Cybersecurity Analyst with hand-on experience in SIEM (Microsoft Sentinel, Splunk), EDR (Defender, CrowdStrike), and cloud security (Azure, AWS). Skilled in threat detection, incident response, vulnerability management, data loss prevention and Zero Trust IAM with Microsoft Entra ID. Proven ability to implement DLP policies using Microsoft Purview and align security programs with NIST CSF, SOC2, MITRE ATT&CK, and ISO 27001 standards.
- Threat Intelligence
- Microsoft Sentinel SIEM Lab with FortiGate NGFW Integration in Azure
- Vulnerability Assessment of Client Details System (CDS 1.0)
- SOC Alert Analysis
- Traffic Analysis Using Wireshark
- SIEM: Microsoft Sentinel, Splunk
- EDR: Microsoft Defender for Endpoint, CrowdStrike
- Threat Detection & IR: KQL, MITRE ATT&CK, IOC/TTP Analysis, Threat Hunting
- Vulnerability Management: Nessus, Qualys, Defender Vulnerability Management
- IAM: Microsoft Entra ID, MFA, Conditional Access, RBAC, SSO
- DLP: Microsoft Purview (Cloud & On-Premises)
- Cloud Security: Azure Security Center, Defender for Cloud
- Compliance: NIST CSF, ISO 27001, SOC 2, CIS Benchmarks
- Network Security: TCP/IP, DNS, DHCP, Firewalls, IDS/IPS, Wireshark, Nmap
- Automation & Scripting: PowerShell, Bash, and basic python
- SOAR: Azure Logic Apps, Playbooks, ServiceNow, Cortex XSOAR
- Soft Skills: Analytical Thinking, Diligence, Communication, Teamwork, Reporting, Adaptive Learner, Willingness to learn.
- CompTIA Security+
- Microsoft Security Operations Analyst Associate (SC-200)
- ISC2 Certified in Cybersecurity
- Fortinet Certified Associate Cybersecurity
- TryHackMe SOC L1
