About
Motivated and detail-oriented cybersecurity professional with over 4 years of experience in Security Operations. Proficient in monitoring, triaging, and investigating security alerts, as well as responding to cyber threats using tools such as Coralogix, Azure Sentinel, Google Chronicle, QRadar, and Microsoft Defender. Experienced in threat intelligence analysis and proactive threat hunting to identify and mitigate advanced threats. Possesses strong expertise in SIEM, EDR, email security, and network threat detection. Proven ability to enhance organizational security posture through proactive threat monitoring, in-depth analysis, and effective cross-functional collaboration.
Skills & Expertise (28)
Work Experience
Analyst - CDC
Cloud4C (Part of Capgemini)
Nov 2024 - Present
Operated in a 24×7 Security Operations Center (SOC) environment, performing continuous log analysis, threat detection, and incident response across SIEM, Microsoft Sentinel, Microsoft 365 Defender, and Defender for Cloud. Monitored, analysed, and triaged security events generated from the SIEM platform (QRadar, Microsoft Sentinel, Google Chronical and O365 and Defender ensuring timely detection of suspicious activities and potential threats. Performed incident monitoring and investigation using Azure Sentinel, taking appropriate action on confirmed true-positive security incidents. Analyzed inbound emails and classified them as phishing, spam, or legitimate based on header, URL, and content analysis. Performed incident analysis, root cause analysis (RCA), and provided actionable remediation recommendations. Raised security incidents to block malicious activity and added Indicators of Compromise (IOCs) to the active lists in EDR and Firewall, WAF. Monitored database and application logs, investigated anomalies, and escalated findings to respective teams for remediation. Fine-tuned SIEM rules, correlation logic, and detection use cases to enhance threat detection accuracy and reduce false positives. Delivered SOC services to enterprise clients, including alert triage, incident response, containment, and threat mitigation across hybrid environments. Ensured timely closure of alerts and incidents while maintaining strict SLA compliance and high-quality response standards. Delivered weekly and monthly operational security reports to customers and internal stakeholders.
Cyber Security Engineer
CoinDCX
Apr 2022 - Nov 2024
Operated in a 24x7 Security Operations Center, monitoring SOC events and detecting/preventing intrusion attempts. Utilized SIEM tools, including Coralogix, for real-time event monitoring, log aggregation, and threat detection. Analyzed inbound emails and classified them as phishing, spam, or legitimate based on header, URL, and content analysis. Collected and analyzed logs from network devices to identify suspicious activities and potential security incidents. Monitored and analyzed data flow using EDR tools to detect, block, and remediate malicious behavior or compromised hosts. Monitored AWS services (CloudTrail, GuardDuty, VPC Flow Logs, WAF, IAM) for security threats and anomalous activities. Monitored and analyzed spike event logs in Cloudflare to identify potential attacks or unusual activity. Investigated security incidents, applied mitigation strategies, and prepared detailed security incident reports. Performed incident analysis, root cause analysis (RCA), and provided actionable remediation recommendations. Ensured timely closure of alerts and incidents while maintaining strict SLA compliance and high-quality response standards. Created and managed tickets in the organization’s ticketing system to track security issues and incidents. Developed and maintained SOPs and playbooks for incident response and SOC operations to ensure consistent and efficient handling of security events. Collaborated with cross-functional teams to develop and implement security measures, policies, and incident response plans.
