About
Senior Security Analyst with 4 years of experience in Security Operations, Incident Response, Threat Detection, Endpoint Security, and Identity & Access Management. Proven expertise in investigating complex security incidents across email, endpoint, identity, and cloud environments, leveraging SIEM, EDR, and threat detection platforms to identify, contain, and remediate threats. Experienced in phishing investigations, threat hunting, detection validation, and security monitoring, with strong hands-on knowledge of Arctic Wolf, Elastic, Microsoft Defender, Microsoft Entra ID, Cisco Secure Endpoint, Cisco Secure Email, Cisco Duo, Tanium, and ServiceNow. Adept at collaborating with customers and cross-functional teams to deliver effective incident response, strengthen security controls, and improve overall security posture. CEH and CompTIA Security+ certified with a strong commitment to operational excellence and continuous security improvement.
Skills & Expertise (34)
Work Experience
Senior Security Analyst
Ahead DB
Sep 2023 - Present
Leading advanced investigation and triage of security incidents across endpoint, identity, email, and cloud environments, ensuring timely detection, containment, and resolution of threats. Performing comprehensive phishing and business email compromise investigations, analyzing email artifacts, assessing organizational impact, coordinating response efforts, and driving remediation activities. Managing end-to-end incident response lifecycle—triage, containment, eradication, and post-incident reviews—ensuring minimal business disruption. Monitoring security telemetry from SIEM, EDR, and threat detection platforms to identify malicious activity, validate alerts, and improve detection accuracy while reducing false positives. Conducting endpoint threat investigations using Microsoft Defender and Cisco Secure Endpoint, performing root cause analysis and recommending corrective actions to mitigate organizational risk. Investigating identity and access-related security events involving Microsoft Entra ID, Active Directory, authentication controls, and multi-factor authentication technologies. Partnered directly with customers during incident response engagements, providing technical guidance, investigation updates, remediation recommendations, and risk assessments. Leveraging Cisco Secure Endpoint for enterprise-wide endpoint visibility, threat hunting and security remediation activities. Assessed and validated security detections, identified control gaps, and recommended detection improvements to strengthen overall security posture. Communicating security findings, threat trends, and operational insights to technical and non-technical stakeholders through incident reports, customer reviews, and security briefings. Collaborating with SOC operations, engineering, and account management teams to improve detection capabilities, streamline response processes, and enhance overall security operations effectiveness.
Technical Analyst
Gulisons Digital Pvt. Ltd.
Aug 2022 - Sep 2023
Provided technical and security-focused support for enterprise users across endpoint, application, access, and authentication-related issues. Performed malicious file investigations and remediation activities, including identifying suspicious files, removing threats from endpoints, and escalating security incidents when required. Managed Active Directory access requests, account provisioning, password resets, MFA troubleshooting, and permission management activities. Supported endpoint administration activities, including software installation, system configuration, device troubleshooting, and policy enforcement across Windows environments. Utilized ServiceNow for incident management while collaborating with infrastructure, desktop support, and security teams to resolve technical and security-related issues.
Education
Bachelor of Technology (B.Tech) in Information Technology - IIMT University
2019 - 2022 · Afghanistan
Diploma in Mechanical Engineering - HSBTE
2016 - 2019 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Open to Relocation
Skills (34)
Click a skill to find developers with the same skill
