About
Cybersecurity professional with 2.6+ years of experience in Security Operations Center (SOC) environments, specializing in threat detection, incident investigation, and SIEM monitoring. Experienced in monitoring and analyzing security alerts using Microsoft Sentinel, investigating endpoint threats using Microsoft Defender for Endpoint, and monitoring web security using Zscaler. Skilled in threat hunting using KQL queries, phishing investigation, malware remediation, and Data Loss Prevention monitoring using Microsoft Purview. Experienced in incident analysis aligned with the MITRE ATT&CK framework.
Skills & Expertise (17)
Work Experience
Security Analyst — Cloud Security Operations
Accenture
Oct 2023 - Present
Monitor and investigate 20+ security alerts daily using Microsoft Sentinel SIEM across cloud, endpoint, and identity environments. Perform alert triage and investigation using KQL queries in Microsoft Sentinel to analyze authentication logs, endpoint telemetry, and security events. Conduct threat hunting using KQL queries in Microsoft Sentinel to analyze authentication logs and identify potential indicators of compromise (IOCs). Investigate suspicious authentication activity using Azure AD / Entra ID logs to identify potential identity compromise. Use KQL queries to search and analyze security logs in Microsoft Sentinel during incident investigations and threat hunting activities. Monitor Data Loss Prevention (DLP) alerts and investigate potential sensitive data exposure events across enterprise environments. Configure DLP policies and sensitivity labels based on data classification requirements to protect sensitive information. Performed malware remediation and endpoint investigation, analyzing investigation packages and coordinating with users to remove malicious files. Monitored endpoint compliance using Microsoft Intune. Conduct email security investigations to identify phishing attempts and suspicious email activity. Perform detection rule fine-tuning in Microsoft Sentinel to reduce false positives and improve alert quality. Assist with basic automation and scripting tasks to improve investigation workflows and log analysis efficiency. Participate in Major Incident Management (MIM) bridge calls during high-priority security incidents. Respond to a large email security incident caused by incorrect URL categorization following a Microsoft policy update and restore 9000+ legitimate emails from quarantine. Conduct threat hunting activities using KQL queries in Microsoft Sentinel to review authentication logs, endpoint telemetry, and indicators of compromise (IOCs) related to ransomware campaigns such as Anubis ransomware and phishing techniques including adversary-in-the-middle (AITM) attacks. Troubleshoot proxy security issues in Zscaler Secure Web Gateway including SSL inspection bypass configuration, tunnel troubleshooting, and PAC file updates. Create and manage security incidents and change requests in ServiceNow according to SOC operational procedures. Document investigation findings and escalate complex incidents to Level-2 SOC analysts when required.
Education
Master of Computer Applications (MCA) - Chadalwada Ramanamma Engineering College
2020 - 2022 · India
