About
SOC Analyst (Level 1) with hands-on experience in continuous security monitoring, alert triage, and incident response within enterprise environments. Proficient in analyzing and investigating security alerts using Rapid7 InsightIDR, Microsoft Sentinel, and Microsoft Defender for Endpoint to identify false positives and escalate validated incidents. Experienced in log analysis, threat detection, and initial containment actions, with exposure to CrowdStrike Falcon and AWS EC2 sandbox environments for basic threat analysis. Strong understanding of SOC workflows, incident handling procedures, and security event documentation, ensuring timely detection and response to potential threats.
Skills & Expertise (26)
Work Experience
Accounts Manager
Vidhyadeep Degree College
Jan 2020 - Jan 2024
Managed the college’s internal fee processing portal and transaction records. Reconciled bank accounts and maintained ledger accounts. Generated salary slips and maintained payroll records. Handled overall financial account management and reporting.
System / Data Analyst
District Agricultural Department
Jan 2018 - Jan 2020
Processed Direct Benefit Transfers (DBT) efficiently ensuring accurate disbursement of government subsidies and benefits to recipients’ (registered farmers) bank accounts through secure banking portals and internal systems. Developed an Inventory Management Application to streamline stock tracking and reporting using UI Automation tools (Atoll, Selenium or UI Path) enhancing operational efficiency and minimizing manual record error. Collaborated with cross functional teams to identify software improvement opportunities and ensured a smooth working experience on the Inventory Management Application.
SOC L1 Analyst
Amerisource Solutions Pvt. Ltd
Dec 2024 - Mar 2026
Monitored and triaged 80+ security alerts per shift using Rapid7 InsightIDR and Microsoft Sentinel, identifying genuine threats while reducing false positives through effective correlation and validation. Maintained 98% SLA adherence by prioritizing alerts based on severity and ensuring timely investigation, response, and documentation. Escalated 25–30% of validated high-severity incidents to L2/L3 teams with detailed analysis, supporting faster containment and remediation. Analyzed Windows Event Logs to detect suspicious login attempts, account lockouts, and potential privilege escalation activities across endpoints and Windows servers. Investigated authentication logs to identify failed login attempts, abnormal access patterns, and possible brute-force attacks. Validated Microsoft Defender for Endpoint alerts and conducted IOC searches across endpoint, firewall, and cloud environments to confirm compromise indicators. Investigated phishing alerts by analyzing email headers, embedded URLs, sender reputation, and attachment behavior to determine malicious intent. Reviewed DNS and HTTP logs to detect suspicious outbound connections, command-and-control (C2) communication, and data exfiltration attempts. Performed log analysis across Windows servers, firewall devices, endpoints, and cloud environments to support threat detection and incident response. Assisted in tuning detection rules and improving monitoring use cases, contributing to enhanced alert accuracy and overall SOC operational efficiency.
Education
Bachelor of Technology (B.Tech.) in Computer Science - JB Institute of Technology, Uttarakhand Technical University
2012 - 2016 · Afghanistan
