About
SOC Analyst with 2 years of hands-on experience in threat detection, incident response, and cloud security operations. Proficient in tools such as Splunk, CrowdStrike, ServiceNow, AWS CloudTrail, firewall, email gateway, and web proxies for real-time monitoring, log analysis, and triage. Skilled in investigating phishing emails, malware behavior, and suspicious network activity, along with IOC scoping, URL/IP reputation checks, and false positive reduction. Experienced in aligning security operations with the MITRE ATT&CK framework and maintaining compliance with NIST, ISO, HIPAA, PCI-DSS, and GDPR standards. Known for proactive threat hunting, playbook development, and cross-team collaboration to enhance SOC capabilities.
Skills & Expertise (18)
Work Experience
SOC Analyst Intern
CyberSecExperts
Jan 2023 - Jun 2023
Monitored logs from firewalls, antivirus, email, and web security tools to detect suspicious activity. Assisted in investigating phishing emails and identifying IOCs using internal and open-source tools. Analyzed AWS CloudTrail and Linux system logs to uncover anomalies and security incidents. Supported SIEM rule tuning in Splunk to reduce false positives and improve alert accuracy. Collaborated with the team to manage threat intelligence feeds and validate IP/domain reputations. Participated in daily SOC operations, documenting incidents and supporting response efforts.
SOC Analyst
Aarna Technology Pvt. Ltd.
Aug 2023 - Present
Performed daily triage of security alerts across diverse sources including firewalls, IPS, WAF, VPN, web proxies, and phishing emails. Investigated alerts using log data, IOC scoping, and threat intelligence to distinguish false positives from real incidents. Analyzed suspicious URLs and attachments using tools like VirusTotal, urlscan.io, BlueCoat, MXToolbox, and AnyRun sandbox. Conducted domain and IP reputation checks via Whois, AbuseIPDB, Anomali, and internal threat feeds. Investigated endpoint activity in CrowdStrike Falcon to identify malware, C2 traffic, or lateral movement. Collaborated with IT, Network, and Security Engineering teams to block threats and optimize IPS/WAF rules. Fine-tuned Splunk SIEM rules to reduce false positives and improve detection fidelity. Contributed to use case development, updated incident response playbooks, and mapped incidents to MITRE ATT&CK. Documented all investigations in ServiceNow, ensuring SLA compliance and audit readiness.
Education
Bachelor of Engineering (Electronics & Telecommunication) - N.B. Navale Sinhgad College of Engineering
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (18)
Click a skill to find developers with the same skill
