About
Cybersecurity Analyst with 3+ years of experience in SOC operations, specializing in threat detection, incident response, and log monitoring & analysis. Hands-on expertise in SIEM platforms including Securonix and Microsoft Sentinel, with a strong focus on alert triage, correlation, and use-case fine-tuning to reduce false positives and enhance detection efficiency. Proficient in threat hunting, SOC policy optimization, and investigating identity and endpoint-based attacks across cloud and hybrid environments. Experienced in vulnerability management using Qualys and endpoint protection using CrowdStrike Falcon and SentinelOne. Skilled in analyzing security events, improving detection rules, and ensuring timely incident response aligned with SLA requirements. Demonstrates a proactive approach to strengthening security posture through continuous monitoring, analysis, and optimization.
Skills & Expertise (24)
Work Experience
Senior Analyst
Alliantgroup LP
Sep 2024 - Oct 2025
Led SIEM monitoring (Securonix) operations, ensuring timely alert response and effective incident management. Performed advanced incident investigations by analyzing logs from multiple security tools and data sources. Conducted proactive threat hunting using endpoint/network telemetry, aligned with MITRE ATT&CK and threat intelligence. Managed vulnerability management programs for 20+ clients using Qualys, driving risk reduction and remediation. Designed and optimized SIEM detection rules, use cases, and alert tuning to improve detection accuracy. Developed and maintained SOPs, playbooks, and security documentation for SOC processes. Administered EDR solutions (CrowdStrike, SentinelOne) for threat detection and response. Created and implemented EDR policies, prevention rules, and detection logic to block malicious activity. Managed IOA exclusions, on-demand scans, and endpoint lifecycle activities (isolation, tracking, decommissioning). Mentored L1/L2 analysts, improving incident triage efficiency and investigation quality. Collaborated with stakeholders to enhance security posture, detection coverage, and operational efficiency.
Associate Analyst
Alliantgroup LP
Jul 2022 - Sep 2024
Monitored and managed SIEM alerts to ensure timely incident detection and response within SOC operations. Performed in-depth log analysis and investigated incidents by correlating multiple data sources. Conducted threat hunting across endpoint and network data to identify suspicious activities and potential threats. Leveraged threat intelligence feeds to gather, analyze, and enrich Indicators of Compromise (IOCs). Applied MITRE ATT&CK framework to identify adversary tactics, techniques, and procedures (TTPs). Managed vulnerability assessments for 20+ clients and supported remediation efforts. Collaborated with clients to provide security recommendations and improve overall risk posture. Created and fine-tuned SIEM use cases and correlation rules to reduce false positives. Maintained and documented SOPs, security controls, and incident response procedures. Administered and supported EDR and email security solutions. Investigated and handled true positive security incidents during shifts. Guided L1 analysts in alert triage, log analysis, and incident handling.
Education
Bachelor of Information Technology - Chaitanya Bharathi Institute of Technology
2019 - 2022 · Afghanistan
Diploma in Computer Science - TRR College of Technology
2016 - 2019 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (24)
Click a skill to find developers with the same skill
