About
Results-driven SOC Analyst with 3.5+ years of hands-on experience triaging 40–60 alerts per shift across enterprise environments at Tata Consultancy Services. Proven expertise in SIEM engineering (Splunk, Sentinel, QRadar), EDR/XDR response (CrowdStrike, SentinelOne), and building 15+ custom detection rules mapped to MITRE ATT&CK tactics. Achieved ~15-min MTTD and ~45-min MTTR with 95% SLA compliance and a ~30% false-positive reduction through proactive tuning. Recognized with Star of the Month and client appreciation awards. Actively targeting SOC Analyst L2, Threat Hunter, IR Analyst, and Detection Engineer roles.
Skills & Expertise (42)
Work Experience
SOC Analyst (L1 → L2)
Tata Consultancy Services (TCS)
Mar 2022 - Present
Client-facing SOC role supporting enterprise security operations; promoted to hybrid L2 responsibilities managing end-to-end incident lifecycle within a 10–12 analyst team. Triaged 40–60 security alerts per shift across Splunk, QRadar, and Microsoft Sentinel, maintaining 95% SLA compliance and <15-minute Mean Time to Detect (MTTD). Investigated and responded to phishing, BEC, ransomware, malware, DDoS, brute-force, privilege escalation, insider threats, and suspicious PowerShell/process-spawn events. Operated hybrid escalation model — resolved routine incidents autonomously and escalated complex cases to L3, reducing L3 queue by ~25%. Achieved ~45-minute Mean Time to Respond (MTTR) by executing structured runbooks and cross-tool correlation across CrowdStrike Falcon, SentinelOne, and Microsoft Defender. Authored 15+ custom Splunk detection rules spanning MITRE ATT&CK tactics — Initial Access, Execution, Persistence, Privilege Escalation, Lateral Movement, Exfiltration, and C2. Reduced false-positive alert volume by ~30% through iterative SPL/KQL query tuning, whitelist refinement, and correlation-rule optimisation across Splunk and Sentinel. Built end-to-end Splunk SIEM Detection Engineering & SOC Dashboard project — including data onboarding, field extractions, alert thresholds, and executive-level visualisations. Developed and maintained detection playbooks covering alert descriptions, investigation workflows, triage checklists, and automated response actions via SOAR integration. Enriched IOCs using VirusTotal, AbuseIPDB, and MISP to classify and pivot on malicious IPs, domains, file hashes, and URLs during active investigations. Performed packet-level analysis with Wireshark and Zeek to identify anomalous network behaviour, C2 beaconing, and lateral movement patterns. Leveraged ANY.RUN sandbox for dynamic malware analysis, accelerating triage decisions and improving containment accuracy. Monitored Azure Active Directory alerts for account compromise, MFA bypass attempts, and suspicious OAuth token activity; correlated with Sentinel workspace logs. Analysed AWS CloudTrail logs for unauthorised API calls, IAM privilege escalations, and S3 data exfiltration indicators. Awarded Star of the Month for consistent performance, rapid alert handling speed, and sustained SLA compliance. Received Manager and Client appreciation for accurate threat analysis, documentation quality, and proactive communication during high-severity incidents.
Education
Master of Computer Applications (MCA) - Andhra Loyola College, Krishna University
- · Afghanistan
Certifications
Certified Network Security Practitioner (with Merit)
The SecOps Group · 2025
Certified Cyber Exploitation Professional
Red Team Leaders · 2025
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (42)
Click a skill to find developers with the same skill
