About
Cyber Security Analyst with 3+ years of experience in SOC operations, incident response, and threat detection. Hands-on expertise in Microsoft Sentinel, Splunk, Defender XDR, CrowdStrike, Proofpoint, FireEye, Microsoft Purview DLP, Defender for Cloud, Entra ID, Qualys, Nessus, Palo Alto Firewalls, Azure Logic Apps, and Intune. Proven in threat hunting, SIEM tuning, automation, and reducing MTTD/MTTR using the MITRE ATT&CK framework.
Skills & Expertise (24)
Work Experience
SOC Analyst
Persistent Systems Pvt Ltd
Sep 2024 - Present
Delivered 24x7 SOC monitoring and incident response, triaging and resolving security alerts across SIEM, EDR, email security, and cloud security platforms. Conducted in-depth investigations of phishing, malware, credential compromise, and insider threats, ensuring rapid containment, eradication, and recovery. Analyzed and remediated email-borne threats using Proofpoint and FireEye, including investigation of user-reported phishing and extraction of IOCs. Designed, maintained, and optimized Splunk Enterprise Security (ES) correlation searches, dashboards, and alerting use cases to enhance threat detection. Tuned SIEM detection logic to reduce false positives and improve MTTD and MTTR, increasing SOC efficiency and response accuracy. Automated incident response and remediation workflows using Azure Logic Apps, standardizing response actions and improving operational consistency. Troubleshot and resolved log ingestion, parsing, and telemetry gaps across SIEM and endpoint platforms to ensure reliable security visibility. Strengthened endpoint and identity security by enforcing ASR policies, implementing Entra ID IAM controls (RBAC, Conditional Access, PIM), and collaborating with threat intelligence teams to address emerging threats.
SOC Analyst
Human Managed Pte Ltd
Jul 2022 - Aug 2024
Implemented and managed Microsoft Defender for Cloud security policies, continuously improving Secure Score and strengthening protection for Azure workloads. Administered Defender for Cloud, enabling cloud workload protection, security recommendations, and posture management across Azure subscriptions. Configured and optimized Azure Defender for Cloud controls to enhance cloud security posture, reduce risks, and enforce best practices. Monitored and improved Azure Secure Score by remediating security recommendations and hardening cloud resources. Deployed and maintained cloud workload protection policies using Defender for Cloud to safeguard virtual machines, storage, and network resources. Strengthened Azure environment security by implementing Defender for Cloud recommendations and aligning configurations with security best practices. Managed cloud security posture management (CSPM) through Defender for Cloud, ensuring continuous visibility and risk reduction across Azure assets.
Education
B.Tech (Mechanical Engineering) - Swarnandhra College of Engineering and Technology
- 2019 · Afghanistan
