About
SOC Analyst with 1+ year of hands-on experience in 24x7 Security Operations Centre environments. Skilled in security monitoring, log analysis, threat detection, and incident response across endpoint, network, and cloud environments. Proficient in SIEM tools like Splunk, with strong knowledge of MITRE ATT&CK framework, cyber kill chain, and real-world attack patterns. Adept at analyzing alerts, investigating incidents, and escalating threats with actionable insights.
Skills & Expertise (27)
Work Experience
SOC Analyst L1
NTT DATA
Sep 2024 - Present
Monitored and analyzed security alerts using SIEM (Splunk) in a 24x7 SOC environment. Performed log analysis across Windows, Linux, firewall, proxy, DNS, and VPN logs to identify anomalies. Conducted alert triage and prioritized incidents based on severity and business impact. Investigated security incidents including brute force attacks, phishing emails, malware infections, and suspicious network activity. Correlated events with MITRE ATT&CK techniques to identify attacker behaviour and tactics. Utilized EDR tools (Cortex XDR, Microsoft Defender) for endpoint investigation and containment. Enriched alerts using threat intelligence platforms (VirusTotal, AbuselPDB). Analyzed phishing emails using header analysis, URL inspection, and attachment validation. Escalated confirmed incidents to L2/L3 teams with detailed findings and supporting evidence. Documented incidents, created reports, and maintained SOPs and runbooks. Assisted in SIEM use-case creation, alert tuning, and false positive reduction. Monitored network traffic using Wireshark and identified suspicious patterns. Performed basic threat hunting based on IOC and anomaly detection.
Education
Bachelor’s of Engineering - Theem College of Engineering (Mumbai University)
2020 - 2023 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (27)
Click a skill to find developers with the same skill
