About
SOC Analyst (L1) with 3+ years of experience in security event monitoring, incident triage, and alert management within a 24×7 Security Operations Center (SOC). Proficient in working with Security Information and Event Management (SIEM) tools (Splunk, IBM QRadar), endpoint protection (CrowdStrike Falcon), and network security technologies (Palo Alto, Zscaler). Skilled in investigating phishing, malware, and brute-force attacks, performing log analysis, and escalating incidents as per SLA requirements. Experienced in using ServiceNow for case management and Mimecast for email security investigations. Strong understanding of incident response processes, threat analysis, and security monitoring workflows. Focused on maintaining high-quality alert handling, improving SOC efficiency, and ensuring timely and accurate incident documentation.
Skills & Expertise (15)
Work Experience
SOC Analyst
Accenture
Feb 2023 - Present
Proficient in SIEM platforms such as Splunk for log monitoring, correlation, and threat detection. Experienced in real-time event analysis to identify and mitigate threats including malware, phishing, brute-force, and insider attacks. Skilled in endpoint detection and response using CrowdStrike Falcon for malware containment and host investigation. Conducted phishing investigations using Mimecast, analyzing headers, attachments, URLs, and sender patterns for IOC enrichment. Proficient in analyzing firewall and proxy logs from Palo Alto and Zscaler to detect suspicious traffic and policy violations. Strong expertise in incident documentation, categorization, and escalation through ServiceNow, ensuring SLA compliance. Experienced in alert correlation, rule fine-tuning, and dashboard creation within SIEM tools to reduce noise and improve detection accuracy. Participated in log source onboarding and validation, ensuring complete visibility across enterprise endpoints and network devices. Assisted in incident containment and mitigation activities in collaboration with L2 and Incident Response teams. Created and maintained SOC runbooks, SOPs, and escalation matrices for standardized incident handling. Prepared and presented daily, weekly, and monthly SOC performance and incident reports to management. Conducted IOC analysis and enrichment using internal and external threat intelligence feeds to enhance situational awareness. Performed log analysis and event correlation to detect anomalies, policy breaches, and unauthorized access attempts. Supported vulnerability management and patch validation by analyzing network and endpoint logs for security gaps. Contributed to SIEM health checks and data validation, ensuring continuous ingestion and alert accuracy. Collaborated with network, IT, and application teams to perform containment actions such as blocking malicious IPs and isolating hosts. Recognized for attention to detail, proactive alert management, maintaining consistent SLA adherence and incident accuracy.
Education
Bachelor of Technology (Btech) - Shivaji University
- 2022 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (15)
Click a skill to find developers with the same skill
