About
Senior Security Operations professional with 6+ years of IT experience, including 4.5+ years in enterprise SOC environments supporting large-scale government and corporate infrastructures. Demonstrated expertise in SIEM monitoring, advanced incident investigation, threat hunting, EDR response, and SOC process optimization. Strong background in IBM QRadar, ArcSight, Splunk, and security operations leadership with a consistent record of improving detection accuracy, response efficiency, and SLA compliance.
Skills & Expertise (57)
Work Experience
Associate SOC Analyst
National Informatics Center (NIC)
Jan 2025 - Present
Perform advanced security event monitoring, investigation, and response using IBM QRadar in a high-availability SOC environment. Conduct malware and phishing investigations, including IOC extraction, threat validation, and containment actions. Execute threat hunting activities leveraging SIEM, EDR, and endpoint telemetry. Administer QRadar including log aggregation, normalization, correlation tuning, DSM updates, and integrations. Monitor SIEM platform health (CPU, RAM, disk, backups) and perform corrective actions proactively. Generate weekly and ad-hoc SOC intelligence reports for stakeholders. Lead email security investigations, analyzing headers and coordinating remediation actions. Support EDR-based investigations with real-time response actions such as file isolation and antivirus scans. Develop and maintain SOC SOPs for integrations, incident handling, and escalation procedures. Manage user access, roles, and privileges for SOC personnel. Coordinate with security engineers and external teams for incident resolution and platform optimization.
Technical Support Engineer (L1/L2)
DXC Technology Pvt. Ltd.
Feb 2018 - Apr 2021
Provided L1/L2 technical support for enterprise hardware, software, and network environments. Monitored infrastructure performance via Grafana dashboards. Resolved Windows OS, endpoint, printer, and peripheral issues. Managed incidents using ServiceNow and other ITSM platforms. Created knowledge base documentation and assisted with root cause analysis. Coordinated with engineering teams for escalated technical issues. Investigated and resolved 1,000+ security alerts annually across SIEM and EDR platforms. Reduced false positives by 30% through alert tuning, improved correlation rules, and SOP enhancements. Maintained 99%+ SLA compliance for incident triage, escalation, and closure. Successfully handled 100+ phishing and malware incidents, preventing lateral movement and data exposure. Improved SOC operational efficiency by 25% through structured reporting and proactive threat hunting. Supported onboarding and normalization of 50+ log sources into IBM QRadar. Conducted continuous SIEM health monitoring resulting in zero critical SIEM outages.
SOC Analyst
IBM Kyndryl
Apr 2021 - Jan 2025
Delivered round-the-clock SOC services for enterprise clients using ArcSight SIEM. Investigated security incidents related to malware, ransomware, phishing, and DDoS attacks. Executed end-to-end incident response, ensuring accurate documentation and SLA adherence. Performed detailed IOC analysis and root cause investigations. Prepared structured incident triage and investigation reports with remediation recommendations. Designed and maintained SIEM dashboards, filters, and monitoring views. Supported incident escalation, stakeholder communication, and shift operations. Assisted clients with risk mitigation strategies and post-incident improvements.
Education
B.Tech – Computer Science Engineering - JNTU Kakinada
- 2013 · Afghanistan
