Aishwarya Naik
Engineer – Captive Operations (SOC Operations)
About
Results-driven SOC Analyst with hands-on experience performing L1 and L2 security operations, including 24x7 monitoring, alert triage, in-depth investigation, and incident response. Proven ability to analyze network, endpoint, and email-based threats, identify true positives, and execute timely containment actions. Experienced in collaborating with cross-functional teams, maintaining detailed incident documentation, and supporting continuous SOC operations in critical environments. Committed to strengthening organizational security posture and staying current with evolving cyber threats. Seeking to contribute across L1–L2 SOC functions within a dynamic cyber security team.
Skills & Expertise (14)
Work Experience
Engineer – Captive Operations (SOC Operations)
Tata Communications Limited
Sep 2025 - Present
Managed and monitored the Security Operations Center (SOC) for a critical government project, ensuring 24x7 threat detection and rapid incident response. Utilized LogRhythm for real-time threat monitoring and ensuring compliance reporting. Handled security incidents through Cortex XSOAR and IBM QRadar SOAR by performing L1/L2 analysis, documenting findings, and attaching forensic artifacts to the ticketing workflow. Maintained security controls including Infoblox for DNS security; proactively blocked malicious domains on Infoblox when government employees received phishing emails from unknown external sources. Managed and operated Imperva WAF & DAM to ensure robust protection for web applications and critical databases. Administered Cisco ESA (IronPort) for enterprise email protection, including anti-spam filtering and phishing detection. Executed critical containment actions when users were compromised by phishing links, including performing internal password resets, disabling accounts to prevent bulk spamming or lateral targeting, and coordinating email purging. Leveraged NetScout and Arista NDR to analyze internal network traffic, specifically investigating IP activity and communication patterns to detect anomalies. Utilized Trellix FireEye for deep-dive investigations into advanced threats and to execute timely containment actions.
Data Analyst
Qualsquad Infotech Pvt Ltd
Oct 2018 - Oct 2019
Maintained a comprehensive understanding of emerging security threats, conducted risk assessments, and regularly reported on the organization’s risk posture. Provided actionable insights and strategic recommendations to strengthen organizational security and mitigate risks effectively. Maintained detailed records of IP addresses, including geographical locations, domain associations, and reputation assessments. Analysed IP data for malicious activity, identifying potential virus infections through domain reputation tools. Prepared in-depth reports based on thorough analysis of security events, including external attacks and suspicious activities, highlighting patterns and providing remediation plans.
Graduate Analyst - Report Production & Delivery
Security HQ Pvt Ltd
Jul 2022 - Aug 2024
Conducted proactive monitoring and efficient triage of security events. Investigated all security alerts, utilizing tools and log files to differentiate whether the event is a false positive or a security incident. Recognized potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event details and summary information. Monitored diverse security events and logs (Proxy, IPS/IDS, Firewall, Email, Anti-Malware, Endpoints, and Web Application Firewall) for situational awareness. Investigated reported suspicious emails, categorized them, and responded to users with findings and recommendations. Collected and analysed threat intelligence feeds, investigating potential Indicators of Compromise (IOCs). Identified, ingested, and managed IOCs in applicable security controls. Reviewed and enhanced detection coverage of IOCs, collaborating with vendors or internal teams. Developed SOC monitoring use cases to proactively detect emerging threats. Updated incident response playbook for effective cyber security readiness. Monitored the health of security sensors and SIEM infrastructure. Delivered concise SOC reports to senior management, outlining the current security status, recent incidents, threat trends, and control effectiveness.
SOC Analyst Intern
CyberSec Expert
Dec 2021 - Jun 2022
Monitored and analysed security events from various sources (SIEM, IDS/IPS, Firewall, EDR, WAF). Investigated security alerts, differentiated false positives from actual incidents, and performed initial triage. Identified and analyzed Indicators of Compromise (IOCs) using threat intelligence feeds. Responded to and categorized suspicious email reports, providing recommendations to users. Developed SIEM rules to enhance detection accuracy and reduce false positives. Assisted in incident response, escalating security incidents as per SOPs. Created and maintained SOC playbooks for efficient incident handling. Monitored the health and performance of security tools and sensors. Prepared SOC reports summarizing security incidents, threat trends, and remediation actions.
Education
Bachelors of Computer Engineering (BE) - Pune University
- · Afghanistan
Diploma in Computer Engineering - MIT, Pune
- · Afghanistan
Secondary School Certification - Laxumanrao Apte Prashala, Pune
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (14)
Click a skill to find developers with the same skill
