Back to Developers
Anshul Gehlot

Anshul Gehlot

SOC Analyst

80
Profile Score

About

Results-driven SOC Analyst with 2+ year of hands-on experience in security operations at Tata Consultancy Services. Proven expertise in threat detection, incident response, and security monitoring across enterprise environments managing 5,000+ endpoints. Skilled in leveraging SIEM/EDR platforms (Azure Sentinel, Microsoft Defender, SentinelOne, Carbon Black) to analyze 200+ monthly security incidents with 95% SLA compliance. Microsoft Certified Security Operations Analyst (SC-200) with demonstrated ability to reduce MTTD through optimized KQL queries and custom detection rules.

Skills & Expertise (25)

Microsoft Azure Sentinel Intermediate
8.4/10
2
Years Exp
SIEM & EDR Platforms Intermediate
8.1/10
2
Years Exp
Incident Response Lifecycle Intermediate
8.0/10
2
Years Exp
MITRE ATT&CK Intermediate
8.0/10
2
Years Exp
Microsoft Defender for Endpoint Intermediate
8.0/10
2
Years Exp
SentinelOne Intermediate
8.0/10
2
Years Exp
Carbon Black Response Intermediate
8.0/10
2
Years Exp
Malware Analysis Intermediate
7.8/10
2
Years Exp
NIST Cybersecurity Framework Intermediate
7.8/10
2
Years Exp
IDS/IPS Intermediate
7.8/10
2
Years Exp
Firewall/Proxy Analysis Intermediate
7.8/10
2
Years Exp
log correlation Intermediate
7.8/10
2
Years Exp
Network Traffic Analysis Intermediate
7.8/10
2
Years Exp
Phishing Investigation Intermediate
7.8/10
2
Years Exp
Runbooks Intermediate
7.8/10
2
Years Exp
Playbooks Intermediate
7.8/10
2
Years Exp
Threat Actor Profiling Intermediate
7.8/10
2
Years Exp
IOC Management Intermediate
7.8/10
2
Years Exp
Azure Logic Apps Intermediate
7.6/10
2
Years Exp
TCP/IP Intermediate
7.6/10
2
Years Exp
DNS/DHCP Intermediate
7.6/10
2
Years Exp
Hash Analysis Intermediate
7.6/10
2
Years Exp
MISP Intermediate
7.6/10
2
Years Exp
KQL (Kusto Query Language) Intermediate
7.6/10
2
Years Exp
ServiceNow Intermediate
7.2/10
2
Years Exp

Work Experience

SOC Analyst

Tata Consultancy Services

Jan 2024 - Present

Monitor and analyze 200+ security incidents monthly across 5,000+ endpoints using Azure Sentinel, Microsoft Defender, SentinelOne, and Carbon Black Response, maintaining 95% SLA compliance. Conduct deep-dive investigations on malware alerts, network anomalies, endpoint threats, phishing campaigns, and DNS/AD logs to identify and mitigate intrusion attempts. Execute incident response procedures including containment, remediation, and recovery strategies for P1/P2 incidents, documenting root cause analysis (RCA) for stakeholder review. Manage threat intelligence operations using MISP platform, monitoring and updating 500+ IOCs (Indicators of Compromise) monthly including malicious IPs, domains, hashes, and URLs. Map detected incidents to MITRE ATTACK tactics and techniques for comprehensive threat profiling and pattern analysis. Analyze inbound/outbound firewall and proxy traffic for anomalous behavior, identifying potential data exfiltration and C2 communication attempts. Administer Azure Sentinel including watchlist management, automation rules, and playbook development for automated response actions. Configure and tune EDR policies across Microsoft Defender, SentinelOne, and Carbon Black to optimize threat detection while minimizing performance impact. Integrate threat feeds and security advisories into SIEM for proactive threat hunting and early warning. Create data visualization dashboards in Azure Sentinel for real-time security monitoring and trend analysis. Escalate critical incidents to senior analysts and management with detailed context, impact assessment, and recommended response actions.

Education

B.Tech. Computer Science - SVVV College

- 2023 · Afghanistan

Interested in this developer?

Profile Score Breakdown

📷 Photo 10/10
📄 Resume 10/10
💼 Job Title 10/10
✍️ Bio 10/10
🛠️ Skills 20/20
🎓 Education 10/10
⏱️ Experience 5/15
💰 Rate 0/5
🏆 Certs 0/5
Verified 5/5
Total Score 80/100

Profile Overview

Member sinceFeb 2026

Skills (25)

Microsoft Azure Sentinel SIEM & EDR Platforms Incident Response Lifecycle MITRE ATT&CK Microsoft Defender for Endpoint SentinelOne Carbon Black Response Malware Analysis NIST Cybersecurity Framework IDS/IPS +15 more