About
Cyber Security professional with 5 years of experience in SOC operations, system troubleshooting, incident response, and threat mitigation. Skilled in real-time monitoring, SIEM (Splunk, QRadar, Microsoft Sentinel), endpoint security (CrowdStrike Falcon, SentinelOne), SOAR (Splunk SOAR, Cortex XSOAR), malware analysis, cloud security monitoring (AWS, Azure), and phishing mitigation. Experienced in 24×7 SOC operations, analyzing alerts, investigating threats, performing root cause analysis, and collaborating with IT and compliance teams. Adept at optimizing SOC processes, reducing false positives, mentoring junior analysts, and maintaining strong organizational security posture.
Skills & Expertise (39)
Work Experience
System Engineer
Divis Laboratories Pvt Ltd
Oct 2020 - Jan 2022
Provided system troubleshooting and administration for Windows and Linux servers. Managed user accounts, permissions, and Active Directory administration. Installed and maintained software, patches, and updates across enterprise systems. Monitored system performance, event logs, and endpoint health to ensure operational stability. Supported endpoint security measures, including antivirus deployment and updates. Generated reports on system performance, incidents, and resolutions. Assisted in basic security incident response and vulnerability remediation. Provided end-user support for hardware and software issues.
Security Analyst
Tata Consultancy Services (TCS)
Mar 2022 - Jan 2026
Monitor enterprise security alerts in 24×7 SOC environment using SIEM tools: Splunk, QRadar, Microsoft Azure Sentinel. Investigate endpoint threats using EDR/XDR solutions: CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint. Conduct incident response, including triage, containment, eradication, post-incident reporting, and root cause analysis. Perform proactive threat hunting leveraging MITRE ATT&CK framework and threat intelligence feeds. Detect, analyze, and mitigate phishing attacks, malicious emails, and suspicious links. Analyze endpoint and application logs, firewall alerts, and threat intelligence feeds for anomalies. Utilize SOAR tools (Splunk SOAR, Cortex XSOAR) to automate incident workflows and improve SOC efficiency. Conduct malware analysis using VirusTotal, Hybrid Analysis, Any.Run Sandbox. Monitor cloud security environments (AWS GuardDuty, CloudTrail, Azure Security Center, Defender for Cloud). Collaborate with IT, risk, and compliance teams to remediate vulnerabilities and misconfigurations. Generate SOC dashboards, KPIs, metrics, and reports for management and compliance. Tune SIEM correlation rules to reduce false positives and improve detection accuracy. Participate in threat intelligence sharing, vulnerability assessments, and internal audits. Investigate advanced persistent threats (APTs), ransomware, and zero-day exploits. Conduct root cause analysis and post-incident reviews, implementing preventive measures. Assist in phishing simulations and awareness campaigns to educate employees. Support cloud and endpoint security monitoring, ensuring compliance with organizational policies. Identify gaps and recommend SOC process improvements, enhancing detection and response efficiency. Mentor junior analysts on alert investigation, incident handling, and SOC best practices. Monitored alerts and created/managed tickets in ServiceNow based on severity, ensuring timely escalation and closure.
Education
B.Tech (Mech) - Srinivasa Institute of Engineering and Technology (JNTUK)
- 2020 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Depends on Offer