About
Over 2.4 years of experience in Information Security, currently working as a Security Analyst in a Security Operations Centre (SOC) team. Hands-on experience in threat analysis, malware remediation, and security monitoring and operations. Skilled in using SIEM tools such as LogRhythm, Splunk, and Azure Sentinel for real-time event monitoring and analysis. Proficient in incident investigation, case creation, and escalation to onsite SOC teams for further action. Experienced in log analysis and prompt response to critical security alerts. Responsible for preparing daily, weekly, and monthly security reports as per client requirements. Knowledgeable in networking concepts including OSI layers, TCP/IP, DNS, DHCP, ports, and subnetting. Good understanding of security technologies such as Firewalls (Palo Alto, Checkpoint, Fortinet, Cyberoam), DLP, Antivirus, IPS, and Email Security. Hands-on experience in monitoring and maintaining OWASP security for about 1.8 years. Proficient in 24x7 monitoring of security alerts and phishing sites using SIEM tools and technologies like Watermark, Referrer, and Abuse mailbox. Conducted website anti-malware and defacement monitoring, ensuring real-time alerting and response to anomalies.
Skills & Expertise (30)
Work Experience
SOC Analyst
Tata Consultancy Services (TCS)
Aug 2023 - Present
Monitoring live active channels and connector statuses through SOC dashboards for real-time event visibility. Analyzing threats and vulnerabilities across implemented channels to ensure system integrity. Working as part of an Offshore SOC team, detecting and preventing intrusion attempts. Creating ad hoc, customized, and scheduled reports for various event sources as per client requirements. Collecting and analyzing logs from network devices to identify suspicious or anomalous activities. Investigating security logs, mitigation strategies, and preparing incident reports for identified threats. Performing daily, weekly, and monthly report analysis to track security posture and event trends. Monitoring Windows event logs, identifying login failures and account lockouts based on defined thresholds. Monitoring Tripwire logs for critical file modifications on Windows servers. Monitoring database logs for suspicious logins, unauthorized shutdowns, and critical command executions. Monitoring IPS and Firewall logs to detect and prevent external threats. Managing URL filtering, IP bypassing, and content filtering operations through Forcepoint Proxy. Using Azure Sentinel SIEM for real-time event monitoring, analysis, and alert correlation. Handling and tracking all types of security incidents using ServiceNow, ensuring timely resolution. Experienced in investigating phishing, spam, scam, and malicious email threats and coordinating with relevant teams for mitigation. Participating in security flash calls with offshore and client teams, collaborating on remediation and incident response actions.
Education
B.Tech (Civil) - Wellfare Institute of Science Technology and Managemente, Andhra University
- 2023 · Afghanistan
