About
Cybersecurity professional with over 2.6 Years experience in threat analysis, incident response, and vulnerability management. Adept at implementing security protocols, conducting risk assessments, and ensuring compliance with industry standards. Strong problem-solving skills and focus on maintaining secure and stable IT environments.
Skills & Expertise (39)
Work Experience
Cyber Security Engineer
SourceMash Technologies
Aug 2025 - Present
Hands-on experience in analysing phishing emails and malware emails, performing soft deletes and hard deletes of malicious emails from the email cluster, and adding indicators to the tenant allow list/block list based on analysing the IOCs. Knowledge of Group Policy Objects, Active Directory security and compliance configurations, and migrating to the Intune administrator console. Experience in working on host isolation and advanced threat analysis using EDR, Microsoft Defender ATP. Experience in creating group policies and initiating remote wipe-outs on end devices by using the Intune administrator console. Implemented conditional access policies and integrated Intune with Azure Active Directory for enhanced security and user authentication. Configured and optimised Microsoft Defender for Endpoint to enhance protection against malware, ransomware, and advanced threats. Implemented security policies and automated remediation processes using Microsoft Defender across enterprise environments. Experienced in integrating Microsoft Defender with a SIEM solution to streamline threat. Experience in creating Log Analytics workspaces, creating conditional access policies, and detection rules using Defender 365, and Azure Sentinel. Good hands-on experience in creating virtual machines, deploying endpoint agents on them, and managing IAM roles in an AWS environment. Experienced in creating PIM roles and managing the RBAC roles using Sentinel. Creating and fine-tuning use cases and custom detection rules by using the KQL languages in the Defender. Experienced in managing the Intune administrator console and creating group policies. Experience in handling technical administration and troubleshooting activities related to the M365 Defender suite. Handling spam and phishing email submissions from end-users, taking containment steps by further investigating domains and IPs to recommend proper blocking, and creating SPF, DKIM, and DMARC records for the domains to protect against spoofing. Hands-on experience (L2 level) in support, implementation, configuration, and management of EDR/AV solutions. Proficient in security tools and technologies such as SIEM, EDR, IDS/IPS, firewalls, and vulnerability scanners. Strong understanding of Zero Trust security models and implementation. Expertise in using SOAR technologies such as Logic Apps, implementing playbooks, and creating automation rules using Microsoft Sentinel SOAR. Monitoring, analysing, and responding to infrastructure threats, vulnerabilities, and risks. Collecting the logs of all the Windows, Linux, and network devices, and analysing the logs to find suspicious activities. Experienced in creating and fine-tuning compliance policies and ASR rules using the Intune portal. Strong knowledge and working experience in Office 365 email gateway solutions; fully owning, managing, monitoring, and administering the email security stack and policies for both on-premises and cloud environments, which include Office 365 email security solutions. Configure and manage dashboards, notebooks, data connectors, and playbooks in Azure Sentinel. Hunt security threats using Azure Sentinel. Good knowledge in analysing different malicious executables and documents. Good understanding of Azure Active Directory, Azure MFA, and conditional access. Experience in onboarding and offboarding Windows Server 2016 R2 and 2019 by installing the MMA/unified agent, and troubleshooting server-level issues. Experience in the Qualys Vulnerability Management tool to perform vulnerability scanning and reporting. Experience in creating runbooks, SOPs, and documents supporting Security Operations. Experienced in analysing phishing emails, user-reported emails, and malware emails by using Proofpoint, Office 365, and Defender verdicts. Experienced in whitelisting and blacklisting web applications using MCAS. Experienced in analysing the Azure audit logs and sign-in logs of the user, checking the interactive and non-interactive sign-ins of the Azure account-related domains. Hands-on experience in creating and managing the endpoint health check reports and vulnerability reports to reduce the exposure score. Good hands-on experience in providing KT sessions and training, and in assigning tasks to juniors. Experience in creating and maintaining the daily, weekly, and monthly reports of device health status using Defender ATP. Experience in initiating vulnerability scans on end devices and servers for automated reports using Rapid7. Knowledge of Group Policy Objects, Active Directory security and compliance configurations, and migrating to the Intune administrator console. Experienced in creating or managing virtual machines, deploying ISO files, and managing snapshots/images. Experience with compliance tickets and advisory for the blacklisting of IOCs, and processes using Endpoint Security. In-depth knowledge of endpoint protection. Managed Active Directory user lifecycle operations including account creation, access provisioning based on role (mirror ID), password resets, and deactivation aligned with security policies. Administered Salesforce user accounts by handling access control, monitoring inactive accounts, and resolving user-related incidents to maintain system integrity. Supported identity and access management processes by efficiently handling employee onboarding/offboarding and ensuring compliance with organizational security standards.
Education
BVoc Software Development - Ideal College of Arts and Sciences
- 2023 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (39)
Click a skill to find developers with the same skill
