Rohit Jogdankar
Security Operations Center (SOC) Analyst
About
Dedicated Security Operations Center (SOC) Analyst with over 3+ years of hands-on experience in threat detection, Incident response, and security monitoring using Splunk ES & Azure Sentinel SIEM, Microsoft Defender for Endpoint, and O365 Defender. Skilled in analyzing and responding to various cyber threats, including phishing, malware, C2 communications, persistence, and lateral movement attacks. Adept at handling PowerShell-based attacks, Windows security alerts, and network-related incidents. Strong analytical and communication skills with a focus on maintaining enterprise security posture and continuous improvement of SOC processes.
Skills & Expertise (24)
Work Experience
Network Analyst
NCR Corporations
Nov 2020 - Jul 2022
Experienced in investigating and analyzing firewall logs, IDS/IPS logs, and proxy logs to identify and mitigate potential threats. Investigated alerts generated by IDS/IPS systems, distinguishing between false positives and legitimate threats, and escalating critical incidents to senior analysts. Analyzed logs from Proxy, IDS/IPS, Firewalls, and AV tools to trace attack paths and confirm compromise. Skilled in performing incident investigations, threat detection, and root cause analysis to enhance network security. Analyze Proxy alerts to detect suspicious outbound connections, command-and-control activity, and exfiltration attempts. Solid understanding of routers, switches, and core networking concepts to support secure infrastructure operations. Monitored network performance and identified common connectivity issues. Supported end-users with network-related problems. Hands-on experience in monitoring, and reporting on network security events.
SOC Analyst
Harman International
Aug 2022 - Present
Monitor 24*7 analyze security alerts from Splunk ES and Microsoft Defender for Endpoint to detect and respond to potential threats. Utilized Sentinel One EDR/XDR and Microsoft Defender to detect and mitigate malware, ransomware, and fireless attacks. Investigate and remediate Windows security alerts including: Account lockouts / multiple failed login attempts (Brute Force) Suspicious PowerShell activities and script execution Registry modifications and persistence mechanisms Unusual process creation. Lateral movement indicators (e.g., RDP anomalies, SMB access) Malicious binaries or process injections. Investigate and triage Sentinel One EDR/XDR alerts, identifying malicious activity and escalating incidents where necessary. Investigated and responded to alerts from Microsoft Defender for Endpoint and O365 Defender, including phishing attempts, malicious attachments, and suspicious user behavior. Analyze Proxy alerts to detect suspicious outbound connections, command-and-control activity, and exfiltration attempts. Conduct Malware Investigations, including sandbox analysis, hash reputation lookups. Perform Phishing Investigations, analyzing suspicious emails, URLs, and attachments to prevent user compromise. Escalated confirmed incidents to senior analysts and incident response teams. Follow the incident response lifecycle: detection, containment, eradication, recovery, and lessons learned. Investigate malware infections, perform triage and sandbox analysis, and coordinate remediation actions. Identify and mitigate Command-and-Control (C2) traffic, and escalate confirmed incidents for containment. Analyze proxy and firewall alerts to identify data exfiltration attempts or policy violations. Collaborate with incident response teams to perform root cause analysis and prepare incident reports. Regularly tune SIEM detection rules and update use cases aligned with MITRE ATT&CK.
Education
Bachelor of Science in Technology - Lokamanya Tilak College of Engineering
- 2019 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (24)
Click a skill to find developers with the same skill
