About
Results-driven SOC Analyst with 5 years of hands-on experience in threat detection, incident response, and threat intelligence operations. Expertise in phishing analysis, log investigation, and SIEM monitoring (Splunk) combined with advanced skills in Proofpoint TAP/TRAP/CLEAR and Microsoft Defender EDR.
Skills & Expertise (4)
Work Experience
SOC Analyst 2
Digital Harbor
09-2022 - 02-2023
Monitor and investigate security alerts generated from Splunk SIEM. Analyze a variety of network and host-based security logs (Firewalls, Proxy, IPS, windows, servers etc.) to determine the correct remediation actions and escalation paths for each incident. Ensure proactive blocking of latest IOCs and perform daily log analysis based on global advisories. Optimize security operations by performing trend analysis, reducing false positives, and fine-tuning detection rules. Proficient in analyzing suspicious emails/files (.doc, .xlsx, .pdf, .exe).
SOC Analyst
Propelld
06-2020 - 03-2022
Handled spam/phishing emails and analyzed malicious files (e.g., DOC, Excel, PDF, EXE). Maintained incident documentation, analyzed incident trends, and shared structured reports with customers. Assisted in developing processes and procedures to improve incident response times, incident analysis, and SOC functions. Monitored security alerts in mailbox, created incidents and added preliminary investigation details, to be escalated to L2. Sent security awareness emails to users regarding cyber-attacks and performed cyber drills related to spam/phishing emails.
Cyber Security Analyst 2
Gyansys Infotech
04-2023 - Present
Monitor and investigate security alerts generated from Splunk SIEM and Microsoft Defender EDR. Create and customize Splunk dashboards and schedule reports to automate security monitoring to improve incident response efficiency. Analyze phishing emails reported by end-users, ensuring rapid containment and remediation. Analyze user sign-in events using Azure AD logs to detect anomalies, investigate unauthorized access attempts, and support incident response activities. Apply MITRE ATT&CK framework to guide and enhance security incident investigations. Ensure proactive blocking of reported IOCs and conduct comprehensive log analysis across security devices in line with global threat advisories. Investigate security incidents, perform root cause analysis, recommend remediation/containment measures and prepare RCA for high priority/Critical incidents to share with customers. Conduct incident trend analysis, remediate false positives, and fine-tune rules to optimize SOC operations. Respond to EDR alerts from Microsoft Defender, isolate endpoints and mitigate malware threats. Document incident cases, root cause analysis, and provide insights to improve SOC playbooks.
Security Analyst
Capgemini
04-2022 - 09-2022
Monitor and investigate security incidents detected by SIEM solution to identify and mitigate potential threats. Analyze logs from various sources to detect anomalies and malicious activity. Efficiently analyze Spam/phishing mails reported by users and analyze suspicious files (.doc, .xlsx, .pdf, .exe etc). Communicate frequently with clients, followed established methodologies, and created/presented clear and concise deliverables. Developed reports on incident trends, enabling management to strengthen email security policies.
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
No Visa
Relocation
Open to Relocation
