About
Security Analyst with 2+ years of experience in SOC operations specialized in incident response. Proficient in triaging and analyzing threats using SIEM, XDR, and EDR tools across endpoint, network, and cloud environments. Skilled in incident containment and escalation to support timely remediation, with a strong passion for staying ahead of emerging threats through continuous learning and paving a path of professional improvement.
Skills & Expertise (42)
Work Experience
Security Trainee
Rk technologies
Oct 2023 - Jan 2024
Developed a strong foundation in basic and core security principles, concepts, procedures, security frameworks, infrastructure, best practices. gained proficiency in monitoring, analyzing, and responding to security events using industry-standard platforms to identify vulnerabilities and threats and acquired foundational knowledge in incident response workflows, including alert triage, escalation paths, and basic threat classification aligned with industry frameworks.
Security Analyst
UltraViolet Cyber
Jan 2024 - Present
Triaged and validated security alerts using SecureWorks Taegis XDR and Falcon CrowdStrike, utilizing advanced query languages for in-depth root cause analysis and threat identification. Investigated endpoint, network, email and cloud-based telemetry related to incidents, performing containment, remediation and prevention actions and escalating incidents according to workflow processes. Proactively monitoring integrations/data sources for ensuring optimal up-time and compliance, reducing Mean Time to Response (MTTR) by 30% through response, fine tuning alerts and rules to reduce alert fatigue/noise. Evaluated logs from various sources including Proofpoint, AWS CloudTrail, GuardDuty, EDR, Microsoft logs, Zscaler populating authentication, process events, netflow and more types of logs followed by log correlation to find security threats and performing root cause analysis. Managed daily operations of CrowdStrike Falcon across AWS EC2 and Linux workloads to ensure continuous runtime protection. Handling the real time security event sources, log collection, log processing, log parsing, log monitoring, log filtering, log analysis, identifying and classifying attempted compromises to networks through heuristics identification of suspect traffic. Conducted threat hunting, IOC searches across SIEM/EDR data, searching for True Positives for potential security threats/vulnerabilities; analyzing AWS cloud and Microsoft Office 365 Management API for possible misconfigurations. Contributed to the development and refinement of incident handling processes, checklists, post incident documentations, SNRs and SOPs; participating in knowledge-sharing sessions to stay abreast on emerging threats and risks.
Education
Bachelor of Computer Science & Engineering - Vidya Jyothi Institute of Technology (VJIT)
2019 - 2023 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Open to Relocation