Nikitha Bandi
Cyber Security Analyst
About
Cyber Security Associate with 2.5 years of experience in Security Operations Center (SOC) environments, specializing in alert monitoring, incident triage, threat detection, and incident response across enterprise environments. Proficient in industry-leading SIEM platforms including Microsoft Sentinel, Securonix, and LogRhythm, with hands-on experience in EDR/XDR tools such as Microsoft Defender XDR, CrowdStrike Falcon, and Carbon Black for endpoint threat detection and response. Experienced in investigating phishing campaigns, malware detections, identity compromise events, impossible travel alerts, and endpoint threats, performing log analysis and correlating events across multiple security technologies. Skilled in identity security using Microsoft Entra ID (Azure AD), alert validation, escalation workflows, false positive reduction, and maintaining SLA compliance in a 24x7 SOC environment.
Skills & Expertise (28)
Work Experience
Cyber Security Associate
Unisys
Aug 2024 - Present
Monitor and investigate security alerts across enterprise environments using Microsoft Sentinel, Securonix, LogRhythm, and Defender XDR, ensuring timely detection of potential threats and anomalous behavior. Analyze and respond to phishing campaigns, malware detections, suspicious sign-ins, impossible travel events, and endpoint threats, performing preliminary triage and impact assessment. Validate and enrich alerts using SOAR platform data, verify facts, and determine true positive vs false positive classification prior to escalation. Escalate confirmed incidents to L2/L3 teams following the defined escalation workflow, and send email notifications for Medium and lower priority alerts to clients for confirmation on potentially benign alerts. Perform log analysis and cross-technology event correlation across SIEM, EDR, and identity platforms to identify patterns and signs of compromise. Document findings including root cause analysis, remediation recommendations, and incident reports; update SHO Sheet and report to Shift Lead at end of each shift. Support detection tuning and use-case improvement initiatives, identifying daily repeat false positive alerts and contributing to continuous SOC process improvement. Leverage Microsoft Defender for Endpoint, Defender for Office 365, and Entra ID Protection to improve overall threat detection and response capabilities. Maintain SLA compliance while handling security investigations in a 24x7 SOC environment, with proactive monitoring of tool outages and reporting of any downtime to the Shift Lead.
Cyber Security Intern
Unisys
Feb 2024 - Jul 2024
Assisted senior analysts in monitoring security alerts and incident investigations across Microsoft Sentinel, Securonix, LogRhythm, and Defender XDR platforms. Performed phishing analysis, malware alert validation, and log reviews, contributing to accurate triage and incident documentation. Supported SOC operations by assisting with evidence collection, incident documentation, and escalation procedures under senior analyst guidance. Gained hands-on experience with security monitoring platforms and SOC workflows, playbooks, and escalation procedures in a live enterprise environment.
Education
B.Tech – Computer Science & Engineering (Cyber Security) - KL University
2020 - 2024 · Afghanistan
Intermediate (MPC) - Narayana Junior College
2018 - 2020 · Afghanistan
SSC - Sri Akshara Techno School
2017 - 2018 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Relocation
Open to Relocation
Skills (28)
Click a skill to find developers with the same skill
