About
Cybersecurity professional with 4+ years of experience in Security Operations Center (SOC) environments, specializing in threat monitoring, threat detection, threat hunting, and incident response across enterprise and cloud infrastructure. Skilled in monitoring and analyzing security alerts using SIEM platforms including Splunk, Microsoft Sentinel, and IBM QRadar, with hands-on experience in EDR technologies (CrowdStrike Falcon, Microsoft Defender), malware and phishing investigation, log analysis, and root cause analysis. Experienced in cloud security monitoring across Microsoft Azure and AWS environments, including CSPM and CWPP alert investigation and policy violation analysis. Strong working knowledge of the MITRE ATT&CK framework, NIST Incident Response Framework, NIST Cybersecurity Framework, and Cyber Kill Chain. Proven ability to identify, investigate, contain, and remediate security incidents while collaborating with cross-functional IT, infrastructure, and application teams in 24x7 SOC environments.
Skills & Expertise (46)
Work Experience
Information Security Analyst
INTENSO Technologies Pvt Ltd
Apr 2023 - Present
Monitor and analyze security alerts from Splunk, Microsoft Sentinel, IBM QRadar, EDR, and cloud security platforms, performing triage, investigation, containment, and remediation of security incidents. Conduct root cause analysis of security incidents and prepare detailed reports for stakeholders, covering malware infections, phishing attacks, suspicious processes, and unauthorized access attempts. Escalate critical incidents and coordinate remediation efforts with infrastructure and application teams. Perform proactive threat hunting using SIEM and endpoint telemetry, investigating Indicators of Compromise (IOCs) and Indicators of Attack (IOAs). Apply the MITRE ATT&CK framework to classify attack techniques and adversary behaviors. Develop and optimize SIEM detection use cases and correlation rules to improve visibility and reduce false positives. Monitor Azure and AWS environments for security threats and policy violations, investigating cloud security alerts generated by CSPM and CWPP platforms. Support vulnerability assessment reviews and remediation tracking; assist compliance audits through log analysis and evidence collection. Improve alert triage processes to reduce incident response time and enhance overall threat detection capability.
System Associate
Infosys Ltd
Mar 2022 - Mar 2023
Monitored security events and alerts across enterprise infrastructure, performing log analysis using SIEM technologies to identify malicious activity. Investigated phishing emails, suspicious endpoint activities, and malware incidents, including IOC validation. Supported incident response processes and documentation; created and maintained security operations reports and dashboards. Collaborated with cross-functional teams to drive remediation and incident closure.
Education
Bachelor's Degree - Sri Krishnadevaraya University
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Depends on Offer
Skills (46)
Click a skill to find developers with the same skill
