About
IT professional with 4+ years of experience, including 3+ years in Security Operations Center (SOC), specializing in threat detection, incident response, and threat hunting. Skilled in SIEM monitoring, alert triage, IOC analysis, and log investigation to identify and mitigate security threats. Hands-on experience with CrowdStrike, Microsoft Defender for Endpoint, Microsoft Entra ID, Hunters AI, and Alert Logic SIEM across endpoint, identity, and network security. Strong in phishing analysis, malware investigation, and detecting suspicious authentication activities. Proven track record of reducing false positives, improving incident response time, and strengthening overall security posture.
Skills & Expertise (27)
Work Experience
Software Developer
SAAR DEVELOPERS CODE
Sep 2021 - Jul 2022
Created static web pages with clean, semantic HTML and CSS, enhancing accessibility and user experience. Performed unit testing of applications, identifying and resolving defects early in the development cycle to improve software quality and reliability. Collaborated with team members to integrate UI designs with backend services, supporting seamless functionality and performance.
Security Analyst
TATA CONSULTANCT SERVICES
Aug 2022 - Present
Delivered 24/7 SOC monitoring using SIEM and EDR, performing alert triage, log and IOC analysis to detect threats aligned with MITRE ATT&CK. Improved SIEM correlation rules and detection logic, reducing false positives by 30% and accelerating investigation efficiency across security monitoring workflows. Mitigated threats through proactive hunting across endpoint, authentication, IDS, and network telemetry, identifying phishing, malware, persistence, and lateral movement. Investigated Windows endpoint incidents analyzing process execution, persistence artifacts, and authentication anomalies to identify attacker techniques and compromised systems. Executed incident response containment and remediation, including host isolation, IOC blocking, credential resets, and system remediation, reducing MTTR by 25%. Enhanced identity security by investigating Microsoft Entra ID Identity Protection alerts, mitigating account takeover risks through session revocation and credential resets. Analyzed phishing incidents using Abnormal Security and Mimecast, performing header analysis, URL validation, and sandbox testing, reducing endpoint compromises by 40%. Utilized CrowdStrike vulnerability insights to prioritize high-risk vulnerabilities, validate remediation efforts, and monitor systems for potential exploitation attempts. Detected command-and-control traffic and potential data exfiltration attempts, blocking malicious domains and IP addresses to prevent attacker communication and data loss. Identified external attack surface risks using Digital Shadows Searchlight, detecting typosquatting domains, credential exposures, phishing infrastructure, and data leaks. Reviewed unauthorized access attempts and suspicious network connections through authentication and network log analysis to detect potential intrusions. Created incident reports, SOC playbooks, and investigation documentation, improving response consistency, knowledge sharing, and compliance with security monitoring standards.
Education
Bachelor of Technology (B.Tech) in Electronics and Communication Engineering - KIET Engineering College
2015 - 2019 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Relocation
Not Open to Relocation
Skills (27)
Click a skill to find developers with the same skill
