfiltration indicators. Monitored Palo Alto Networks and Checkpoint firewall logs; identified and reported suspicious traffic patterns and policy violations. Built and maintained Splunk dashboards and saved searches for SOC visibility, KPI tracking, and infrastructure health monitoring. Leveraged MITRE ATT&CK framework to map observed adversary behaviors, improve detection coverage, and support threat intelligence workflows. Communicated directly with clients during P1/P2 incidents, providing real-time guidance on containment steps and delivering clear post-incident summaries. Managed incident lifecycle using ServiceNow and Zendesk — logging, tracking, escalating, and closing tickets within defined SLA timelines. Maintained up-to-date knowledge of OWASP Top 10, attack techniques (DoS/DDoS, MITM, SQLi, XSS), and evolving threat actor TTPs. Received the IMPACT AWARD for outstanding client satisfaction and exemplary dedication to SOC operational excellence.
Education
Master of Computer Applications (MCA) - Vignan University
2019 - 2021 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Depends on Offer
Skills (29)
Click a skill to find developers with the same skill
