About
Security Operations Analyst with 3+ years of experience in cloud security monitoring, Incident Response, vulnerability remediation, and Threat Detection across enterprise environments. Skilled in Azure Security Operations, SIEM/EDR/XDR analysis, cloud governance, network security, and compliance-aligned security practices. Experienced in documenting security standards, evaluating new technologies, performing threat hunts, and collaborating with engineering, security, and operations teams to strengthen the security posture. Strong understanding of PCI-DSS, HIPAA, and GDPR aligned controls.
Skills & Expertise (24)
Work Experience
Cyber Security Analyst (SOC Analyst)
Tata Consultancy Services
May 2022 - Present
Monitoring and security internal devices and employee security. Worked with different security tools for overall analysis and to mitigate risks. Tools like EDR, SIEM, Azure AD, XDR, etc. Respond to alerts from SIEM in real time and mitigate by blocking the IP’s/Domains on Firewalls and Proxy servers. Handle alerts triggered from associate’s devices through EDR for unauthorized/unusual/malicious executables or PUP’s and thereby mitigating the threat by network isolating the host and perform necessary remediation measures accordingly. Investigate Host / Event/ Network timeline logs for suspicious obfuscated executions and perform root cause analysis, thereby providing suitable solutions. Investigate possible domain impersonation, typo squat and on possible leaked credentials based on intel received from Threat Intelligence platform. Investigate alerts from Google Workspace for suspicious user activity and phishing mail. Investigate alerts from Attivo-Deception technology. Monitor and analyze malicious behavior without exposing actual assets and identify attacker tactics and techniques. Respond to CASB and Prisma alerts to handle incidents from services hosted in the cloud. Investigate malicious phishing emails, domains, and IPs using appropriate open-source tools and recommend appropriate remediation for the same with detailed report. Security Architecture & SOP Documentation. Monitored cloud environments (Azure AD, CASB, Prisma Cloud) for security alerts, misconfigurations, suspicious login patterns, and policy violations. Responded to SIEM and EDR alerts in real time; identified and mitigated threats involving malware, obfuscated scripts, PUPs, unauthorized executables, and privilege anomalies. Investigated and remediated cloud, network, and endpoint vulnerabilities. Conducted regular IOC and TTP-based threat hunts across endpoints and cloud infrastructure. Analyzed phishing attacks, malicious domains, file hashes, and URLs using sandboxing and TI sources. Perform threat hunt across the organization by checking IOC’s through TTP’s and perform mitigation/remediation accordingly and maintaining detailed report for the same. Manage L1’s in shift and monitor alert flow to keep track SLA and to ensure critical alerts are not missed. Collaborated with cross functional teams to make the work more efficient. Regular communication with L1/L2/L3 Analyst Managers as part of the investigation results in a solution to the problem quickly and more effectively.
Education
Bachelor of Technology in Electrical and Electronics Engineering - Ideal Institute of Technology
- · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Relocation
Depends on Offer