Jeddah, Makkah, Saudi Arabia
As a Cyber Security Analyst with over 4 years of hands-on experience, I specialize in enhancing organizational security through advanced SIEM solutions, threat detection, and operational optimization. My expertise spans key platforms such as **Splunk** and **Microsoft Sentinel**, where I have consistently delivered results in streamlining security operations, improving threat identification, and automating incident response workflows. In my current role as a SIEM/SOC Engineer at Aranca Pvt Ltd, I have designed and implemented automated SOAR workflows that have significantly reduced manual effort and accelerated threat mitigation processes. Additionally, I have built and optimized custom Splunk dashboards, providing real-time visibility into security threats and improving response times by over 30%. My work with **Microsoft Sentinel** has enhanced cloud security monitoring and ensured seamless scalability across cloud environments. Previously, as a SIEM Engineer at Tata Consultancy Services, I progressed from a Splunk Admin to a Sentinel SME, showcasing my proficiency in both platforms. I led initiatives that reduced false positives by 30% and increased threat identification by 20%, all while ensuring the optimization of use cases and security workflows. Automation through SOAR integration was another key achievement, reducing manual workloads by 30% and boosting team productivity. Certified in Splunk Enterprise Administration, CCNA, and CEH, I am committed to leveraging my technical expertise to mitigate risks, improve security postures, and drive continuous improvement in dynamic security environments. I thrive on challenges and am passionate about contributing to a proactive and resilient security framework.
• Designed and implemented automated SOAR workflows for Julius Baer client to streamline incident response and enhance SOC efficiency, reducing manual effort and accelerating threat mitigation. • Built and optimized custom Splunk dashboards to automate investigation tasks and provide real-time visibility into threats, improving detection accuracy and response times. • Integrated and optimized SIEM processes within Microsoft Sentinel, enhancing cloud security monitoring and improving scalability across cloud environments.
Hands on experience with Splunk SIEM platform and writing queries to extract data from indexers. - Create correlation rules and alerts using Splunk Processing Language and Regular Expressions - Integrate logs from different security devices like application, proxy, database, firewall etc. to SIEM. - Experience in analyzing and onboarding all the possible security tools eg. Fire-eye(HX, EX., NX) ,Palo alto endpoint protection etc.
- Work with customer to understand the requirements and provide relevant solution architecture on Splunk. - Parsing of logs into Splunk using Splunk Add-on or manually extracting fields from logs using regex or by making changes in .conf file. - Analyze/Investigate Phishing E-mails to find out the threat vectors related to it and respond to end user accordingly. - Create dashboards, reports, and use cases as per client request for analysis of real time events and continuous monitoring of dashboards and alerts in Splunk. - Analyze event logs and find out the suspicious adversary behavior and follow MITRE tactics and techniques to improve the detection rate. - Knowledge of Splunk architecture and data ingestion into Splunk. - Knowledge of creating customized apps in Splunk and data enrichment in indexed data.