About
SOC Analyst with 3.6 years of experience in 24/7 Security Operations Center (SOC) environments. Expertise in Incident Detection, Security Event Analysis, Threat Hunting, Email Security, Malware Investigation, and Vulnerability Management.
Skills & Expertise (9)
Work Experience
Investigation Specialist
AMAZON
12-2023 - 01-2025
Investigated malware, phishing and suspicious IP traffic from SIEM alerts. Performed EDR isolation and malware remediation using Microsoft Defender & CrowdStrike. Analyzed threat intel using VirusTotal, AbuseIPDB, URLScan, MX Toolbox for suspicious domains/URLs. Investigated Azure AD logs (failed authentications, brute force attempts, unauthorized privilege changes).
Investigation Specialist
AMAZON
12-2023 - 01-2025
Investigated malware, phishing and suspicious IP traffic from SIEM alerts. Performed EDR isolation and malware remediation using Microsoft Defender & CrowdStrike. Analyzed threat intel using VirusTotal, AbuseIPDB, URLScan, MX Toolbox for suspicious domains/URLs. Investigated Azure AD logs (failed authentications, brute force attempts, unauthorized privilege changes).
Investigation Specialist
AMAZON
12-2023 - 01-2025
Investigated malware, phishing and suspicious IP traffic from SIEM alerts. Performed EDR isolation and malware remediation using Microsoft Defender & CrowdStrike. Analyzed threat intel using VirusTotal, AbuseIPDB, URLScan, MX Toolbox for suspicious domains/URLs. Investigated Azure AD logs (failed authentications, brute force attempts, unauthorized privilege changes).
Process Executive
INFOSYS
09-2021 - 12-2023
Triaged and investigated 700+ alerts/month including phishing, malware, brute-force and suspicious login attempts. Performed advanced threat hunting using KQL to identify user anomalies and lateral movement. Blocked attackers through ProofPoint by isolating malicious emails and enforcing MFA reset workflows. Reduced noise by 18% through alert tuning, correlation rule modifications and use case refinement. Generated Daily SOC dashboards, Incident RCA reports, MIM updates, weekly & monthly SOC reports.
Process Executive
INFOSYS
09-2021 - 12-2023
Triaged and investigated 700+ alerts/month including phishing, malware, brute-force and suspicious login attempts. Performed advanced threat hunting using KQL to identify user anomalies and lateral movement. Blocked attackers through ProofPoint by isolating malicious emails and enforcing MFA reset workflows. Reduced noise by 18% through alert tuning, correlation rule modifications and use case refinement. Generated Daily SOC dashboards, Incident RCA reports, MIM updates, weekly & monthly SOC reports.
Process Executive
INFOSYS
09-2021 - 12-2023
Triaged and investigated 700+ alerts/month including phishing, malware, brute-force and suspicious login attempts. Performed advanced threat hunting using KQL to identify user anomalies and lateral movement. Blocked attackers through ProofPoint by isolating malicious emails and enforcing MFA reset workflows. Reduced noise by 18% through alert tuning, correlation rule modifications and use case refinement. Generated Daily SOC dashboards, Incident RCA reports, MIM updates, weekly & monthly SOC reports.
Senior Associate
CANTERR IT SERVICES
01-2025 - 04-2025
Conducted security event monitoring and analysis by investigating SIEM alerts related to malware, phishing attempts, and anomalous user behavior. Performed threat hunting using KQL queries to identify lateral movement indicators, compromised accounts, and unusual authentication patterns. Executed endpoint containment and remediation actions using Microsoft Defender and CrowdStrike, including isolation of infected hosts and removal of malicious artifacts. Analyzed suspicious domains, URLs and IPs using tools such as VirusTotal, AbuseIPDB, URLScan, and MX Toolbox to support incident investigations. Reviewed Azure AD activity logs to identify failed login spikes, brute force attempts, and unauthorized privilege escalations. Assisted in triaging email-based threats by isolating malicious messages and coordinating remediation workflows. Contributed to SOC reporting by preparing daily dashboards, incident summaries, and weekly operational updates. Participated in tuning correlation rules and refining alert use cases to minimize false positives and enhance SOC detection capabilities.
Senior Associate
CANTERR IT SERVICES
01-2025 - 04-2025
Conducted security event monitoring and analysis by investigating SIEM alerts related to malware, phishing attempts, and anomalous user behavior. Performed threat hunting using KQL queries to identify lateral movement indicators, compromised accounts, and unusual authentication patterns. Executed endpoint containment and remediation actions using Microsoft Defender and CrowdStrike, including isolation of infected hosts and removal of malicious artifacts. Analyzed suspicious domains, URLs and IPs using tools such as VirusTotal, AbuseIPDB, URLScan, and MX Toolbox to support incident investigations. Reviewed Azure AD activity logs to identify failed login spikes, brute force attempts, and unauthorized privilege escalations. Assisted in triaging email-based threats by isolating malicious messages and coordinating remediation workflows. Contributed to SOC reporting by preparing daily dashboards, incident summaries, and weekly operational updates. Participated in tuning correlation rules and refining alert use cases to minimize false positives and enhance SOC detection capabilities.
Senior Associate
CANTERR IT SERVICES
01-2025 - 04-2025
Conducted security event monitoring and analysis by investigating SIEM alerts related to malware, phishing attempts, and anomalous user behavior. Performed threat hunting using KQL queries to identify lateral movement indicators, compromised accounts, and unusual authentication patterns. Executed endpoint containment and remediation actions using Microsoft Defender and CrowdStrike, including isolation of infected hosts and removal of malicious artifacts. Analyzed suspicious domains, URLs and IPs using tools such as VirusTotal, AbuseIPDB, URLScan, and MX Toolbox to support incident investigations. Reviewed Azure AD activity logs to identify failed login spikes, brute force attempts, and unauthorized privilege escalations. Assisted in triaging email-based threats by isolating malicious messages and coordinating remediation workflows. Contributed to SOC reporting by preparing daily dashboards, incident summaries, and weekly operational updates. Participated in tuning correlation rules and refining alert use cases to minimize false positives and enhance SOC detection capabilities.
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Current Company
Amazon Global Selling
Visa Status
No Visa
Relocation
Open to Relocation
