Hamza Zafar
Lahore
Summary
As a Level 1 SOC Analyst, primary responsibilities include monitoring security alerts, performing initial triage, and determining the severity of potential threats. Use various security tools, such as SIEM (Microsoft Azure Sentinel), to identify and analyze suspicious activities. As a L1 SOC Analysts collaborate with senior analysts for deeper investigations and ensure timely escalation of incidents.
Overview
2
2
years of professional experience
Work History
SOC ANALYST L1
TECHNOGENICS SMC PVT LTD
Lahore
10.2022 - Current
- Developed and implemented strategies to detect emerging cyber threats.
- Respond promptly to any reported issues or alerts related to system or network security.
- Collaborated with internal teams to improve system performance and enhance overall security posture of the organization's infrastructure.
- Learned about the latest security threats from blogs and online publications.
- Writing Rules and Decoders for Wazuh.
- Monitoring all Networks, VPN, Endpoints, Windows, and Emails logs using SIEM tool such as SPLUNK and WAZUH.
- Alert triaging, incident handling, checking reputation of URLs, IPs, files, hashes, etc.
- Created detailed reports outlining the findings of investigations into security events or incidents.
- Log forwarding from Endpoints, Firewall, to SIEM tools.
- Performed incident response and root cause analysis on security incidents. Utilized Microsoft Sentinel to monitor, detect, and respond to security incidents.
- Analyze and investigate alerts generated by Sentinel to identify potential threats.
- Perform in-depth analysis of security events and trends within Sentinel.
- Fine-tune and customize Sentinel alerts to minimize false positives.
- Coordinate with various teams to contain, mitigate, and remediate security incidents.
- Document incident response actions and develop lessons learned for future improvements.
Education
Bachelor of Science - Computer Science
Islamic University Bahawalpur
03.2022
Skills
- Microsoft Defender
- Microsoft Sentinel
- Alert Triage
- Alert Tuning
- Incident Handling
- Incident Investigation
- Decoders/Rules
- Regex
- Endpoint Security
- 24/7 Coverage
- Phishing Campaign
- Intrusion Detection
- Vulnerability Assessment
- Malware Analysis
- Bash Scripting
- Automation
- Collaboration
- Problem Solving
- Incident Response
Hands-On
- Microsoft Sentinel
- Wazuh ELK
- StrikeReady
- Splunk
- CrowdStrike
- Microsoft Defender
- Jira
- Wireshark
Projects
- Deploying (WAZUH and SPLUNK) SIEM for monitoring and alert triaging.
- Writing Bash Script's for extracting IOC's, URL's and Domain's.
- Create Phishing Campaign for Security Improvements.
Timeline
SOC ANALYST L1
TECHNOGENICS SMC PVT LTD
10.2022 - Current
Bachelor of Science - Computer Science
Islamic University Bahawalpur
Similar Profiles
Usman ZafarUsman Zafar
Software Engineer at TechnoGenics SMC PVTSoftware Engineer at TechnoGenics SMC PVT
Mashooque AliMashooque Ali
SOC Analyst L2 at TECHNOGENICS SMC PVT LTDSOC Analyst L2 at TECHNOGENICS SMC PVT LTD
ABDUL HASEEBABDUL HASEEB
Director of Operations at Commander Builders (SMC-Pvt.) LtdDirector of Operations at Commander Builders (SMC-Pvt.) Ltd
HAMZA BHATTIHAMZA BHATTI
Senior Mern Stack Developer at DevCacheSenior Mern Stack Developer at DevCache
Hassam GulHassam Gul
Data Analyst at A Great Place to SitData Analyst at A Great Place to Sit