About
SOC Analyst with 3+ years of experience in 24x7 Security Operations Center (SOC) environments, specializing in Splunk Enterprise Security (SIEM) and Splunk SOAR automation. Experienced in phishing investigation, email security operations, alert triage, and incident response. Skilled in threat detection, IOC enrichment, correlation search tuning, and false positive reduction while maintaining strong SLA compliance and KPI-driven performance. Adept at executing both automated and manual SOAR playbooks to enhance response efficiency and strengthen overall security posture.
Skills & Expertise (27)
Work Experience
SOC Analyst
Trenika Technologies Private Limited
Feb 2023 - Present
Monitor and analyze security alerts using Splunk ES in a 24x7 SOC environment. Perform alert triage to identify true positives and reduce false positives. Ensure incident response within defined SLA timelines. Execute Splunk SOAR pre-built playbooks for automated phishing response and IOC enrichment. Trigger manual SOAR playbooks for advanced investigations and containment. Investigate phishing emails using Mimecast including header and reputation analysis. Block malicious IPs, domains, and URLs using Cisco Umbrella. Tune correlation searches and detection rules to improve monitoring efficiency. Manage email quarantine review and threat validation. Conduct phishing awareness simulations using KnowBe4. Prepare incident reports and SOC performance dashboards. Collaborate with IT and messaging teams to strengthen email security posture.
Education
Bachelor of Technology (B.Tech) – Electrical and Electronics Engineering - JB Institute of Engineering and Technology
- 2023 · Afghanistan
