Gandharva
Cybersecurity Analyst
About
Cybersecurity Operations Analyst with hands-on experience in SOC environments specializing in SIEM monitoring, alert triage, incident investigation, endpoint security, and threat detection using Splunk Enterprise Security, CrowdStrike Falcon, and ServiceNow. Skilled in incident response, IOC investigation, log analysis, threat intelligence, and security monitoring across endpoint, authentication, firewall, and network telemetry sources. Strong understanding of network security, Windows & Linux systems, MITRE ATT&CK, Cyber Kill Chain, malware analysis, and security event correlation. Familiar with AWS & Azure security fundamentals, vulnerability management concepts, and AI-assisted cybersecurity analysis for log investigation, query generation, and IOC enrichment.
Skills & Expertise (44)
Work Experience
SOC Analyst | Cybersecurity Operations
Mohan & Kotkar IT Solutions
Jul 2024 - Present
Monitor and analyze security alerts across endpoint, authentication, firewall, and network telemetry sources using Splunk Enterprise Security within enterprise SOC environments. Perform alert triage, incident investigation, IOC validation, and security event correlation to identify malicious activity, phishing attempts, malware execution, unauthorized access, and suspicious behavior. Investigate endpoint telemetry using CrowdStrike Falcon, including process tree analysis, command-line activity review, privilege escalation detection, persistence analysis, and IOC investigation. Support the incident response lifecycle including detection, analysis, containment, escalation, remediation coordination, recovery support, and incident closure aligned with SOC procedures and SLA requirements. Analyze Windows event logs, authentication logs, firewall telemetry, DNS activity, and network traffic indicators to detect abnormal patterns and potential cybersecurity threats. Execute endpoint response actions including host isolation, IOC blocking, and threat containment to support remediation and incident mitigation activities. Tune and optimize Splunk correlation searches, alert logic, and detection workflows to improve monitoring effectiveness, threat visibility, and false positive reduction. Apply MITRE ATT&CK and Cyber Kill Chain methodologies to map adversary tactics, techniques, and procedures (TTPs) during threat investigations and security analysis. Maintain detailed incident documentation, root cause analysis (RCA), escalation records, and case management activities using ServiceNow workflows and SOC documentation standards. Collaborate with cross-functional IT and security teams to strengthen security operations, improve detection coverage, and support continuous monitoring and incident response initiatives. Utilize AI-assisted cybersecurity tools for log analysis, SPL query refinement, IOC enrichment, regex generation, threat investigation, and security documentation support.
Education
Master of Business Administration (MBA) - MIT World Peace University
2022 - 2024 · Afghanistan
Bachelor of Business Administration (BBA) - New Arts, Commerce and Science College
2019 - 2022 · Afghanistan
Certifications
Cybersecurity Essentials: Cyber Threat Intelligence 101
Udemy · 2025
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Depends on Offer
Skills (44)
Click a skill to find developers with the same skill
