About
Goal-oriented professional, targeting roles in SOC Operations and Threat Analysis to strengthen organizational security posture by enabling faster detection, deeper investigation, and effective containment of cyber threats. Actively pursuing Application Security opportunities, with a focus on penetration testing and offensive security methodologies.
Skills & Expertise (26)
Work Experience
Security Engineer 2
Providence India
Jul 2023 - Present
Operating as part of a 24/7 Security Operations environment, contributing to continuous monitoring and response within a 16/7 rotational shift model in India. Investigating and remediating phishing, spoofing, and spam email incidents using Proofpoint and Microsoft Defender EOP; performing sender and domain blocking, URL detonation and blocking, email quarantine actions, EDL blacklist updates, and routing rule modifications. Managing enterprise endpoint security through CrowdStrike Falcon EDR, analyzing alerts, performing host containment, initiating reimaging procedures, conducting root cause investigations, and developing custom IOAs to detect emerging threats. Responding to security alerts generated from SIEM, EDR, email security platforms, and identity-based threat sources; executing triage, prioritizing incidents, and coordinating remediation across email, endpoint, identity, and network environments. Correlating indicators and event data across Proofpoint, CrowdStrike Falcon, Azure AD, and other telemetry sources to identify malicious patterns, cross-channel campaigns, and potential account takeover activity. Utilizing CQL queries within CrowdStrike NG-SIEM to perform log analysis, investigate alerts, identify anomalous behavior, and create dashboards for enhanced visibility and threat monitoring. Participating in major incident management by supporting threat scoping, evidence collection, RCA development, containment actions, remediation planning, reporting, and documentation of security events. Reviewing, refining, and updating Standard Operating Procedures (SOPs) and Incident Response (IR) playbooks to ensure alignment with evolving threat landscapes, new tooling features, and operational best practices. Developing and delivering training material and cross-functional awareness sessions to improve user reporting quality, enhance phishing awareness, and strengthen internal understanding of security processes. Compiling and analyzing Weekly and Monthly Business Review reports, projecting key KPIs to track incident patterns, identifying efficiency gaps and highlighting areas for improvement.
Security Engineer Intern
Providence India
Jan 2023 - Jun 2023
Designed and implemented a Python automation script to extract Azure DevOps project data, parse JSON responses, and load structured information into a relational database thus saving 5–6 hours of manual effort per week. Self-learned and applied C# to build a back-end automation solution that fetched ADO project data and automatically generated Word-based security architecture reports, thus improving documentation accuracy and turnaround time.
Education
B.Tech. in Computer Science Engineering (Specialization in Cyber Security and Forensics) - University of Petroleum and Energy Studies
- 2023 · Afghanistan