About
Cybersecurity Analyst with 4+ years of experience in SIEM (Splunk, IBM QRadar, Sentinel) and EDR platforms (CrowdStrike, Carbon Black, Cybereason, Microsoft Defender ATP). Skilled in incident detection, triage, analysis, and response, with expertise in log analysis, vulnerability assessment, and threat intelligence using MITRE ATT&CK, NIST, and OWASP. Hands-on in firewall management (Palo Alto, Fortinet, Zscaler, Cisco ASA) and email security (Proofpoint, Mimecast, Cofense) for malware and phishing investigations. Proven ability to lead incident response in 24x7 SOC environments, mentor junior analysts, and ensure compliance with industry standards. Strong collaborator driving security best practices, infrastructure optimization, and remediation of vulnerabilities.
Skills & Expertise (33)
Work Experience
Cyber Security Analyst
NTT DATA
Oct 2022 - Present
Monitored and responded to security alerts using SIEM tools (Splunk, IBM QRadar, Sentinel) to ensure timely triage and resolution. Investigated and remediated incidents leveraging EDR platforms (CrowdStrike, Carbon Black, Cybereason, Microsoft Defender ATP). Performed log analysis and correlation across firewalls (Palo Alto, Fortinet, Cisco ASA, Zscaler), IDS/IPS, and Windows/Linux servers. Administered and optimized email security solutions (Proofpoint, Mimecast, Cofense, Symantec) to mitigate phishing and malware threats. Implemented and fine‑tuned firewall rules in alignment with security policies and best practices. Applied frameworks (MITRE ATT&CK, OWASP, NIST) to analyze security events and identify adversary TTPs. Supported vulnerability management with Qualys and Nessus, driving timely remediation of security flaws.
Desktop Support Engineer
NTT DATA
Jun 2021 - Oct 2022
Provided technical support to end-users, diagnosing and troubleshooting hardware and software issues across Windows and macOS environments. Installed, configured, and maintained desktop computers, printers, scanners, and other peripherals, ensuring optimal performance and user satisfaction. Managed user accounts, including password resets and permission changes, using Active Directory and Group Policy. Monitored and maintained network connectivity, including troubleshooting LAN/WAN issues and resolving network performance problems. Provided support for Microsoft Office 365 applications, including Word, Excel, Outlook, and Teams, ensuring seamless communication and collaboration. Conducted phishing investigations and blocked malicious emails/attachments using Proofpoint, Mimecast, and Cofense. Managed SIEM setup and integration (Splunk, QRadar), enhancing monitoring capabilities and accelerating incident handling. Developed and fine‑tuned SIEM detection rules (Splunk, QRadar, Sentinel) to ensure high accuracy and reduce false positives. Conducted phishing simulations and awareness training using Cofense and Proofpoint to strengthen organizational security posture. Coordinated incident response with internal teams and external stakeholders, tracking progress via ServiceNow and Jira. Researched emerging threats and vulnerabilities, sharing intelligence with SOC teams for proactive mitigation. Created and maintained incident response runbooks and playbooks to standardize and streamline processes. Implemented and managed EDR solutions (CrowdStrike, Carbon Black), configuring policies and exclusions for optimized coverage. Performed malware analysis and sandboxing with CrowdStrike Falcon and Cybereason to assess and contain threats. Enhanced SIEM monitoring by collaborating with senior analysts to build custom use cases and parsers for advanced threats. Conducted periodic security audits and assessments to ensure compliance with internal policies and regulatory standards. Utilized threat intelligence platforms to monitor the evolving landscape and mitigate emerging risks. Mentored and coached junior SOC analysts, providing guidance in incident response and security best practices. Provided mentorship and coaching to junior SOC analysts, sharing expertise in incident response, log analysis, and security investigations. Coordinated with IT teams to implement security patches and configuration updates, reducing vulnerabilities across systems and applications. Created detailed incident reports, documenting investigation findings, remediation actions, and recommendations for improving security posture. Worked in a 24x7 rotational shift model, providing continuous monitoring and response to security incidents to ensure the protection of organizational assets.
Education
B.Tech (E.C.E) - Sasi Institute of Engineering and Technology
- · Afghanistan