About
Dedicated Cyber Security Engineer with 3+ years of experience in Security Operations. Skilled in SIEM, Endpoint security, Email Security and Threat hunting. Strong understanding of networking concepts, MITRE ATT&CK, and cyber kill chain, committed to enhancing security operations and reducing organizational risk.
Skills & Expertise (26)
Work Experience
Security Analyst
Genpact
May 2025 - Present
Worked in a dedicated client environment handling security monitoring, incident investigation, response, and remediation activities using Microsoft Sentinel, Microsoft Defender Suite, and Microsoft Entra ID. Investigated and analysed alerts from Microsoft Defender for Endpoint (MDE), Defender for Identity (MDI), Defender for Office 365 (MDO), and Sentinel to identify suspicious or malicious activities. Performed incident response and containment actions including device isolation, malicious IP/domain/hash blocking, email quarantine, and password reset actions. Executed automated security response workflows through Logic Apps and Playbooks for activities including user containment and email remediation. Collaborated with client teams during major incidents to ensure effective remediation and recovery actions were completed. Transitioned to an MSSP environment supporting multiple client infrastructures monitored through IBM QRadar. Monitored security events and alerts from multiple security devices, performing alert triage, analysis, investigation, and escalation based on severity and business impact. Investigated and analyzed logs from firewalls, IDS/IPS, Windows systems, proxy solutions, and endpoint security tools during security investigations. Validated alerts to determine whether activities were malicious, benign, or caused by tool misconfigurations prior to escalation. Utilized SOAR platform “Securaa” to block malicious IPs, domains, URLs, and file hashes for containment and remediation activities. Conducted proactive threat hunting activities to identify Indicators of Compromise (IOCs), suspicious behaviours, and potential threats across client environments. Provided fine-tuning recommendations to reduce false positives and unnecessary alert generation by analyzing recurring incidents and detection behaviour. Coordinated with L3 and security engineering teams regarding alert flooding, noisy detections, and newly observed suspicious patterns for rule optimization. Reported newly identified attack patterns, IOC trends, and suspicious behaviors observed during monitoring activities to improve detection coverage. Collaborated with cross-functional teams to enhance detection use cases, reduce alert noise, and strengthen overall SOC operations. Prepared and shared weekly security reports highlighting incidents, threat trends, and monitoring activities for clients. Maintained incident documentation, SOPs, and investigation notes as part of operational and audit requirements.
Education
No education history added yet
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (26)
Click a skill to find developers with the same skill
