Back to Developers
GOKUL C S

GOKUL C S

Cyber Security Analyst

Kochi, India
80
Profile Score

About

Experienced Cyber Security Analyst with over 4 years of success in 24/7 Security Operations Centre (SOC) environments, delivering full-spectrum incident response-from triage and escalation to remediation. Skilled in Microsoft Sentinel, Defender and Splunk with a strong grasp of threat detection, root cause analysis, network protocols, and Azure cloud security. Proven ability to anticipate and neutralize threats, improve SOC workflows, and maintain high-quality service across rotating shifts. Adept at building collaborative relationships across teams and stakeholders.

Skills & Expertise (44)

Microsoft Sentinel Advanced
8.8/10
3
Years Exp
Microsoft Defender for Endpoint Advanced
8.6/10
3
Years Exp
Incident Response Advanced
8.4/10
4
Years Exp
Splunk Intermediate
7.9/10
2
Years Exp
WithSecure EDR Intermediate
7.6/10
1
Years Exp
Active Directory Attacks SOP Documentation Privilege Escalation Windows & Linux Attacks SIEM EDR Log Analysis Censornet Virus Total Polarity ANY.RUN Whois Lookup MX Lookup tool dnslytics Scamalytics AbuseIPDB URL Scanner Stakeholder Collaboration Shift Work Flexibility Azure Monitor Threat Hunting MITRE ATT&CK KQL Phishing Analysis IOC/IOA Analysis Azure VMs VNets NSGs Azure Firewall Burp Suite Log Analytics Azure AD (Entra ID) RBAC Key Vault Storage Security Site-to-Site VPN Nmap Metasploit Hydra

Work Experience

Security Operations Centre Analyst

CyberOne Ltd

Nov 2022 - Oct 2025

Monitored, triaged, and investigated security alerts across multiple clients using Microsoft Sentinel, Defender for Endpoint in a 24/7 SOC environment. Acted as an escalation point for L1 analysts, validating alerts, conducting deep-dive investigations, and recommending containment or remediation actions. Developed KQL detection queries, correlation rules, and automated SOAR playbooks, enhancing incident detection and reducing analyst workload. Led incident response efforts, performing root cause analysis, evidence collection, and forensic investigation to identify attacker techniques and entry points. Configured Azure Sentinel SIEM rules, playbooks, and automation workflows to improve incident response efficiency by 30%. Conducted threat hunting and proactive monitoring activities leveraging MITRE ATT&CK techniques to detect and disrupt advanced persistent threats (APTs). Collaborated with infrastructure and endpoint teams to address security gaps, ensuring consistent policy enforcement and patch compliance across hybrid environments. Maintained detailed incident documentation and reporting for governance, compliance, and continuous improvement. Mentored L1 analysts by sharing investigation methods, improving triage accuracy, and streamlining SOC workflows through updated SOPs and playbooks. Delivering security awareness training, phishing simulations, and business continuity planning. Led threat hunting activities leveraging KQL, log analytics, and MITRE ATT&CK mapping to detect advanced threats. Contributed to SOC process enhancements, improving response times and ensuring alignment with NIST and ISO 27001 frameworks.

Cyber Security Analyst

KryptoKloud Ltd

Apr 2022 - Nov 2022

Working in a 24x7 Security Operations Centre. Investigating incidents using With-Secure EDR Platforms. Tracks performance metrics and provides timely updates to CSOC management. Perform network traffic analysis using raw packet data, network flow, Intrusion Detection Systems (IDS), and custom sensor output from communication networks. Works with clients to implement system security measures, assists with computer security plans and documentation, and provides technical guidance and training. Investigate malicious phishing emails, domains and IPs using Splunk and other Open-Source tools and recommend proper blocking based on analysis. Identification of vulnerability and patch management. Experience in using Hive Platform for investigation purpose. Also performs real-time monitoring, investigation, analysis, reporting, and escalations of security events from multiple log sources. Provide technical and operational leadership for cyber-security incident response. Assist with triage, prioritisation and response to cyber-security events and incidents. Provides incident remediation and prevention documentation.

Education

Master of Science in Cyber Security with Advance Research - University Of Hertfordshire

2019 - 2021 · Afghanistan

Bachelor of Science in Cyber Forensic - Mahatma Gandhi University

2016 - 2019 · Afghanistan

Interested in this developer?

Profile Score Breakdown

📷 Photo 10/10
📄 Resume 10/10
💼 Job Title 10/10
✍️ Bio 10/10
🛠️ Skills 20/20
🎓 Education 10/10
⏱️ Experience 5/15
💰 Rate 0/5
🏆 Certs 0/5
Verified 5/5
Total Score 80/100

Profile Overview

Member sinceFeb 2026

Availability Details

Visa Status

Citizen

Relocation

Open to Relocation

Skills (44)

Microsoft Sentinel Microsoft Defender for Endpoint Incident Response Splunk WithSecure EDR Active Directory Attacks SOP Documentation Privilege Escalation Windows & Linux Attacks SIEM +34 more