About
Security Operations Center (SOC) Analyst with 2.5 years of experience in 24x7 security monitoring, threat detection, and incident response. Skilled in SIEM platforms including Splunk and IBM QRadar, with strong expertise in log analysis, alert triage, and security event investigation. Hands-on experience in phishing analysis, endpoint security, and network security monitoring. Familiar with MITRE ATT&CK and NIST Cybersecurity Framework, focused on reducing organizational risk and improving security posture. Familiar with GRC practices including ISO/IEC 27001 control alignment, audit support, and compliance evidence management.
Skills & Expertise (29)
Work Experience
Security Analyst L1
TCS
Oct 2023 - Present
Monitored and analyzed real-time security alerts in a 24x7 SOC environment using Splunk, IBM QRadar, Microsoft Defender, and CrowdStrike Falcon. Performed log analysis across firewalls, IDS/IPS, web proxies, and endpoint security tools (Defender & CrowdStrike) to identify suspicious and malicious activities. Investigated security incidents, conducted root cause analysis, and escalated critical threats within defined SLA timelines. Executed alert triage and incident validation to reduce false positives and improve detection efficiency. Analyzed endpoint detection and response (EDR) alerts from Microsoft Defender for Endpoint and CrowdStrike Falcon for malware, lateral movement, and persistence mechanisms. Performed phishing email investigations including header analysis, malicious attachment detonation, and URL analysis using email security tools and Defender. Implemented containment and remediation actions such as blocking malicious IPs, domains, hashes, and URLs on firewalls, proxies, EDR, and email gateways. Created, updated, and managed incident tickets using ticketing and case management platforms (e.g., ServiceNow). Collaborated with cross-functional technical teams and business stakeholders for incident resolution and security improvements. Utilized antivirus/anti-malware, vulnerability management, and infrastructure security tools across Windows/Linux environments, Active Directory, and network security controls. Supported GRC activities by aligning security operations with ISO/IEC 27001 controls, including evidence collection for audits, policy review, and control compliance validation. Performed vulnerability assessment using Qualys, analyzed scan results, prioritized findings based on severity, and coordinated with asset owners for remediation tracking.
Education
Bachelor of Computer Engineering - Arvind Gavali College of Engineering, Satara
- · Afghanistan
Diploma in Computer Engineering - Institute of Civil and Rural Engineering, Gargoti
- · Afghanistan