vishwanath muddu
SOC Analyst | Cyber Security Analyst
About
2.9 years of experience as a SOC Analyst in a 24/7 Security Operations Center environment. Hands-on experience in SIEM monitoring, alert triage, and incident investigation using Microsoft Sentinel, IBM QRadar and Splunk. Skilled in phishing investigation using header analysis, URL reputation checks, and sandbox analysis of malicious attachments. Proficient in monitoring and analysing real-time security alerts, identifying true positives, and reducing false positives. Strong experience in handling EDR alerts, investigating endpoint activities, and responding to potential threats. Experience in malware analysis and identifying Indicators of Compromise (IOCs) and Indicators of Attack (IOAs). Performed incident investigation and response aligned with the MITRE ATT&CK framework for threat detection and mitigation. Investigated security events, documented findings, and escalated incidents as per defined SOPs and SLAs. Strong understanding of attack techniques such as DoS/DDoS, MITM, SQL Injection (SQLi), and Cross-Site Scripting (XSS). Knowledge of OWASP Top 10 vulnerabilities and web application security risks. Hands-on experience with security tools including Firewalls, IDS/IPS, Proxy, Antivirus, and Email Security solutions. Strong understanding of networking concepts: OSI model, TCP/IP, DNS, DHCP, ports, LAN/WAN, and routing basics. Experience in log analysis, correlation of events, and identifying anomalous behaviour across systems and networks. Created and fine-tuned SIEM correlation rules, use cases, and dashboards to improve detection capabilities. Conducted regular health checks, reporting, and ensured continuous monitoring of security infrastructure. Worked closely with internal teams to ensure timely incident resolution and ticket closure within SLA. Provided continuous SOC support and contributed to improving detection and response processes.
Skills & Expertise (31)
Work Experience
Associate SOC Analyst
HTC Global Services Pvt Ltd
Nov 2024 - Present
Monitor and analyse security alerts/events in SIEM tools to detect potential threats and incidents. Perform alert triage by validating, prioritising, and classifying security incidents based on severity and impact. Investigate security incidents by analysing logs from endpoints, network devices, firewalls, and applications. Handle and analyse EDR alerts to identify suspicious endpoint behaviour and respond to potential compromises. Conduct phishing analysis by examining email headers, URLs, and attachments to determine malicious intent. Perform basic malware analysis and identify Indicators of Compromise (IOCs) for threat detection and containment. Correlate events across multiple data sources to identify patterns and detect advanced threats. Execute incident response activities aligned with the MITRE ATT&CK framework. Escalate confirmed incidents to L2/L3 teams with proper documentation and analysis. Create, update, and manage incident tickets ensuring accurate documentation and SLA adherence. Assist in developing and tuning SIEM use cases and correlation rules to reduce false positives. Monitor and maintain security tools such as IDS/IPS, Firewalls, Antivirus, and Email Security systems. Perform regular log reviews and health checks to ensure continuous monitoring and system availability. Collaborate with cross-functional teams for incident resolution and root cause analysis. Support threat hunting activities by identifying anomalies and suspicious patterns in logs. Stay updated on emerging threats, vulnerabilities, and attack techniques.
SOC Analyst (L1)
Concentric Dash Pvt Ltd
Jun 2023 - Oct 2024
Monitor and analyse security alerts/events in SIEM tools to detect potential threats and incidents. Perform alert triage by validating, prioritising, and classifying security incidents based on severity and impact. Investigate security incidents by analysing logs from endpoints, network devices, firewalls, and applications. Handle and analyse EDR alerts to identify suspicious endpoint behaviour and respond to potential compromises. Conduct phishing analysis by examining email headers, URLs, and attachments to determine malicious intent. Perform basic malware analysis and identify Indicators of Compromise (IOCs) for threat detection and containment. Correlate events across multiple data sources to identify patterns and detect advanced threats. Execute incident response activities aligned with the MITRE ATT&CK framework. Escalate confirmed incidents to L2/L3 teams with proper documentation and analysis. Create, update, and manage incident tickets ensuring accurate documentation and SLA adherence. Assist in developing and tuning SIEM use cases and correlation rules to reduce false positives. Monitor and maintain security tools such as IDS/IPS, Firewalls, Antivirus, and Email Security systems. Perform regular log reviews and health checks to ensure continuous monitoring and system availability. Collaborate with cross-functional teams for incident resolution and root cause analysis. Support threat hunting activities by identifying anomalies and suspicious patterns in logs. Stay updated on emerging threats, vulnerabilities, and attack techniques.
Education
No education history added yet
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Open to Relocation
Skills (31)
Click a skill to find developers with the same skill
