About
Cybersecurity Analyst with nearly 2 years of hands-on SOC experience, specializing in SIEM monitoring, alert triage, and incident escalation with Microsoft Sentinel. Strong hands-on expertise in Microsoft Sentinel SIEM, Microsoft EDR, Cloudflare security controls, malware investigation, and phishing analysis. Adept at SOP-driven operations, threat validation, and cross-team escalation, with a strong analytical mindset and continuous focus on skill development.
Skills & Expertise (8)
Work Experience
SOC Analyst L1
Tata Consultancy Services
02-2024 - Present
Monitored security alerts in a 24/7 SOC environment using Microsoft Sentinel. Performed initial alert triage and validation to identify genuine security threats. Investigated incidents such as phishing emails, brute-force login attempts, malware alerts, and suspicious sign-in activities. Used Microsoft 365 Defender, Defender for Endpoint, and Azure AD Identity Protection for threat investigation and correlation. Analyzed logs using Kusto Query Language (KQL) to understand attack behavior and support investigations. Identified true positives and false positives, helping reduce unnecessary alerts and improve SOC efficiency. Conducted basic malware and URL analysis using sandbox and threat intelligence tools. Escalated confirmed incidents to L2/L3 or Incident Response teams following SOPs and SLAs. Maintained proper incident documentation, shift handover notes, and reports. Contributed to the development of runbooks and weekly/monthly SOC reports. Optimized SIEM alert rules through fine-tuning to improve detection accuracy and reduce false positives. Supported alert automation using Logic Apps, helping streamline response workflows. Worked closely with L2 teams on threat hunting activities, assisting in identifying hidden or emerging threats across the environment.
SOC Analyst L1
Tata Consultancy Services
02-2024 - Present
Monitored security alerts in a 24/7 SOC environment using Microsoft Sentinel. Performed initial alert triage and validation to identify genuine security threats. Investigated incidents such as phishing emails, brute-force login attempts, malware alerts, and suspicious sign-in activities. Used Microsoft 365 Defender, Defender for Endpoint, and Azure AD Identity Protection for threat investigation and correlation. Analyzed logs using Kusto Query Language (KQL) to understand attack behavior and support investigations. Identified true positives and false positives, helping reduce unnecessary alerts and improve SOC efficiency. Conducted basic malware and URL analysis using sandbox and threat intelligence tools. Escalated confirmed incidents to L2/L3 or Incident Response teams following SOPs and SLAs. Maintained proper incident documentation, shift handover notes, and reports. Contributed to the development of runbooks and weekly/monthly SOC reports. Optimized SIEM alert rules through fine-tuning to improve detection accuracy and reduce false positives. Supported alert automation using Logic Apps, helping streamline response workflows. Worked closely with L2 teams on threat hunting activities, assisting in identifying hidden or emerging threats across the environment.
Education
B.Tech in Computer Science and Engineering
2020 - 2023 · India
B.Tech in Computer Science and Engineering
2020 - 2023 · India
Diploma in Computer Engineering
2017 - 2020 · India
Diploma in Computer Engineering
2017 - 2020 · India
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Current Company
Tata Communications Transformation Services Ltd
Visa Status
No Visa
Relocation
Open to Relocation