About
Results-driven SOC Analyst with 2+ year of hands-on experience in security operations at Tata Consultancy Services. Proven expertise in threat detection, incident response, and security monitoring across enterprise environments managing 5,000+ endpoints. Skilled in leveraging SIEM/EDR platforms (Azure Sentinel, Microsoft Defender, SentinelOne, Carbon Black) to analyze 200+ monthly security incidents with 95% SLA compliance. Microsoft Certified Security Operations Analyst (SC-200) with demonstrated ability to reduce MTTD through optimized KQL queries and custom detection rules.
Skills & Expertise (25)
Work Experience
SOC Analyst
Tata Consultancy Services
Jan 2024 - Present
Monitor and analyze 200+ security incidents monthly across 5,000+ endpoints using Azure Sentinel, Microsoft Defender, SentinelOne, and Carbon Black Response, maintaining 95% SLA compliance. Conduct deep-dive investigations on malware alerts, network anomalies, endpoint threats, phishing campaigns, and DNS/AD logs to identify and mitigate intrusion attempts. Execute incident response procedures including containment, remediation, and recovery strategies for P1/P2 incidents, documenting root cause analysis (RCA) for stakeholder review. Manage threat intelligence operations using MISP platform, monitoring and updating 500+ IOCs (Indicators of Compromise) monthly including malicious IPs, domains, hashes, and URLs. Map detected incidents to MITRE ATTACK tactics and techniques for comprehensive threat profiling and pattern analysis. Analyze inbound/outbound firewall and proxy traffic for anomalous behavior, identifying potential data exfiltration and C2 communication attempts. Administer Azure Sentinel including watchlist management, automation rules, and playbook development for automated response actions. Configure and tune EDR policies across Microsoft Defender, SentinelOne, and Carbon Black to optimize threat detection while minimizing performance impact. Integrate threat feeds and security advisories into SIEM for proactive threat hunting and early warning. Create data visualization dashboards in Azure Sentinel for real-time security monitoring and trend analysis. Escalate critical incidents to senior analysts and management with detailed context, impact assessment, and recommended response actions.
Education
B.Tech. Computer Science - SVVV College
- 2023 · Afghanistan
