About
Overall 4+ Years of Experience in Specialized in proactive network monitoring of SIEM (Splunk/ chronicle) & Sentinel one EDR & Also on cloud tool like Prisma. Have a deep knowledge in identifying and analyzing suspicious event. Versatile, Bilingual professional and ability to manage sensitive materials. Able to use various security tools to perform logs and packet analysis.
Skills & Expertise (11)
Work Experience
SOC Analyst
Zensar Technologies
Sep 2021 - Feb 2023
Worked in a 24x7 Security Operations Center. Monitor real-time security events on SIEM (Splunk/Sentinel one) console and Event Analysis and Investigating and mitigation. Analyze security event data from the network (IDS, SIEM). Monitor real-time security events on Carbon Black EDR & Microsoft Defender and Event Analysis and Investigating and mitigation. Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis. Hands on experience on the Incident Response activities like malware analysis, phishing analysis. Monitoring and perform in-depth analysis of security alerts using the Azure Sentinel platform. Identify and ingest indicators of compromise (IOCs), eg, malicious IPs/URLs, e.t.c, into network tools/applications. Perform incident monitoring, response, triage and initiate investigations. Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts. Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis. Perform static malware analysis on isolated virtual servers Recognize potential, successful, and unsuccessful intrusion attempts. CSPM (Cloud security posture management), continuously monitors cloud configurations, Detects misconfigurations. CWPP (Cloud Workload Protection Platform), Protects workloads such as containers, VMs.
SOC Analyst
Quantiphi Analytics Solutions
Feb 2023 - Present
Worked in a 24x7 Security Operations Center. Monitor real-time security events on SIEM (Splunk/Sentinel one) console and Event Analysis and Investigating and mitigation. Analyze security event data from the network (IDS, SIEM). Monitor real-time security events on Carbon Black EDR & Microsoft Defender and Event Analysis and Investigating and mitigation. Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis. Hands on experience on the Incident Response activities like malware analysis, phishing analysis. Monitoring and perform in-depth analysis of security alerts using the Azure Sentinel platform. Identify and ingest indicators of compromise (IOCs), eg, malicious IPs/URLs, e.t.c, into network tools/applications. Perform incident monitoring, response, triage and initiate investigations. Search firewall, email, web or DNS logs to identify and mitigate intrusion attempts. Investigate malicious phishing emails, domains and IPs using Open-Source tools and recommend proper blocking based on analysis. Perform static malware analysis on isolated virtual servers Recognize potential, successful, and unsuccessful intrusion attempts. CSPM (Cloud security posture management), continuously monitors cloud configurations, Detects misconfigurations. CWPP (Cloud Workload Protection Platform), Protects workloads such as containers, VMs.
Education
BE (Bachelor of Engineering) - Visvesvaraya Technological University (VTU)
- 2021 · Afghanistan
