Aagam sanghavi
Information Security & GRC Analyst
About
Information Security and GRC professional with close to three years of hands-on experience spanning security operations, compliance support, governance documentation, and risk advisory. Began as a Cybersecurity Analyst Intern developing foundational skills in threat monitoring and security processes, progressed into a SOC Analyst role conducting 24x7 incident monitoring and detection, and currently working as a Security Engineer at Secured Monk with growing responsibility across GRC functions including policy documentation, audit evidence management, vendor security assessments, and customer-facing security engagements.
Skills & Expertise (23)
Work Experience
Security Engineer
Secured Monk
Aug 2025 - Present
Transitioned into a broader security engineering and GRC support role, taking on governance, compliance, and operational security responsibilities alongside continued detection and response activities. Contributing to governance documentation efforts including security policy drafting, procedure reviews, and operational control documentation aligned with SOC 2 and ISO 27001 principles. Supporting audit readiness activities by coordinating evidence collection, maintaining records of control effectiveness, and assisting with preparation for internal security reviews. Assisting in vendor security assessments and security questionnaire responses for enterprise clients, ensuring alignment with regulatory and contractual security expectations. Participating in risk tracking activities, helping document identified risks, mitigation steps, and residual risk statuses within the team's risk register workflow. Conducting dark web monitoring and threat intelligence analysis to identify exposed organizational data, credential leaks, and potential brand risks for client environments. Collaborating with engineering and operations teams to improve security visibility, address identified gaps, and support operational maturity initiatives. Supporting customer-facing security discussions by preparing security posture documentation, summarizing control coverage, and contributing to technical security communications.
SOC Analyst
Secured Monk
Aug 2024 - Jul 2025
Performed continuous security monitoring across network and endpoint environments for multiple client organizations using SIEM, EDR, and XDR technologies. Conducted alert triage and incident investigation, categorizing and prioritizing security events based on severity, impact, and organizational risk context. Investigated suspicious activities including malware incidents, phishing attempts, unauthorized access events, and account compromise scenarios. Documented incident timelines, investigation findings, and remediation actions in alignment with operational compliance standards and audit readiness expectations. Assisted with developing and refining detection use cases and monitoring playbooks to improve alert quality and operational consistency. Coordinated with client teams during security incidents, communicating findings clearly and supporting remediation tracking through to resolution. Contributed to governance-adjacent tasks including maintaining security logs, supporting evidence collection for periodic reviews, and assisting with risk documentation. Conducted dark web intelligence checks for client organizations to proactively identify data exposure risks and inform remediation priorities.
Cybersecurity Analyst Intern
Tech Skill School
Jan 2024 - Jul 2024
Gained foundational experience in cybersecurity operations, security monitoring concepts, and governance-aligned security practices in a structured learning and work environment. Assisted in developing cybersecurity course materials covering security operations, GRC concepts, threat analysis, and incident response fundamentals. Supported documentation efforts for security training content, ensuring technical accuracy and alignment with industry frameworks and best practices. Gained exposure to security policy frameworks, compliance requirements, and governance documentation as part of supporting internal security awareness and content programs. Conducted research on emerging cybersecurity topics, threat landscapes, and GRC developments to support course development and content production. Participated in team discussions around security operations workflows, helping bridge theoretical framework knowledge with real-world operational context.
Education
B.Tech in Information Technology - Gyanmanjari Innovative University
2025 - · Afghanistan
Micro Credit Degree in Cyber Security - Indian Institute of Technology, Guwahati
2025 - · Afghanistan
Diploma in Information Technology - Gujarat Technological University
2022 - 2025 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (23)
Click a skill to find developers with the same skill
